IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

description for authenticate new communities and open communication

Browse Source
This commit is contained in:
Claus-Peter Hübner 2022-01-14 03:45:05 +01:00
parent 37084c87bf
commit 9c211595c4
6 changed files with 362 additions and 210 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docu/Concepts/BusinessRequirements/CommunityVerwaltung.md
View File

@ -286,7 +286,7 @@ Der Prozess *Neue Community erstellen* wird entweder automatisiert beim erstmali
Der oben grafisch dargestellte Ablauf wird in drei grobe Teile untergliedert:
1. den eigentlichen Community-Prozess "*neue Community erstellen*" (links in grün gehalten), in dem die Community spezifischen Attribute erfasst, geladen und/oder angelegt werden. Dazu gehören neben dem Erfassen der Community eigenen Attributen, das Laden von vordefinierten Standard-Daten wie die Tätigkeitsliste, Berechtigungen, etc. und optional als eigenständiger Prozess die Erfassung bzw das Anlegen von neuen Community-Mitgliedern.
1. )den eigentlichen Community-Prozess "*neue Community erstellen*" (links in grün gehalten), in dem die Community spezifischen Attribute erfasst, geladen und/oder angelegt werden. Dazu gehören neben dem Erfassen der Community eigenen Attributen, das Laden von vordefinierten Standard-Daten wie die Tätigkeitsliste, Berechtigungen, etc. und optional als eigenständiger Prozess die Erfassung bzw das Anlegen von neuen Community-Mitgliedern.
2. das Starten der "*Federation*" als Hintergrundprozess, um die neu erstellte Community im Gradido-Community-Verbund bekannt zu machen. Dietechnischen Details der *Federation* werden im Dokument [Federation](../TechnicalRequirements/Federation.md " ") beschrieben. Dabei wird
* als erstes geprüft, ob in der eigenen Community die notwendigen Attribute wie Community-Key, URL und ggf. weitere korrekt initialisiert und gespeichert sind. Falls nicht wird der Hintergrundprozess mit einem Fehler abgebrochen
* dann werden die Attribute Community-Key und URL in eine *newCommunity*-Message gepackt und asynchron an den Public-Channel der Community-Federation des Gradido-Community-Verbundes gesendet
@ -297,7 +297,12 @@ Der oben grafisch dargestellte Ablauf wird in drei grobe Teile untergliedert:
* *newCommunity*-Messages werden von neu erstellten Communities im Rahmen derer Federation in den Public-Channel gesendet. Diese Messages sollten möglichst zeitnah von möglichst vielen schon existierenden Communities beantwortet werden. Dazu wird zuerst in der Community-Datenbank nach Einträgen gesucht, die den gleichen Community-Key aber eine unterschiedliche URL als zu den empfangenen Daten haben:
* Sollte es einen solchen Eintrag geben, dann wird eine *replyNewCommunity*-Message erzeugt mit *MessageState = requestNewKey* und ohne weitere Daten in den Public-Channel zurückgesendet. Danach wird wieder in den "Lausch-Modus" am Public-Channel gewechselt.
* Sollte es keine solche Einträge geben, dann werden die eigenen Daten *Community-Ke*y und *URL* in eine *replyNewCommunity*-Message gepackt, der *MessageState = OK* gesetzt und direkt in den Public-Channel zurückgesendet. Danach wird wieder in den "Lausch-Modus" am Public-Channel gewechselt.
3. und die *"Community-Communication"* als Hintergrundprozess. Dieser liest zuerst die eigenen Community-Daten und geht dann per Direkt-Verbindung über die URL mit der neuen Community in Dialog, um sich zuerst gegenseitig zu authentifizieren und um dann die Community spezifischen Daten untereinander auszutauschen. Der fachlich logische Ablauf dieser Kommunikation soll wie folgt dagestellt ablaufen: Die genaue Beschreibung der dazu verwendeten APIs beider Communities erfolgt in der technischen Konzeption [CommunityCommunication](../TechnicalRequirements/CommunityCommunication.md).
