Update TI-Messenger_OIDC_login.puml

gematik · Nov 22, 2023 · fe1454a · fe1454a
1 parent 7b3b934
commit fe1454a
Showing 1 changed file with 6 additions and 10 deletions.
diff --git a/src/plantuml/TI-Messenger-Dienst/Ressourcen/TI-Messenger_OIDC_login.puml b/src/plantuml/TI-Messenger-Dienst/Ressourcen/TI-Messenger_OIDC_login.puml
@@ -89,26 +89,22 @@ activate app
        ""response_type=code&client_id=270006787810904&state=ub8idYKc01s8LluOssFIuN3QQzZEoB&""\n\
        ""redirect_uri=https%3A%2F%2Fmatrix-client.homeserver-tim.de%2F_synapse%2Fclient%2Foidc%2Fcallback""\n\
        ""&code_challenge=...&code_challenge_method=S256&scope=openid%20email&""
+      activate idp
       idp --> pr: 200 OK\n\
        ""Content-Type: application/json""\n\
+       ""set-cookie:	_sektoraler_idp_session=...; path=/; secure; HttpOnly; SameSite=Lax; max-age=86400""\n\
        ""{"request_uri":"urn:example:bwc4JK-ESC0w8acc191e-Y1LTC2","expires_in": 90}""
       |||
       pr --> app: 302 Redirect ""location:	https://sektoraler-idp.de/dialog/oauth?client_id=270006787810904&""\n\
+       ""set-cookie:	_sektoraler_idp_session=...; path=/; secure; HttpOnly; SameSite=Lax; max-age=86400""\n\
        ""request_uri=urn%3Aexample%3Abwc4JK-ESC0w8acc191e-Y1LTC2""
       |||
     end 'group
     |||
     group #LightBlue <size:16>IDP authentication</size>
-      app -> idp: [wird geändert in PAR] GET	https://sektoraler-idp.de/login/oauth/authorize?client_id=f318c77b32dea5117eb3&\n\
-     request_uri=urn%3Aexample%3Abwc4JK-ESC0w8acc191e-Y1LTC2
-      activate idp
-      idp --> app: 302 Redirect ""location: https://sektoraler-idp.de/login?client_id=f318c77b32dea5117eb3&return_to=%2Flogin%2Foauth%2Fauthorize%3F""\n\
-	    ""client_id%3Df318c77b32dea5117eb3%26nonce%3DtTheFW69KwzKxYrCnoBPoxrevBuMjb%26redirect_uri%3Dhttps%253A%252F%252Fmatrix-client.homeserver-tim.de%252F""\n\
-	    ""_synapse%252Fclient%252Foidc%252Fcallback%26response_type%3Dcode%26scope%3Dread%253Auser%26state%3D2Mp3IrxFVlRIRzZrwZjOTyQ60OSF31""\n\
-      ""set-cookie:	_gh_sess=...; path=/; secure; HttpOnly; SameSite=Lax""
+      app -> idp: GET	https://sektoraler-idp.de/login/oauth/authorize?request_uri=urn%3Aexample%3Abwc4JK-ESC0w8acc191e-Y1LTC2\n\
+      ""Cookie: _sektoraler_idp_session=...""
       |||
-      app -> idp: GET https://sektoraler-idp.de/login/oauth/authorize\n\
-      ""Cookie: _gh_sess=...; dotcom_user=username""
       group #DarkGray <size:16>Black box with example</size>
         idp --> app: Challenge
         activate au
@@ -117,7 +113,7 @@ activate app
         app --> idp: Response
       deactivate au
       |||
-      end ' group
+      end 'group
       |||
       idp --> app: 200 OK HTML ""... <meta http-equiv="refresh" content="0;url=https://matrix-client.homeserver-tim.de/_synapse/client/oidc/callback?code=ac45be5243787b8845f6&amp;""\n\
       ""state=2Mp3IrxFVlRIRzZrwZjOTyQ60OSF31\" data-url=\"https://matrix-client.homeserver-tim.de/_synapse/client/oidc/callback?code=ac45be5243787b8845f6&amp;""\n\