@startuml title Account Setup 1/2 actor Alice as "Alice\n(Resource Owner)" participant Client as "Desktop Client\n(Relying Party)" participant OS participant Browser as "Default Browser" participant ownCloud as "ownCloud\n(Resource Server)" participant IdP as "Kopano Konnect\n(IdP / Authorization Server)" == Account Setup == Alice -> Client : enter server URL\nhttps://server/ Client -> ownCloud : GET\nhttps://server/status.php Client <- ownCloud : 200 OK Client -> ownCloud : PROPFIND\nhttps://server/remote.php/webdav/ Client <- ownCloud : 401 Unauthorized\nWWW-Authenticate: Bearer realm="ownCloud"\n(and other WWW-Authenticate mechanisms, if available) Client -> ownCloud : GET\nhttps://server/.well-known/openid-configuration ownCloud -> IdP : GET\nhttps://idp/.well-known/openid-configuration ownCloud <- IdP : 200 OK\nJSON:\n "authorization_endpoint": "https://idp/signin/v1/identifier/_/authorize",\n "token_endpoint": "https://idp/konnect/v1/token" Client <- ownCloud : 200 OK\nJSON:\n "authorization_endpoint": "https://idp/signin/v1/identifier/_/authorize",\n "token_endpoint": "https://idp/konnect/v1/token" Client -> OS : https://idp/signin/v1/identifier/_/authorize?\n client_id=xdXO…&\n redirect_uri=http://localhost:49615&\n scope=openid offline_access email profile&… OS -> Browser : https://idp/signin/v1/identifier/_/authorize?\n client_id=xdXO…&\n redirect_uri=http://localhost:49615&\n scope=openid offline_access email profile&… group Default Browser Browser -> IdP : GET\nhttps://idp/signin/v1/identifier/_/authorize?\n client_id=xdXO…&\n redirect_uri=http://localhost:49615&\n scope=openid offline_access email profile&… Browser <- IdP : 302 FOUND\nLocation: https://idp/signin/v1/identifier?\n client_id=xdXO…&\n redirect_uri=http://localhost:49615&\n scope=openid+offline_access+email+profile&… Browser -> IdP : GET\nhttps://idp/signin/v1/identifier?\n client_id=xdXO…&\n redirect_uri=http://localhost:49615&\n scope=openid+offline_access+email+profile&… Browser <- IdP : 200 OK Browser -> IdP : POST\nhttps://idp/signin/v1/identifier/_/hello\nJSON:\n{\n "client_id": "xdXO…",\n "redirect_uri": "http://localhost:49615",\n "scope": "openid offline_access email profile",…\n} Browser <- IdP : 204 NO CONTENT Alice -> Browser : enter credentials Browser -> IdP : POST\nhttps://idp/signin/v1/identifier/_/hello\nJSON:\n{\n "hello": {\n "client_id": "xdXO…",\n "redirect_uri": "http://localhost:49615",\n "scope": "openid offline_access email profile",…\n },\n "params": [\n "alice",\n "password",…\n ],…\n} Browser <- IdP : 200 OK\nJSON:\n{\n "hello": {\n "continue_uri": "https://idp/signin/v1/identifier/_/authorize",\n "displayName": "Alice",\n "username": "alice",…\n },…\n} Browser -> IdP : GET\nhttps://idp/signin/v1/identifier/_/authorize?\nclient_id=xdXO…&\nredirect_uri=http://localhost:49615&\nscope=openid offline_access email profile&… Browser <- IdP : 302 FOUND\nLocation:\nhttp://localhost:49615?\n code=s7FK…&\n scope=openid offline_access email profile&… Browser -> Client : GET\nhttp://localhost:49615?\ncode=s7FK…&\nscope=openid offline_access email profile&… end @enduml
Decode URL
Submit
amiga
aws-orange
black-knight
bluegray
blueprint
cerulean-outline
cerulean
crt-amber
crt-green
cyborg-outline
cyborg
hacker
lightgray
mars
materia-outline
materia
metal
mimeograph
minty
plain
reddress-darkblue
reddress-darkgreen
reddress-darkorange
reddress-darkred
reddress-lightblue
reddress-lightgreen
reddress-lightorange
reddress-lightred
sandstone
silver
sketchy-outline
sketchy
spacelab
spacelab-white
superhero-outline
superhero
toy
united
vibrant
🎉 Discover the future PlantUML Web Editor! 🚀
PNG
SVG
ASCII Art