3. und die *"Community-Communication"* als Hintergrundprozess. Dieser liest zuerst die eigenen Community-Daten und geht dann per Direkt-Verbindung über die URL mit der neuen Community in Dialog, um sich zuerst gegenseitig zu authentifizieren und um dann die Community spezifischen Daten untereinander auszutauschen. Der logische Ablauf dieser Kommunikation soll wie folgt dargestellt ablaufen:
![AuthenticateCommunityCommunication](.\image\AuthenticateCommunityCommunication.png " ")
Die genaue Beschreibung der dazu verwendeten APIs beider Communities erfolgt in der technischen Konzeption [CommunityCommunication](../TechnicalRequirements/CommunityCommunication.md).
#### Ende Status

283
docu/Concepts/BusinessRequirements/graphics/AuthenticateCommunityCommunication.drawio Normal file
View File

@ -0,0 +1,283 @@
<mxfile host="65bd71144e">
<diagram id="ymh7Jh5NIHEcxBqobDAe" name="Seite-1">
<mxGraphModel dx="1088" dy="800" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="2336" pageHeight="1654" math="0" shadow="0">
<root>
<mxCell id="0"/>
<mxCell id="1" parent="0"/>
<mxCell id="64" value="" style="endArrow=none;html=1;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" parent="1" target="63" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="1299.5" y="1621" as="sourcePoint"/>
<mxPoint x="1299.5" y="200" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="62" value="" style="endArrow=none;html=1;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" parent="1" target="61" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="1160" y="1621" as="sourcePoint"/>
<mxPoint x="890" y="380" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="2" value="invocation chain to authenticate a new community and to open a community communication in the community network" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontStyle=1;fontSize=20;" parent="1" vertex="1">
<mxGeometry x="40" y="10" width="1320" height="30" as="geometry"/>
</mxCell>
<mxCell id="3" value="new&lt;br&gt;Community A" style="rounded=1;whiteSpace=wrap;html=1;fontSize=20;fillColor=#d5e8d4;gradientColor=#97d077;strokeColor=#82b366;" parent="1" vertex="1">
<mxGeometry x="200" y="80" width="120" height="80" as="geometry"/>
</mxCell>
<mxCell id="4" value="existing Community B" style="rounded=1;whiteSpace=wrap;html=1;fontSize=20;fillColor=#d5e8d4;gradientColor=#97d077;strokeColor=#82b366;verticalAlign=top;" parent="1" vertex="1">
<mxGeometry x="960" y="80" width="400" height="80" as="geometry"/>
</mxCell>
<mxCell id="5" value="" style="endArrow=none;html=1;fontSize=20;entryX=0.5;entryY=1;entryDx=0;entryDy=0;startArrow=none;" parent="1" target="3" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="260" y="541" as="sourcePoint"/>
<mxPoint x="730" y="460" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="6" value="" style="endArrow=none;html=1;fontSize=20;entryX=0.5;entryY=1;entryDx=0;entryDy=0;startArrow=none;" parent="1" source="8" target="60" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="1019.5" y="1622" as="sourcePoint"/>
<mxPoint x="1019.5" y="200" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="7" value="encrypt community-key&amp;nbsp; of community-B with own private key" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="210" y="220" width="100" height="60" as="geometry"/>
</mxCell>
<mxCell id="9" value="" style="endArrow=classic;startArrow=none;html=1;fontSize=12;exitX=1;exitY=1;exitDx=0;exitDy=0;entryX=0;entryY=0;entryDx=0;entryDy=0;startFill=0;" parent="1" source="7" target="8" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="310" y="300" as="sourcePoint"/>
<mxPoint x="730" y="450" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="10" value="request with own community key and encrypted community key of community-B as InputData" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" parent="9" vertex="1" connectable="0">
<mxGeometry x="0.1697" y="-1" relative="1" as="geometry">
<mxPoint x="-46" y="-1" as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="12" value="" style="endArrow=classic;html=1;fontSize=12;entryX=0;entryY=0;entryDx=0;entryDy=0;exitX=1;exitY=1;exitDx=0;exitDy=0;" parent="1" source="13" target="11" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="260" y="1243" as="sourcePoint"/>
<mxPoint x="730" y="1353" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="14" value="request with JWT-Token and CommunityTO as InputData" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" parent="12" vertex="1" connectable="0">
<mxGeometry x="0.1296" relative="1" as="geometry">
<mxPoint as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="16" value="" style="endArrow=classic;html=1;fontSize=12;exitX=0;exitY=1;exitDx=0;exitDy=0;" parent="1" source="11" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="680" y="1393" as="sourcePoint"/>
