aboutsummaryrefslogtreecommitdiffstats
path: root/odl-aaa-moon/aaa-authn-api/src/main/docs/federated_auth_sequence.wsd
diff options
context:
space:
mode:
Diffstat (limited to 'odl-aaa-moon/aaa-authn-api/src/main/docs/federated_auth_sequence.wsd')
-rw-r--r--odl-aaa-moon/aaa-authn-api/src/main/docs/federated_auth_sequence.wsd24
1 files changed, 0 insertions, 24 deletions
diff --git a/odl-aaa-moon/aaa-authn-api/src/main/docs/federated_auth_sequence.wsd b/odl-aaa-moon/aaa-authn-api/src/main/docs/federated_auth_sequence.wsd
deleted file mode 100644
index 22d1d916..00000000
--- a/odl-aaa-moon/aaa-authn-api/src/main/docs/federated_auth_sequence.wsd
+++ /dev/null
@@ -1,24 +0,0 @@
-title Federated Authentication Sequence (w/ Claim Transformation)
-
-# This walks through the federated authentication sequence where a claim from a
-# third-party IdP system is posted to the ODL token endpoint in exchange for an
-# access token. The claim information is assumed to be in format specific to the
-# third-party IdP system and assumed to be captured via either Apache environment
-# variables (Servlet attributes) or HTTP headers.
-
-Client -> ServletContainer: request access token
-note right of Client
-(claim as Apache env/HTTP headers)
-end note
-ServletContainer -> ClaimAuthFilter: Servlet attributes/headers
-loop foreach ClaimAuth
- ClaimAuthFilter -> ClaimAuth: transform(Map<String, Object> claim)
- ClaimAuth -> ClaimAuth: transformClaim
-end
-ClaimAuth -> ClaimAuthFilter: Claim
-note left of ClaimAuth
-(user/domain/roles)
-end note
-ClaimAuthFilter --> TokenEndpoint: Claim
-TokenEndpoint -> TokenEndpoint: createToken
-TokenEndpoint -> Client: access token \ No newline at end of file