kych

OAuth 2.0 API for Swiyu to enable Taler integration of Swiyu for KYC (experimental)
Log | Files | Refs

notification_sequence.txt (2543B)

      1 sequenceDiagram
      2     participant Swiyu Verifier
      3     participant OAuth2 Gateway
      4     participant OAuth2 Gateway DB
      5     
      6     note over Swiyu Verifier,OAuth2 Gateway DB: Incoming Webhook from Swiyu
      7     
      8     Swiyu Verifier ->> OAuth2 Gateway: POST /notification \n{verification_id, timestamp}
      9     
     10     OAuth2 Gateway ->> OAuth2 Gateway DB: UPDATE verification_sessions s \nSET status = s.status \nFROM clients c \nWHERE s.client_id = c.id \nAND s.request_id = $1 \nRETURNING s.id, s.nonce, s.status, \nc.id AS client_id, c.webhook_url, \nc.verifier_url, c.verifier_management_api_path
     11     
     12     alt DB error or session invalid
     13         OAuth2 Gateway DB -->> OAuth2 Gateway: Error / 0 rows
     14         OAuth2 Gateway ->> OAuth2 Gateway: Log error\n- DB connection failed\n- Session not found\n- Session not authorized\n- Session already processed
     15         OAuth2 Gateway -->> Swiyu Verifier: 200 OK
     16     else Session found
     17         OAuth2 Gateway DB -->> OAuth2 Gateway: session + client data
     18         
     19         OAuth2 Gateway ->> OAuth2 Gateway: Validate session (status == 'authorized')
     20         
     21         alt Session invalid
     22             OAuth2 Gateway ->> OAuth2 Gateway: Log error\n- Session not authorized\n- Session already processed
     23             OAuth2 Gateway -->> Swiyu Verifier: 200 OK
     24         else Session valid
     25             OAuth2 Gateway ->> Swiyu Verifier: GET verifier_url + verifier_management_api_path + /verification_id
     26             Swiyu Verifier -->> OAuth2 Gateway: {status: 'verified'/'failed', ...}
     27             
     28             OAuth2 Gateway ->> OAuth2 Gateway: generate_authorization_code()
     29             
     30             OAuth2 Gateway ->> OAuth2 Gateway DB: WITH updated AS (\n  UPDATE verification_sessions \n  SET status = $1, verified_at = NOW() \n  WHERE id = $2 RETURNING id\n),\ninserted_code AS (\n  INSERT INTO authorization_codes \n  (session_id, code, expires_at) \n  VALUES ($2, $3, NOW() + INTERVAL '10 minutes') \n  RETURNING code\n)\nINSERT INTO notification_pending_webhooks \n(session_id, client_id, url, body, next_attempt) \nSELECT $2, $4, $5, $6, 0
     31             
     32             alt Operation failed
     33                 OAuth2 Gateway ->> OAuth2 Gateway: Log error\n- Verifier fetch failed\n- DB update failed\n- Code generation failed\n- Queue insert failed
     34             else Success
     35                 OAuth2 Gateway DB ->> OAuth2 Gateway DB: TRIGGER\nNotifies Worker Thread\nfor Client Webhooks
     36                 OAuth2 Gateway DB -->> OAuth2 Gateway: OK
     37             end
     38         end
     39         OAuth2 Gateway -->> Swiyu Verifier: 200 OK
     40     end