<mxPoint x="260" y="1293" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="17" value="response with CommunityTO as OutputData" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" parent="16" vertex="1" connectable="0">
<mxGeometry x="0.0958" y="1" relative="1" as="geometry">
<mxPoint as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="18" value="Service: &lt;br&gt;&lt;b&gt;request&lt;br&gt;TradingLevel&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1250" y="1363" width="100" height="50" as="geometry"/>
</mxCell>
<mxCell id="20" value="" style="endArrow=classic;html=1;fontSize=12;entryX=0;entryY=0;entryDx=0;entryDy=0;exitX=1;exitY=1;exitDx=0;exitDy=0;" parent="1" target="18" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="310" y="1363" as="sourcePoint"/>
<mxPoint x="970" y="1363" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="21" value="request with TradingLevelTO-InputData" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" parent="20" vertex="1" connectable="0">
<mxGeometry x="0.1296" relative="1" as="geometry">
<mxPoint as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="22" value="store&lt;br&gt;TradingLevel" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1250" y="1423" width="100" height="30" as="geometry"/>
</mxCell>
<mxCell id="23" value="create open admin request for&lt;br&gt;TradingLevel" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1250" y="1463" width="100" height="50" as="geometry"/>
</mxCell>
<mxCell id="24" value="create open admin request for&lt;br&gt;TradingLevel" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1250" y="1523" width="100" height="50" as="geometry"/>
</mxCell>
<mxCell id="8" value="Service:&lt;br&gt;&lt;b&gt;authenticate&lt;br&gt;Community&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="970" y="280" width="100" height="40" as="geometry"/>
</mxCell>
<mxCell id="26" value="" style="endArrow=none;html=1;fontSize=20;entryX=0.5;entryY=1;entryDx=0;entryDy=0;startArrow=none;" parent="1" target="8" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="1020" y="1620" as="sourcePoint"/>
<mxPoint x="1019.5" y="220" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="27" value="if given community key of community-A&lt;br&gt;is known" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="970" y="320" width="100" height="60" as="geometry"/>
</mxCell>
<mxCell id="28" value="generate and keep&lt;br&gt;one-time code together with given encrypted community key&amp;nbsp;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="970" y="380" width="100" height="90" as="geometry"/>
</mxCell>
<mxCell id="30" value="" style="endArrow=none;html=1;fontSize=20;" parent="1" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="260" y="1622" as="sourcePoint"/>
<mxPoint x="260" y="540" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="31" value="" style="endArrow=classic;html=1;fontSize=12;exitX=0;exitY=1;exitDx=0;exitDy=0;entryX=1;entryY=0;entryDx=0;entryDy=0;" parent="1" source="28" target="38" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="970" y="521" as="sourcePoint"/>
<mxPoint x="310" y="490" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="32" value="redirect back to Community-A with one-time code" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" parent="31" vertex="1" connectable="0">
<mxGeometry x="0.0958" y="1" relative="1" as="geometry">
<mxPoint as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="33" value="" style="endArrow=classic;html=1;fontSize=12;exitX=0;exitY=1;exitDx=0;exitDy=0;" parent="1" source="8" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="960" y="320" as="sourcePoint"/>
<mxPoint x="260" y="320" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="36" value="" style="endArrow=classic;html=1;fontSize=12;entryX=0;entryY=0;entryDx=0;entryDy=0;exitX=1;exitY=1;exitDx=0;exitDy=0;" parent="1" source="38" target="35" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="310" y="601" as="sourcePoint"/>
<mxPoint x="730" y="691" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="37" value="request with one-time code, own public key as InputData" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" parent="36" vertex="1" connectable="0">
<mxGeometry x="0.1296" relative="1" as="geometry">
<mxPoint x="-93" as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="38" value="Endpoint:&lt;br&gt;&lt;b&gt;redirect URI&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="210" y="470" width="100" height="40" as="geometry"/>
</mxCell>
<mxCell id="11" value="Service: &lt;b&gt;familiarize&lt;br&gt;Community&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1250" y="1243" width="100" height="50" as="geometry"/>
</mxCell>
<mxCell id="13" value="initialize CommunityTO" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="210" y="1203" width="100" height="40" as="geometry"/>
</mxCell>
