diff options
-rw-r--r-- | doc/SSO_login_form_sequence.diag | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/doc/SSO_login_form_sequence.diag b/doc/SSO_login_form_sequence.diag new file mode 100644 index 0000000..1deb9ed --- /dev/null +++ b/doc/SSO_login_form_sequence.diag @@ -0,0 +1,29 @@ +seqdiag { +edge_length = 300; // default value is 192 +span_height = 30; // default value is 40 +default_fontsize = 10; // default value is 11 + +Browser -> SP [label="GET $SP/protected"] +Browser <-- SP [label="GET $SP/saml2/login\n?IdP=$IDP/idp/saml2/metadata\n?ReturnTo=$SP/protected"] +Browser -> SP [label="GET $SP/saml2/login\n?IdP=$IDP/idp/saml2/metadata\n?ReturnTo=$SP/protected"] +Browser <-- SP [label="GET $IDP/idp/saml2/SSO/Redirect\n?RelayState=relay_state\n?SAMLRequest=AuthnRequest\n?SigAlg=rsa-sha1\n?Signature=abc123\nset cookie: mellon-saml-sesion-cookie=cookietest"] +Browser -> IdP [label="GET $IDP/idp/saml2/SSO/Redirect\n\n?RelayState=relay_state\n?SAMLRequest=AuthnRequest\n?SigAlg=rsa-sha1\n?Signature=abc123" + note="providers/saml2ipd.py\nRedirect.GET()"] +Browser <-- IdP [label="GET $IDP/idp/login\n?ipsilon_transaction_id=trans_id\nset cookie: xxx=saml\nset cookie: idp_ipsilon_session_id=session_id"] +Browser -> IdP [label="GET $IDP/idp/login\n?ipsilon_transaction_id=trans_id\ncookie: xxx=saml\ncookie: idp_ipsilon_session_id=session_id" + note="login/common.py\nLogin.root()"] +Browser <-- IdP [label="GET $IDP/idp/login/form\n?ipsilon_transaction_id=trans_id\nset cookie: idp_ipsilon_session_id=session_id"] +Browser -> IdP [label="GET $IDP/idp/login/form\n?ipsilon_transaction_id=trans_id\ncookie: xxx=saml\ncookie: idp_ipsilon_session_id=session_id" + note="login/common.py\nLoginFormBase.GET()"] +Browser <- IdP [label="login form\nset cookie: idp_ipsilon_session_id=session_id"] +Browser -> IdP [label="POST /idp/login/form\ncookie: xxx=saml\ncookie: idp_ipsilon_session_id=session_id\nform: ipsilon_transaction_id=trans_id\nform: login_name=user\nform: login_password=password" + note="login/authxxx.py\nXXX.POST()"] +Browser <-- IdP [label="GET $IDP/idp/saml2/SSO/Continue\n?ipsilon_transaction_id=trans_id\nset cookie: idp_ipsilon_session_id=session_id\nset cookie: ipsilon_default_username=user"] +Browser -> IdP [label="GET $IDP/idp/saml2/SSO/Continue\n?ipsilon_transaction_id=trans_id\ncookie: xxx=saml\ncookie: idp_ipsilon_session_id=session_id\ncookie: ipsilon_default_username=user" + note="provider/saml2idp.py\nContinue.GET()"] +Browser <- IdP [label="200 OK, auto-submit form\nset cookie: xxx=saml\nset cookie: idp_ipsilon_session_id=session_id"] +Browser -> SP [label="POST $SP/saml2/postResponse\nform: RelayState=sss\nSAMLResponse=assertion\ncookie: mellon-saml-sesion-cookie=xyz123"] +Browser <-- SP [label="$SP/GET /protected"] +Browser -> SP [label="$SP/GET /protected\ncookie: mellon-saml-sesion-cookie=xyz123"] +Browser <- SP [label="protected"] +} |