new preview build

fsc-core/certificate-renewal/diagrams/dev/arch-core.puml

@@ -0,0 +1,25 @@
+
+@startuml
+
+'skinparam componentStyle uml2
+skinparam sequenceBoxBorderColor #transparent
+
+title: NLX
+
+node "Requesting Peer" {
+    [HTTP Client] -right-> [Outway]
+} 
+
+node "Providing Peer" {
+    [Inway] -right-> [HTTP Service]  
+} 
+
+node "Central" {
+    [Directory]
+} 
+
+[Outway] -right-> [Inway]
+[Directory] -[#green]up-> [Outway]
+[Inway] -[#green]down-> [Directory]
+
+@enduml

fsc-core/certificate-renewal/diagrams/dev/seq-configure-inway.puml

@@ -0,0 +1,44 @@
+@startuml
+title: Configure Inway
+
+skinparam sequenceBoxBorderColor #transparent
+skinparam boxPadding 50
+hide footbox
+
+box "Peer offering a service"
+participant "Inway" as inway
+participant "Contract" as contract
+participant "Contract Manager" as contractController
+participant "Peers with access" as peersWithAccess
+end box
+
+box "Directory"
+participant "Directory API" as directoryAPI
+end box
+
+loop for each service the Inway is offering
+    inway -> contractController: get contracts for service
+    contractController -> inway: return contracts
+    loop for each contract
+        inway -> contract: get peers
+        contract -> inway: return peers
+        loop for each peer
+            inway -> contract: get signature of peer
+            contract -> inway: return signature
+            inway -> directoryAPI: get certificate of peer
+            directoryAPI -> inway: return certificate
+            inway -> inway: validate signature
+        end
+        alt each peer has a valid signature
+            inway -> contract: get grants
+            contract -> inway: return grants
+            loop for each grant
+                loop for each public key
+                    inway -> peersWithAccess: add peer subject serial number and public key
+                end
+            end
+        end
+    end
+end
+
+@enduml

fsc-core/certificate-renewal/diagrams/dev/seq-contract-live.puml

@@ -0,0 +1,48 @@
+@startuml
+title: The life of a Contract
+
+box "Peer 1"
+  participant "Contract Manager" as cm1
+end box
+
+box "Peer 2..n"
+  participant "Contract Manager" as cm2
+end box
+
+loop Peer 2..n
+  cm1 -> cm2      : Propose Contract (ContractProposal, signature)
+end
+== State: PROPOSED ==
+
+alt implicit or explicit rejection
+  alt explicit - Peer sends rejection
+    cm2 -> cm1      : Reject Contract (contractID, signature)
+    == State: REJECTED ==
+    loop Peer 2..n
+      cm1 -> cm2      : Withdraw Contract (contractID, status REJECTED, signature)
+    end
+  else implicit - End date passes
+  == State: REJECTED ==
+  end
+else everyone sends signature
+  cm2 -> cm1      : Sign Contract (contractID, signature)
+  == State: SIGNED   ==
+  loop Peer 2..n
+    cm1 -> cm2    : Send Contract (Contract, status SIGNED, signature)
+  end
+  alt peer revokes signature
+    cm2 -> cm1      : Terminate Contract (ContractID, signature)
+    loop Peer 2..n
+      cm2 -> cm2      : Terminate Contract (ContractID, signature)
+    end
+
+    == State: REVOKED ==
+
+  else end date passes
+    == State: EXPIRED  ==
+  end
+end
+
+skinparam sequenceBoxBorderColor #transparent
+hide footbox
+@enduml

fsc-core/certificate-renewal/diagrams/dev/seq-contract-sync.puml

@@ -0,0 +1,51 @@
+@startuml
+title: Sync 1 peer via Directory
+
+box "Peer A"
+  participant "Contract Manager" as cm1
+end box
+
+box "Directory"
+  participant "Directory" as dir
+end box
+
+box "Peer 1..n"
+  participant "Contract Manager" as cm2
+end box
+
+cm1 -> dir : Request signatures (attach contract)
+
+== State: PROPOSED ==
+
+loop Peer 1..n
+cm2 -> dir ++ : Query contract proposals for Peer x
+dir -> cm2 -- : Contract proposals
+
+alt sign
+  cm2 -> dir : signature
+else reject
+  cm2 -> dir : reject
+end
+
+end
+
+loop
+  cm1 -> dir ++: request proposal status
+  return proposal status
+end
+
+alt complete
+  cm1 -> dir ++ : get all signatures
+  return signatures
+else rejected
+  cm1 -> dir ++ : get rejections
+  return rejections
+end
+
+skinparam sequenceBoxBorderColor #transparent
+hide footbox
+@enduml
+
+
+
+

fsc-core/certificate-renewal/diagrams/dev/seq-offer-service.puml

@@ -0,0 +1,48 @@
+@startuml
+title: Create a new service
+
+skinparam sequenceBoxBorderColor #transparent
+skinparam boxPadding 50
+hide footbox
+
+
+box "Municipality"
+actor "Administrator" as administrator
+participant "Management UI" as managementUI
+participant "Management API" as managementAPI
+participant "Inway" as inway
+participant "Contract Manager" as contractManager
+database "Contract database" as contractDatabase
+end box
+
+box "Directory"
+participant "Directory Peer" as directoryPeer
+participant "Directory DB" as directoryDatabase
+end box
+
+group add a new service
+
+administrator -> managementUI: create service
+managementUI -> managementAPI: add service
+managementAPI -> contractManager: create contract with a publication grant for the service
+contractManager -> contractManager: create contract
+contractManager -> contractManager: sign contract
+contractManager -> directoryPeer: propose contract
+directoryPeer -> directoryPeer: sign contract
+directoryPeer -> directoryDatabase: store service publication
+directoryPeer -> contractManager: return signature
+contractManager -> contractDatabase: store contract
+
+end
+
+group configure Inway
+
+inway -> contractManager: get config
+contractManager -> contractDatabase: get contracts with service publication grants
+contractDatabase -> contractManager: return contracts
+contractManager -> contractManager: generate config
+contractManager -> inway: return config
+
+end
+
+@enduml