<mxCell id="15" value="define and store&lt;br&gt;TradingLevel" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="210" y="1333" width="100" height="30" as="geometry"/>
</mxCell>
<mxCell id="39" value="" style="endArrow=classic;html=1;fontSize=12;exitX=0;exitY=1;exitDx=0;exitDy=0;entryX=1;entryY=0;entryDx=0;entryDy=0;" parent="1" source="47" target="46" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="960" y="861" as="sourcePoint"/>
<mxPoint x="260" y="831" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="40" value="response with public key of Community-B as OutputData" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" parent="39" vertex="1" connectable="0">
<mxGeometry x="0.0958" y="1" relative="1" as="geometry">
<mxPoint as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="42" value="decrypt&amp;nbsp; previous received and kept community-key with given &lt;br&gt;public key" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1110" y="600" width="100" height="70" as="geometry"/>
</mxCell>
<mxCell id="43" value="" style="endArrow=none;html=1;fontSize=20;entryX=0.5;entryY=1;entryDx=0;entryDy=0;startArrow=none;" parent="1" source="44" target="42" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="1160" y="1061" as="sourcePoint"/>
<mxPoint x="1160" y="391" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="44" value="&lt;span&gt;if decrypted key matches own community key&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1110" y="670" width="100" height="50" as="geometry"/>
</mxCell>
<mxCell id="46" value="&lt;span&gt;store public key of Community-B&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="210" y="760" width="100" height="40" as="geometry"/>
</mxCell>
<mxCell id="47" value="store public key of community-A" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1110" y="720" width="100" height="40" as="geometry"/>
</mxCell>
<mxCell id="35" value="Endpoint:&amp;nbsp;&lt;br&gt;&lt;b&gt;verify&lt;br&gt;OneTimeCode&lt;br&gt;&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1110" y="510" width="100" height="50" as="geometry"/>
</mxCell>
<mxCell id="48" value="" style="endArrow=none;html=1;fontSize=20;entryX=0.5;entryY=1;entryDx=0;entryDy=0;startArrow=none;" parent="1" source="42" target="35" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="1160" y="640" as="sourcePoint"/>
<mxPoint x="1160" y="320" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="41" value="check one-time code" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1110" y="560" width="100" height="40" as="geometry"/>
</mxCell>
<mxCell id="49" value="&lt;span&gt;encrypt community-key&amp;nbsp; of community-B with own private key&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="210" y="830" width="100" height="60" as="geometry"/>
</mxCell>
<mxCell id="50" value="" style="endArrow=classic;startArrow=none;html=1;fontSize=12;exitX=1;exitY=1;exitDx=0;exitDy=0;entryX=0;entryY=0;entryDx=0;entryDy=0;startFill=0;" parent="1" target="52" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="310" y="890" as="sourcePoint"/>
<mxPoint x="970" y="890" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="51" value="request with own community key and encrypted community key of community-B as InputData" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" parent="50" vertex="1" connectable="0">
<mxGeometry x="0.1697" y="-1" relative="1" as="geometry">
<mxPoint x="-46" y="-1" as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="52" value="Service: &lt;br&gt;&lt;b&gt;open Communication&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1110" y="887" width="100" height="50" as="geometry"/>
</mxCell>
<mxCell id="53" value="" style="endArrow=none;html=1;fontSize=20;entryX=0.5;entryY=1;entryDx=0;entryDy=0;startArrow=none;" parent="1" source="18" target="11" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="1300" y="1213" as="sourcePoint"/>
<mxPoint x="1300" y="1072" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="54" value="" style="endArrow=none;dashed=1;html=1;strokeWidth=2;" parent="1" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="40" y="810" as="sourcePoint"/>
<mxPoint x="1370" y="810" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="55" value="" style="endArrow=classic;html=1;fontSize=12;exitX=0;exitY=1;exitDx=0;exitDy=0;" parent="1" source="59" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="1110" y="1200" as="sourcePoint"/>
<mxPoint x="260" y="1167" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="56" value="response with JWT-Token as OutputData" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" parent="55" vertex="1" connectable="0">
<mxGeometry x="0.0958" y="1" relative="1" as="geometry">
<mxPoint as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="57" value="search with community key the entry of community-A" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1110" y="937" width="100" height="70" as="geometry"/>
</mxCell>
<mxCell id="58" value="decrypt with public key of community-A the given encrypted community-key" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1110" y="1007" width="100" height="70" as="geometry"/>
</mxCell>
<mxCell id="59" value="&lt;span&gt;if decrypted key matches own community key generate JWT-Token&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1110" y="1077" width="100" height="90" as="geometry"/>
</mxCell>
<mxCell id="60" value="Key-Provider" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;gradientColor=#7ea6e0;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="960" y="120" width="120" height="40" as="geometry"/>
</mxCell>
<mxCell id="61" value="Token-Provider" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;gradientColor=#7ea6e0;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="1100" y="120" width="120" height="40" as="geometry"/>
</mxCell>
<mxCell id="63" value="Community-Endpoint" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;gradientColor=#7ea6e0;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="1240" y="120" width="120" height="40" as="geometry"/>
</mxCell>
<mxCell id="65" value="" style="endArrow=none;dashed=1;html=1;strokeWidth=2;" parent="1" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="40.000000000000455" y="210.00000000000045" as="sourcePoint"/>
<mxPoint x="1370" y="210.00000000000045" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="66" value="&lt;font style=&quot;font-size: 16px&quot;&gt;singular processing after community creation&lt;/font&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontStyle=1;fontSize=20;" parent="1" vertex="1">
<mxGeometry x="40" y="210" width="140" height="100" as="geometry"/>
</mxCell>
<mxCell id="67" value="&lt;font style=&quot;font-size: 16px&quot;&gt;recurrent processing to open community communication session&lt;/font&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontStyle=1;fontSize=20;" parent="1" vertex="1">
<mxGeometry x="40" y="810" width="140" height="120" as="geometry"/>
</mxCell>
<mxCell id="68" value="" style="endArrow=none;dashed=1;html=1;strokeWidth=2;" parent="1" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="40" y="1190" as="sourcePoint"/>
<mxPoint x="1370" y="1190" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="69" value="&lt;font style=&quot;font-size: 16px&quot;&gt;community communication session&lt;/font&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontStyle=1;fontSize=20;" parent="1" vertex="1">
<mxGeometry x="40" y="1190" width="140" height="80" as="geometry"/>
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>

198
docu/Concepts/BusinessRequirements/graphics/CommunityCommunication.drawio
View File

@ -1,198 +0,0 @@
<mxfile host="65bd71144e">
<diagram id="ymh7Jh5NIHEcxBqobDAe" name="Seite-1">
<mxGraphModel dx="1088" dy="800" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="2336" pageHeight="1654" math="0" shadow="0">
<root>
<mxCell id="0"/>
<mxCell id="1" parent="0"/>
<mxCell id="2" value="fachlich logischer Ablauf der Community-Communication" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontStyle=1;fontSize=20;" vertex="1" parent="1">
<mxGeometry x="40" y="10" width="810" height="30" as="geometry"/>
</mxCell>
<mxCell id="3" value="Community A" style="rounded=1;whiteSpace=wrap;html=1;fontSize=20;fillColor=#d5e8d4;gradientColor=#97d077;strokeColor=#82b366;" vertex="1" parent="1">
<mxGeometry x="40" y="80" width="120" height="60" as="geometry"/>
</mxCell>
<mxCell id="4" value="Community B" style="rounded=1;whiteSpace=wrap;html=1;fontSize=20;fillColor=#d5e8d4;gradientColor=#97d077;strokeColor=#82b366;" vertex="1" parent="1">
<mxGeometry x="800" y="80" width="120" height="60" as="geometry"/>
</mxCell>
<mxCell id="5" value="" style="endArrow=none;html=1;fontSize=20;entryX=0.5;entryY=1;entryDx=0;entryDy=0;startArrow=none;" edge="1" parent="1" source="29" target="3">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="100" y="1562" as="sourcePoint"/>
<mxPoint x="570" y="400" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="6" value="" style="endArrow=none;html=1;fontSize=20;entryX=0.5;entryY=1;entryDx=0;entryDy=0;startArrow=none;" edge="1" parent="1" source="8">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="859.5" y="1562" as="sourcePoint"/>
<mxPoint x="859.5" y="140" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="7" value="start community authentication" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="50" y="160" width="100" height="40" as="geometry"/>
</mxCell>
<mxCell id="9" value="" style="endArrow=classic;startArrow=none;html=1;fontSize=12;exitX=1;exitY=1;exitDx=0;exitDy=0;entryX=0;entryY=0;entryDx=0;entryDy=0;startFill=0;" edge="1" parent="1" source="7" target="8">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="520" y="420" as="sourcePoint"/>
