Notice: This Wiki is now read only and edits are no longer possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Remember this Card Overview
This page outlines the user flow and Higgins based technical interactions performed to support the ‘remember this card’ function implemented as a candidate feature on the Higgins web-based deployment. This document has two sections:
- Workflow – this outlines the basic flow with screen shots and method calls activated
- Logic flow – this is a logical representation of the outlined workflow
Prerequisites: User already has installed HBX and has cards that would meet requirements of RP site.
Workflow
STEP 1- user navigates to an RP site and see the log-in page in Figure 1 below. The user clicks on the button to log in with their information card:
Figure 1 – RP site log-in page
STEP 2 – once the user clicks the ‘use an information card’ icon the following system calls are made from the RP site:
- HBX intercepts OBJECTS with type=application/x-informationcard and reads object tag.
- HBX calls getTokenByUrl() method and posts xmlToken into the targetForm. If response is empty it calls getUI() method and pops up a card selector UI
- Method getTokenByUrl() in turn finds any relation between this RP site and card by calling the getCardInformation(…,URL) method of UserProfileService. If it finds a “remembered” card, then it retrieves a token and returns it to HBX. Otherwise it returns an empty response.
The card selector displays all the cards that have claims that would match what the RP site is requesting (see Figure 2 below). User is prompted to select the card they want to use with this site. There is an optional checkbox on the selector that allows the user to enable the selected card to be used as the default log-in card for this specific RP site.
Figure 2 – Card Selector opens up
STEP 3 - In this case, the user would select the card (lets presume this is a card that has a PIN password protecting it), click the open check box (Always use this card at this site) and click the “Next” button on the selector.
Figure 3 – Selector PIN prompt
STEP 4 - The selector would then prompt the user to enter their PIN number to unlock the card (see Figure 3 below). After the user enters their PIN number and clicks the “Next” button the user would see the screen as shown in Figure 4 below. During this processing, the following back-end calls are made:
- HBX gets getTokenObject() method with parameters credentialKey=[…,’saveCard’,…] and credentialValue=[…,’true’,…]
- RPPS retrieves the token, then RPPS deletes old relation between site and card (RPPS calls deleteCardUrlRelation of UserProfileService) and creates a new relation between this RP site and this card (RPPS calls setCardUrlRelation of UserProfileService).
- HBX posts XML posts xmlToken into the targetForm.
Figure 4 – Token processing for RP site login
STEP 5 – After the above processing the user then finds that they are successfully logged into the RP site. An example of this is shown in Figure 5 below.
Figure 5 - successful login
STEP 6 – if the user wants to ‘un-remember’ the card used for this specific RP site, they would open their Information Card Manager (ICM – see Figure 6 below). The user would select the specific information card of interest then click the Card History tab where they would see a list of which sites they had last used this selected information card. To ‘un-remember’ the card for a specific RP site, the user would just need to click the ‘don’t use’ button for the particular site to complete the ‘un-remember’ action. When the user performs this step the following back-end calls occur:
- ICM calls method deleteUrlsCardRelation() of RPPS
- Method deleteUrlsCardRelation() deletes the relation between the selected card and any of the associated sites. This method call is run against the site/card relation information, which is stored in the url array. This array is a list of sites the user does NOT have ‘remember this card at this site’ enabled.
Figure 6 – ICM view showing the card history and ‘unremember’ button
Logical Flow
a)IF user land on RP site AND clicks on ‘user and information card’
THEN
- HBX intercepts OBJECTS with type=application/x-informationcard and reads object tag.
- HBX calls getTokenByUrl() method and posts xmlToken into the targetForm. If response is empty it calls getUI() method and pops up a card selector UI
- Method getTokenByUrl() in turn finds any relation between this RP site and card by calling the getCardInformation(…,URL) method of UserProfileService. If it finds a “remembered” card, then it retrieves a token and returns it to HBX. Otherwise it returns an empty response.
ENDIF
COMPONENTS CHANGED:
b)IF user selects ‘use an information card’ AND the the getCardInformation(…,URL) method of UserProfileService returns a ‘remembered’ card
THEN
- It retrieves a token and returns it to HBX
ELSE
- It returns an empty response
ENDIF
COMONENTS CHANGED:
c) IF the user selects a PIN protected information card from card selector AND click the open check box “Always use this card at this site” AND user clicks the ‘Next’ button on selector
THEN
- The selector would prompt the user to enter the PIN number to unlock the selected card
ENDIF
COMPONENTS CHANGED
d)IF user enters the PIN to unlock the selected card AND user clicks the “Next” button on card selector
THEN
- HBX gets getTokenObject() method with parameters credentialKey=[…,’saveCard’,…] and credentialValue=[…,’true’,…]
- RPPS retrieves the token, then RPPS deletes old relation between site and card (RPPS calls deleteCardUrlRelation of UserProfileService) and creates a new relation between this RP site and this card (RPPS calls setCardUrlRelation of UserProfileService).
- HBX posts XML posts xmlToken into the targetForm.
- User is taken to a ‘successful log-in’ page.
ENDIF
COMPONENTS CHANGED:
e)IF user wants to un-remember the card used for this specific RP site
THEN
- User would open their Information Card Manager (ICM), AND select the card of interest
- User would select the card history tab to view the list of which sites they had last used this selected information card.
ENDIF
COMPONENTS CHANGED:
f)IF the user selects the ‘don’t use’ button for the specific card and selected site combination
THEN
- ICM calls method deleteUrlsCardRelation() of RPPS
- Method deleteUrlsCardRelation() deletes the relation between the selected card and any of the associated sites. This method call is run against the site/card relation information, which is stored in the url array. This array is a list of sites the user does NOT have ‘remember this card at this site’ enabled.
ENDIF