fsc-core/certificate-renewal/diagrams/dev/seq-peer-configuration.puml

@@ -0,0 +1,17 @@
+@startuml
+title: Local Peer configuration
+
+box "Peer"
+  participant "Contract Manager" as manager
+  participant "Inway" as inway
+  participant "Outway" as outway
+end box
+inway -> manager : request configuration
+return
+outway -> manager : request configuration
+return
+
+skinparam sequenceBoxBorderColor #transparent
+skinparam boxPadding 50
+hide footbox
+@enduml

fsc-core/certificate-renewal/diagrams/dev/seq-request-access.puml

@@ -0,0 +1,44 @@
+@startuml
+title: Request access to a service
+
+skinparam sequenceBoxBorderColor #transparent
+skinparam boxPadding 50
+hide footbox
+
+box "Organization A"
+actor "User" as userOrgA
+participant "NLX Management" as managementUIOrgA
+participant "Management API" as managementAPIOrgA
+database "Audit log database" as auditLogDatabaseOrgA
+database "Contract database" as contractDatabaseOrgA
+participant "Contract Manager" as contractManagerOrgA
+end box
+
+box "Organization B"
+participant "Contract Manager" as contractManagerOrgB
+database "Contract database" as contractDatabaseOrgB
+actor "User" as userOrgB
+participant "NLX Management" as managementUIOrgB
+participant "Management API" as managementAPIOrgB
+database "Audit log database" as auditLogDatabaseOrgB
+end box
+
+userOrgA -> managementUIOrgA: Request access to service X
+managementUIOrgA -> managementAPIOrgA: Request access to service X
+managementAPIOrgA -> auditLogDatabaseOrgA: Create audit log "User X requested access to service Y"
+auditLogDatabaseOrgA -> managementAPIOrgA: AuditLog created
+managementAPIOrgA -> contractManagerOrgA: Create contract proposal with a connection grant for service X
+contractManagerOrgA -> contractManagerOrgA: Sign proposal
+contractManagerOrgA -> contractDatabaseOrgA: Store contract
+contractManagerOrgA -> contractManagerOrgB: Contract proposal with a connection grant for service X
+contractManagerOrgB -> contractDatabaseOrgB: Store contract proposal
+userOrgB -> managementUIOrgB: Approve access
+managementUIOrgB -> managementAPIOrgB: Approve access
+managementAPIOrgB -> auditLogDatabaseOrgB: Create audit log "User X granted organisation Y access to service Z"
+auditLogDatabaseOrgB -> managementAPIOrgB: Audit log created
+managementAPIOrgB -> contractManagerOrgB: Sign contract proposal
+contractManagerOrgB -> contractDatabaseOrgB: Store signature
+contractManagerOrgB -> contractManagerOrgA: Submit signature
+contractManagerOrgA -> contractDatabaseOrgA: Store signature
+
+@enduml

fsc-core/certificate-renewal/diagrams/seq-consuming-a-service.puml

@@ -0,0 +1,29 @@
+@startuml
+
+autonumber
+header: Core
+title: Establish a connection to a Service
+
+skinparam sequenceBoxBorderColor #transparent
+skinparam boxPadding 50
+hide footbox
+
+box "Service Consumer"
+    participant "Client" as clientServiceConsumer
+    participant "Outway" as outwayServiceConsumer
+end box
+
+box "Service Provider"
+    participant "Inway" as inwayServiceProvider
+    participant "Service" as serviceServiceProvider
+end box
+
+clientServiceConsumer -> outwayServiceConsumer: Request to Service
+outwayServiceConsumer -> inwayServiceProvider: Request\nwith access token
+inwayServiceProvider -> inwayServiceProvider: Validate access token
+inwayServiceProvider -> serviceServiceProvider: Request
+return Response
+inwayServiceProvider --> outwayServiceConsumer: Response
+outwayServiceConsumer --> clientServiceConsumer: Response
+
+@enduml

fsc-core/certificate-renewal/diagrams/seq-contract-management.puml

@@ -0,0 +1,34 @@
+@startuml
+
+autonumber
+header: Core
+title: Contract Management
+
+box "Initiating Peer"
+  participant "Manager" as m1
+end box
+box "Directory"
+  participant "Directory" as directory
+end box
+box "Receiving Peer"
+  participant "Manager" as m2
+end box
+
+loop For each Peer on the Contract
+m1 -> directory ++ : Get Manager address of Peer
+return Manager address of Peer
+m1 -> m2 ++ : Contract proposal
+note over directory: Signed by initiating Peer
+end loop
+
+loop For each Peer on the Contract
+m2 -> m1: Accept signature
+note over directory: Signed by receiving Peer(s)
+end loop
+
+note over directory: Signed by all Peers
+
+skinparam sequenceBoxBorderColor #transparent
+skinparam boxPadding 50
+hide footbox
+@enduml