[INJIMOB-2109] - create component and sequence diagram for Inji Wallet #1641
Conversation
Signed-off-by: swatigoel <meet2swati@gmail.com>
.talismanrc
Outdated
| - filename: docs/InjiWalletComponents.drawio | ||
| checksum: d295ba37678f892d6939fa51b7e936d942fb9fa9b29ca4b64f0acef28ffeffa1 | ||
| - filename: docs/InjiWalletComponents.md | ||
| checksum: 2e1d6b147803bfcf93c1f83fcd01242c0d5d873817cc135491a24fecaae2b53e |
There was a problem hiding this comment.
what is this file ? Is this used in all the repos ?
There was a problem hiding this comment.
We have talisman setup which acts as hook to protect committing secrets and sensitive information.
If we want to exclude some files to be removed from scan, need to be part of this file with the checksum defined. For all subsequent run if checksum is same, this file will be skipped. If anyone makes changes in the same file, talisman will rescan and gives error which tells developer to look at that file and review it. https://thoughtworks.github.io/talisman/docs/configuring-talisman/ignoring/
There was a problem hiding this comment.
Possible to remove this while merging to MOSIP repo, since we don't use tailsman as part of mosip checks ?
| ### **Offline BLE Sharing** | ||
|
|
||
| - Inji Wallet use Tuvali libary to support offline BLE sharing with relying parties or verifiers. | ||
| - The user can tap on kebab popup icon (three dots) and initiate the flow with share or share with selfie option. |
There was a problem hiding this comment.
In the sequence diagram, can we bring in the webview part also ? so it is little more clear that construction of authentication request is not part of the Inji wallet ?
There was a problem hiding this comment.
I think "opens webview" has to still explicitly come or it can be even a separate verticle line
| ### **Offline BLE Sharing** | ||
|
|
||
| - Inji Wallet use Tuvali libary to support offline BLE sharing with relying parties or verifiers. | ||
| - The user can tap on kebab popup icon (three dots) and initiate the flow with share or share with selfie option. |
There was a problem hiding this comment.
In sequence diagram, the generation QR code happens immediately after the VC is downloaded ?
There was a problem hiding this comment.
No,QR code generation happens once VC details page is opened and then it's cached.
There was a problem hiding this comment.
then the sequence diagram should be changed to give out the same understanding
There was a problem hiding this comment.
Ok, updated in sequence diagram
|
|
||
| ### **Authorization** | ||
|
|
||
| - When the user selects any credential type, user is redirected to the authorization page for that specific issuer. |
There was a problem hiding this comment.
We need more technical details like the webview part
docs/InjiWalletComponents.md
Outdated
| - **eSignet** strives to provide a user-friendly and effective method for individuals to authenticate themselves and utilize online services while also having the option to share their profile information. Moreover, eSignet supports multiple modes of identity verification to ensure inclusivity and broaden access, thereby reducing potential digital barriers. | ||
| - eSignet Allows us to perform the authorization of the resident on the portal before downloading the credential | ||
|
|
||
| ### **Native Libraries** |
There was a problem hiding this comment.
these are actual components and we should have more detailing here on the components used.
There was a problem hiding this comment.
On the diagram, you can refer the Inji wallet and mimoto boxes.
There was a problem hiding this comment.
Updated the component diagram and md file
There was a problem hiding this comment.
Updated diagram looks good, but I not sure in using icons like openID connect, can we check on this once with Keshav ?
…nt diagram Signed-off-by: swatigoel <meet2swati@gmail.com>
| - This authorization page is managed by `OAuth Authorization server (eSignet)` and will be rendered in webview inside Inji App. | ||
| - User will be asked to provide details for authorization. | ||
| - Once authorization is successful, authorization server return the **"authorizationCode"** | ||
| - Inji Wallet sends the authorization code to authorization server through Mimoto to perform the client assertions. |
There was a problem hiding this comment.
This part I believe need to be improve by a implementer to include assurance of the request indeed came from inji-wallet and not from post man. Do we have a store on this ? May in the sequence we should say that is required and need to implemented specific to inji wallet ?
| - **Secure-Keystore** is a module to create and store keys in android hardware keystore and helps to do encryption, decryption, and hmac calculation. Please find more details [here](https://docs.mosip.io/inji/inji-wallet/technical-overview/components#id-3.-secure-keystore) | ||
| - **Tuvali** is a module for the OpenID for Verifiable Presentations over BLE implementation to support sending vc/vp using Bluetooth Low Energy local channel. Please find more details [here](https://docs.mosip.io/inji/inji-wallet/technical-overview/components#id-1.-tuvali-sharing-via-ble) | ||
| - **Pixelpass** is a module to generate QR code from VC data and decode from QR to get VC data. Please find more details [here](https://docs.mosip.io/inji/inji-wallet/technical-overview/components#id-5.-pixelpass) | ||
| - **VCI client** is a module to support OpenId4VCI specification for downloading the credential. Please find more details [here](https://docs.mosip.io/inji/inji-wallet/technical-overview/components#id-5.-pixelpass) |
There was a problem hiding this comment.
this link also points to pixelpass ?
There was a problem hiding this comment.
ok, my bad
copy/paste mistake, correcting it
Description
Issue ticket number and link