Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[INJIMOB-2109] - create component and sequence diagram for Inji Wallet #1641

Open
wants to merge 2 commits into
base: release-0.14.x
Choose a base branch
from

Conversation

swatigoel
Copy link
Contributor

@swatigoel swatigoel commented Oct 7, 2024

Description

Create the component and sequence diagram

Issue ticket number and link

Example : INJIMOB-2109

.talismanrc Outdated
- filename: docs/InjiWalletComponents.drawio
checksum: d295ba37678f892d6939fa51b7e936d942fb9fa9b29ca4b64f0acef28ffeffa1
- filename: docs/InjiWalletComponents.md
checksum: 2e1d6b147803bfcf93c1f83fcd01242c0d5d873817cc135491a24fecaae2b53e
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what is this file ? Is this used in all the repos ?

Copy link
Contributor Author

@swatigoel swatigoel Oct 17, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have talisman setup which acts as hook to protect committing secrets and sensitive information.
If we want to exclude some files to be removed from scan, need to be part of this file with the checksum defined. For all subsequent run if checksum is same, this file will be skipped. If anyone makes changes in the same file, talisman will rescan and gives error which tells developer to look at that file and review it. https://thoughtworks.github.io/talisman/docs/configuring-talisman/ignoring/

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Possible to remove this while merging to MOSIP repo, since we don't use tailsman as part of mosip checks ?

docs/InjiWalletSequence.md Show resolved Hide resolved
### **Offline BLE Sharing**

- Inji Wallet use Tuvali libary to support offline BLE sharing with relying parties or verifiers.
- The user can tap on kebab popup icon (three dots) and initiate the flow with share or share with selfie option.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the sequence diagram, can we bring in the webview part also ? so it is little more clear that construction of authentication request is not part of the Inji wallet ?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think "opens webview" has to still explicitly come or it can be even a separate verticle line

### **Offline BLE Sharing**

- Inji Wallet use Tuvali libary to support offline BLE sharing with relying parties or verifiers.
- The user can tap on kebab popup icon (three dots) and initiate the flow with share or share with selfie option.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In sequence diagram, the generation QR code happens immediately after the VC is downloaded ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No,QR code generation happens once VC details page is opened and then it's cached.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

then the sequence diagram should be changed to give out the same understanding

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, updated in sequence diagram

docs/InjiWalletSequence.md Outdated Show resolved Hide resolved
docs/InjiWalletSequence.md Outdated Show resolved Hide resolved

### **Authorization**

- When the user selects any credential type, user is redirected to the authorization page for that specific issuer.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need more technical details like the webview part

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this taken care ?

docs/InjiWalletComponents.md Outdated Show resolved Hide resolved
docs/InjiWalletComponents.md Outdated Show resolved Hide resolved
- **eSignet** strives to provide a user-friendly and effective method for individuals to authenticate themselves and utilize online services while also having the option to share their profile information. Moreover, eSignet supports multiple modes of identity verification to ensure inclusivity and broaden access, thereby reducing potential digital barriers.
- eSignet Allows us to perform the authorization of the resident on the portal before downloading the credential

### **Native Libraries**
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

these are actual components and we should have more detailing here on the components used.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Inji Stack components drawio (6)

On the diagram, you can refer the Inji wallet and mimoto boxes.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated the component diagram and md file

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated diagram looks good, but I not sure in using icons like openID connect, can we check on this once with Keshav ?

- This authorization page is managed by `OAuth Authorization server (eSignet)` and will be rendered in webview inside Inji App.
- User will be asked to provide details for authorization.
- Once authorization is successful, authorization server return the **"authorizationCode"**
- Inji Wallet sends the authorization code to authorization server through Mimoto to perform the client assertions.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This part I believe need to be improve by a implementer to include assurance of the request indeed came from inji-wallet and not from post man. Do we have a store on this ? May in the sequence we should say that is required and need to implemented specific to inji wallet ?

- **Secure-Keystore** is a module to create and store keys in android hardware keystore and helps to do encryption, decryption, and hmac calculation. Please find more details [here](https://docs.mosip.io/inji/inji-wallet/technical-overview/components#id-3.-secure-keystore)
- **Tuvali** is a module for the OpenID for Verifiable Presentations over BLE implementation to support sending vc/vp using Bluetooth Low Energy local channel. Please find more details [here](https://docs.mosip.io/inji/inji-wallet/technical-overview/components#id-1.-tuvali-sharing-via-ble)
- **Pixelpass** is a module to generate QR code from VC data and decode from QR to get VC data. Please find more details [here](https://docs.mosip.io/inji/inji-wallet/technical-overview/components#id-5.-pixelpass)
- **VCI client** is a module to support OpenId4VCI specification for downloading the credential. Please find more details [here](https://docs.mosip.io/inji/inji-wallet/technical-overview/components#id-5.-pixelpass)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this link also points to pixelpass ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok, my bad
copy/paste mistake, correcting it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants