Repository: incubator-milagro-mfa-sdk-core Updated Branches: refs/heads/master 16308c749 -> 3b39c9ef6
Add MFA Platform login flow. Project: http://git-wip-us.apache.org/repos/asf/incubator-milagro-mfa-sdk-core/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-milagro-mfa-sdk-core/commit/3b39c9ef Tree: http://git-wip-us.apache.org/repos/asf/incubator-milagro-mfa-sdk-core/tree/3b39c9ef Diff: http://git-wip-us.apache.org/repos/asf/incubator-milagro-mfa-sdk-core/diff/3b39c9ef Branch: refs/heads/master Commit: 3b39c9ef6300b281aa446ac8f69d0046d3091416 Parents: 16308c7 Author: Simeon Aladjem <[email protected]> Authored: Fri Nov 18 14:14:52 2016 +0200 Committer: Simeon Aladjem <[email protected]> Committed: Fri Nov 18 14:14:52 2016 +0200 ---------------------------------------------------------------------- MFA Platform Login.png | Bin 0 -> 293351 bytes MFA Platform Login.txt | 61 ++++++++++++++++++++++++++++++++++++++++++++ README.md | 2 +- 3 files changed, 62 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-milagro-mfa-sdk-core/blob/3b39c9ef/MFA Platform Login.png ---------------------------------------------------------------------- diff --git a/MFA Platform Login.png b/MFA Platform Login.png new file mode 100644 index 0000000..968f65f Binary files /dev/null and b/MFA Platform Login.png differ http://git-wip-us.apache.org/repos/asf/incubator-milagro-mfa-sdk-core/blob/3b39c9ef/MFA Platform Login.txt ---------------------------------------------------------------------- diff --git a/MFA Platform Login.txt b/MFA Platform Login.txt new file mode 100644 index 0000000..9fc6061 --- /dev/null +++ b/MFA Platform Login.txt @@ -0,0 +1,61 @@ +title MFA Platform Login + +participant Authenticator App as app +participant Mobile SDK as sdk +participant Login Page\n(Browser) as codepad +participant Landing Page as landing +participant MFA Platform as mfa + +note over codepad + User chooses to login + and the Login Page + displays a QR Code +end note + +app<-->codepad: Scan QR Code of the form <landing-url>#<access-code> +app->landing: GET <landing-url>/service +landing-->app: OK, data: {"name": <service-name>, "url": <backend-url>, ...} +app->sdk: SetBackend(<backend-url>) +sdk->mfa: GET clientSetting +mfa-->sdk: OK, data: <client-settings> +sdk-->app: OK +app->sdk: GetSessionDetails(<access-code>) +sdk->mfa: POST /codeStatus, data: {"status": "wid", "wid": <access-code>} +mfa-->sdk: OK, data: {"prerollId": <preroll-id>, "appName": <app-name>, "appLogoURL": <app-icon>} +sdk-->app: OK, {<preroll-id>, <app-name>, <app-icon>} +app->sdk: ListUsers(<users-list>) +sdk-->app: OK, populated <users-list> +alt <preroll-id> is not empty + alt <preroll-id> is not in <users-list> + app->app: Start registration of <preroll-id> + end alt + app->app: Select <preroll-id> + note right of app + NOTE: The registration flow is listed separately + end note +else + alt End user chooses to register a new identity + app->app: Start registration of new identity + app->app: Select newly registered identity + else End user selects an identity from the list + app->app: Select existing identity + end alt +end alt +app->sdk: StartAuthentication(<identity>, <access-code>) +sdk->mfa: POST /codeStatus, data: {"status": "user", "wid": <access-code>, "userId": <identity>} +mfa-->sdk: OK +sdk<-->mfa: Fetch Time Permits, if required +sdk-->app: OK +app->app: Read <PIN> from end user +app->sdk: FinishAuthenticationAN(<identity>, <PIN>, <access-code>) +sdk<-->mfa: Authenticate <identity>, using <PIN> +sdk-->app: <Status> +alt <Status> == OK + app->app: Display "Successfull Login" message +else <Status> == INCORRECT_PIN + alt User State == BLOCKED + app->app: Display "User blocked" message + else + app->app: Display "Wrong PIN" message + end alt +end alt \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-milagro-mfa-sdk-core/blob/3b39c9ef/README.md ---------------------------------------------------------------------- diff --git a/README.md b/README.md index fb1bbc0..6246881 100644 --- a/README.md +++ b/README.md @@ -501,4 +501,4 @@ Client settings that might interest the applications are:  ##### Authentication to a Web App -_Coming soon..._ \ No newline at end of file + \ No newline at end of file
