kych

OAuth 2.0 API for Swiyu to enable Taler integration of Swiyu for KYC (experimental)
Log | Files | Refs | README

notification_sequence.txt (2779B)

      1 sequenceDiagram
      2     participant Swiyu Verifier
      3     participant KyCH OAuth2 Gateway
      4     participant KyCH OAuth2 Gateway DB
      5 
      6     note over Swiyu Verifier,KyCH OAuth2 Gateway DB: Incoming Webhook from Swiyu
      7 
      8     Swiyu Verifier ->> KyCH OAuth2 Gateway: POST /notification \n{verification_id, timestamp}
      9 
     10     KyCH OAuth2 Gateway ->> KyCH OAuth2 Gateway DB: UPDATE verification_sessions s \nSET status = s.status \nFROM clients c \nWHERE s.client_id = c.id \nAND s.request_id = $1 \nRETURNING s.id, s.nonce, s.status, \nc.id AS client_id, c.webhook_url, \nc.verifier_url, c.verifier_management_api_path
     11 
     12     alt DB error or session invalid
     13         KyCH OAuth2 Gateway DB -->> KyCH OAuth2 Gateway: Error / 0 rows
     14         KyCH OAuth2 Gateway ->> KyCH OAuth2 Gateway: Log error\n- DB connection failed\n- Session not found\n- Session not authorized\n- Session already processed
     15         KyCH OAuth2 Gateway -->> Swiyu Verifier: 200 OK
     16     else Session found
     17         KyCH OAuth2 Gateway DB -->> KyCH OAuth2 Gateway: session + client data
     18 
     19         KyCH OAuth2 Gateway ->> KyCH OAuth2 Gateway: Validate session (status == 'authorized')
     20 
     21         alt Session invalid
     22             KyCH OAuth2 Gateway ->> KyCH OAuth2 Gateway: Log error\n- Session not authorized\n- Session already processed
     23             KyCH OAuth2 Gateway -->> Swiyu Verifier: 200 OK
     24         else Session valid
     25             KyCH OAuth2 Gateway ->> Swiyu Verifier: GET verifier_url + verifier_management_api_path + /verification_id
     26             Swiyu Verifier -->> KyCH OAuth2 Gateway: {state: 'Success'/'Failed'/'Pending', wallet_response}
     27 
     28             alt Verification pending
     29                 KyCH OAuth2 Gateway ->> KyCH OAuth2 Gateway: Log info, ignore webhook
     30                 KyCH OAuth2 Gateway -->> Swiyu Verifier: 200 OK
     31             else Verification success or failed
     32                 KyCH OAuth2 Gateway ->> KyCH OAuth2 Gateway: generate_authorization_code()
     33 
     34                 KyCH OAuth2 Gateway ->> KyCH OAuth2 Gateway DB: WITH updated_session AS (\n  UPDATE verification_sessions \n  SET status = $1, verified_at = NOW(),\n      verifiable_credential = $5 \n  WHERE id = $2 RETURNING id\n)\nINSERT INTO authorization_codes \n(session_id, code, expires_at) \nVALUES ($2, $3, NOW() + INTERVAL '10 minutes') \nRETURNING code
     35 
     36                 alt Operation failed
     37                     KyCH OAuth2 Gateway ->> KyCH OAuth2 Gateway: Log error\n- Verifier fetch failed\n- DB update failed\n- Code generation failed
     38                 else Success
     39                     KyCH OAuth2 Gateway DB -->> KyCH OAuth2 Gateway: authorization_code
     40                     KyCH OAuth2 Gateway ->> KyCH OAuth2 Gateway: Log success
     41                 end
     42                 KyCH OAuth2 Gateway -->> Swiyu Verifier: 200 OK
     43             end
     44         end
     45     end
     46