add(dot-auth): design-doc first draft

garajonai · Nov 17, 2023 · 4c1a453 · 4c1a453
1 parent 5b78c05
commit 4c1a453
Showing 1 changed file with 74 additions and 0 deletions.
diff --git a/proto/dot-auth/api/v1/design-doc.md b/proto/dot-auth/api/v1/design-doc.md
@@ -0,0 +1,74 @@
+## Server side, cross-platform key
+### Register
+
+```plantuml
+@startuml registration-details
+skinparam dpi 160
+skinparam monochome false
+skinparam BoxPadding 10
+
+actor User as U
+
+box Client #f6f6f6
+participant "frontend" as F
+participant "dot-auth-screen\n(login.TBD.com)" as DAS
+end box
+
+box Server #f6f6f6
+participant "dot-auth\n(TBD)" as DA
+database "repository" as R
+end box
+
+autonumber
+
+note over U
+User is unauthenticated
+end note
+
+
+U -> F: action triggered
+
+
+activate F
+F -> DA: GET /authorize \nwith prompt=create, namespace=<appname>
+deactivate F
+
+
+activate DA
+DA -> DA: construct cookie
+DA -> DAS: 302 /signup
+deactivate DA
+
+
+activate DAS
+U <-> DAS: fill registration details \nwith email, username
+DAS -> DA: POST /registation/webauthn/start \nwith email, username
+
+activate DA
+DA -> R: Register user info
+activate R
+R -> DA: 201
+deactivate R
+DA -> DA: create challengeSession
+DA -> DAS: challenge ID \nwith PublicKey
+deactivate DA
+
+DAS -> DAS: credential creation
+DAS <-> U: verification
+DAS -> DAS: attestation
+
+DAS -> DA: POST /registration/webauthn/finish \nwith authenticatiorAttestation, user
+activate DA
+DA -> DA: get challengeSession
+DA -> R: Update user info \nwith credentail
+activate R
+R -> DA: 200/204
+deactivate R
+DA -> DA: update challengeSession
+deactivate DAS
+DA -> F: OP Session \nwith PoA
+deactivate DA
+```
+
+### Login
+