Перейти к содержанию

Сервис авторизации

Описание

Сервис авторизации.

Аутентификация B2B

Аутентификация по паролю


sequenceDiagram

actor User
participant ClientUI
participant IdentityService

ClientUI ->> User: LoginPage
User ->> ClientUI:password, email
ClientUI ->> IdentityService: PostAuthorizationLoginByPassword<br>(password, email)
alt Success
    alt without 2FA
     IdentityService ->> ClientUI: UserToken
     Note over ClientUI: auth success
    else with 2FA
     IdentityService ->> ClientUI: Data2fa
     Note over ClientUI: keep Data2fa<br>check Data2fa.timeout
     ClientUI ->> User: CodeRequestPage
     User ->> ClientUI: 2FA code
     ClientUI ->> IdentityService: PostAuthorizationCheckCode<br>(Data2fa,code)
        alt Success
         IdentityService ->> ClientUI: UserToken
         Note over ClientUI: auth success
        else AuthorizationLoginByPasswordError
            alt CaptchaAnswer.Error flow
             IdentityService ->> ClientUI: AuthorizationLoginByPasswordError.captcha_answer
             Note over ClientUI: see CaptchaAnswer.Error flow
            else KeyError,SsoError flow
             IdentityService ->> ClientUI: AuthorizationLoginByPasswordError.key<br>AuthorizationLoginByPasswordError.sso
             Note over ClientUI: see KeyError,SsoError flow
            end
        end
    end
else AuthorizationLoginByPasswordError
    alt CaptchaAnswer.Error flow
     IdentityService ->> ClientUI: AuthorizationLoginByPasswordError.captcha_answer
     Note over ClientUI: keep Captcha.id
     ClientUI ->> User: LoginPage(Captcha.url)
     User ->> ClientUI: LoginPage<br>(captcha,captcha.id,password,email)
     ClientUI ->> IdentityService: PostAuthorizationLoginByPassword<br>(captcha,password, email)
     Note over IdentityService: see PostAuthorizationLoginByPassword flow
    else KeyError,SsoError flow
     IdentityService ->> ClientUI: AuthorizationLoginByPasswordError.key<br>AuthorizationLoginByPasswordError.sso
     ClientUI ->> User: ErrorPage
     Note over ClientUI: error processing
    end
end

Аутентификация по ОТП-коду


sequenceDiagram

actor User
participant ClientUI
participant IdentityService

ClientUI ->> User: CodeRequestPage
User ->> ClientUI: email
ClientUI ->> IdentityService: PostAuthorizationSendCode<br>(email|phone_number)
alt Success
     IdentityService ->> ClientUI: OtpCode
     Note over ClientUI: keep OtpCode.code_id<br>check OtpCode.timeout
     ClientUI ->> User: CodeRequestPage
     User ->> ClientUI: OTP code
     ClientUI ->> IdentityService: PostAuthorizationLogin<br>(OtpCode.code_id,code)
     alt Success
      IdentityService ->> ClientUI: UserToken
      Note over ClientUI: auth success
     else AuthorizationSendCodeError
         alt CaptchaAnswer.Error flow
          IdentityService ->> ClientUI: AuthorizationSendCodeError.captcha_answer
          Note over ClientUI: see CaptchaAnswer.Error flow
         else SsoError flow
          IdentityService ->> ClientUI: AuthorizationSendCodeError.sso
          Note over ClientUI: see SsoError flow
         end
     end
else AuthorizationSendCodeError
    alt CaptchaAnswer.Error flow
     IdentityService ->> ClientUI: AuthorizationSendCodeError.captcha_answer
     Note over ClientUI: keep Captcha.id
     ClientUI ->> User: LoginPage(Captcha.url)
     User ->> ClientUI: LoginPage<br>(captcha,password,email)
     ClientUI ->> IdentityService: PostAuthorizationSendCode<br>(captcha,captcha.id,password,email)
     Note over IdentityService: see PostAuthorizationSendCode flow
    else SsoError flow
     IdentityService ->> ClientUI: AuthorizationSendCodeError.sso
     ClientUI ->> User: ErrorPage
     Note over ClientUI: error processing
    end
end

Ссылки