19 lines
1.5 KiB
Plaintext
19 lines
1.5 KiB
Plaintext
@startuml
|
|
|
|
"User(ressource owner)"->"RequestingApp(client)": Select mail provider
|
|
"RequestingApp(client)"->"User(ressource owner)": Redirect to mail provider with clientid,redirect_uri,response_type,scope<font color=red>+"openid"
|
|
"User(ressource owner)"->"MailProvider(authorization provider)": clientid,redirect_uri,response_type,scope
|
|
"MailProvider(authorization provider)"->"MailProvider(authorization provider)": Active session ?
|
|
"MailProvider(authorization provider)"-->"User(ressource owner)" : Login if no active session
|
|
"User(ressource owner)"-->"MailProvider(authorization provider)" : Logs in
|
|
"MailProvider(authorization provider)"->"User(ressource owner)": Asks for consent for each scope
|
|
"User(ressource owner)"->"MailProvider(authorization provider)" : Grant or deny permission for each scope
|
|
"MailProvider(authorization provider)"->"User(ressource owner)": Redirect to redirect_uri with authorization code
|
|
"User(ressource owner)"->"RequestingApp(client)": Redirect to redirect_uri with authorization code
|
|
"RequestingApp(client)"->"MailProvider(authorization provider)": Send authorization code, clientid, client_secret
|
|
"MailProvider(authorization provider)"->"RequestingApp(client)": Send access token<font color=red>+"idtoken"
|
|
"RequestingApp(client)"->"MailProvider(resource server)": asks for contacts with access token
|
|
"MailProvider(resource server)"->"RequestingApp(client)": Return contacts
|
|
"RequestingApp(client)"->"User(ressource owner)": Display contacts
|
|
|
|
@enduml |