<mxPoint x="570" y="370" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="10" value="request with own community key as InputData" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" vertex="1" connectable="0" parent="9">
<mxGeometry x="0.1697" y="-1" relative="1" as="geometry">
<mxPoint x="-46" y="-1" as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="12" value="" style="endArrow=classic;html=1;fontSize=12;entryX=0;entryY=0;entryDx=0;entryDy=0;exitX=1;exitY=1;exitDx=0;exitDy=0;" edge="1" parent="1" source="13" target="11">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="100" y="800" as="sourcePoint"/>
<mxPoint x="570" y="910" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="14" value="request with CommunityTO as InputData" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" vertex="1" connectable="0" parent="12">
<mxGeometry x="0.1296" relative="1" as="geometry">
<mxPoint as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="16" value="" style="endArrow=classic;html=1;fontSize=12;exitX=0;exitY=1;exitDx=0;exitDy=0;" edge="1" parent="1" source="11">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="520" y="950" as="sourcePoint"/>
<mxPoint x="100" y="850" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="17" value="response with CommunityTO as OutputData" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" vertex="1" connectable="0" parent="16">
<mxGeometry x="0.0958" y="1" relative="1" as="geometry">
<mxPoint as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="18" value="Service: &lt;br&gt;&lt;b&gt;request&lt;br&gt;TradingLevel&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="810" y="910" width="100" height="50" as="geometry"/>
</mxCell>
<mxCell id="19" value="" style="endArrow=none;html=1;fontSize=20;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" edge="1" parent="1" target="18">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="859.5" y="1562" as="sourcePoint"/>
<mxPoint x="859.5" y="140" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="20" value="" style="endArrow=classic;html=1;fontSize=12;entryX=0;entryY=0;entryDx=0;entryDy=0;exitX=1;exitY=1;exitDx=0;exitDy=0;" edge="1" parent="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="150" y="910" as="sourcePoint"/>
<mxPoint x="810" y="910" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="21" value="request with TradingLevelTO-InputData" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" vertex="1" connectable="0" parent="20">
<mxGeometry x="0.1296" relative="1" as="geometry">
<mxPoint as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="22" value="store&lt;br&gt;TradingLevel" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="810" y="970" width="100" height="30" as="geometry"/>
</mxCell>
<mxCell id="23" value="create open admin request for&lt;br&gt;TradingLevel" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="810" y="1010" width="100" height="50" as="geometry"/>
</mxCell>
<mxCell id="24" value="create open admin request for&lt;br&gt;TradingLevel" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="810" y="1070" width="100" height="50" as="geometry"/>
</mxCell>
<mxCell id="8" value="Service:&lt;br&gt;&lt;b&gt;authenticate&lt;br&gt;Community&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="810" y="200" width="100" height="40" as="geometry"/>
</mxCell>
<mxCell id="26" value="" style="endArrow=none;html=1;fontSize=20;entryX=0.5;entryY=1;entryDx=0;entryDy=0;startArrow=none;" edge="1" parent="1" source="42" target="8">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="859.9766355140187" y="650" as="sourcePoint"/>
<mxPoint x="859.5" y="140" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="27" value="if given community key&lt;br&gt;is known" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="810" y="250" width="100" height="40" as="geometry"/>
</mxCell>
<mxCell id="28" value="generate and store&lt;br&gt;one-time code" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="810" y="300" width="100" height="40" as="geometry"/>
</mxCell>
<mxCell id="29" value="encrypt community-key&amp;nbsp; of community-B with private key" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="50" y="390" width="100" height="60" as="geometry"/>
</mxCell>
<mxCell id="30" value="" style="endArrow=none;html=1;fontSize=20;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" edge="1" parent="1" target="29">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="100" y="1562" as="sourcePoint"/>
<mxPoint x="100" y="140" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="31" value="" style="endArrow=classic;html=1;fontSize=12;exitX=0;exitY=1;exitDx=0;exitDy=0;" edge="1" parent="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="810" y="339" as="sourcePoint"/>
<mxPoint x="150" y="339" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="32" value="redirect back to Community-A with one-time code" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" vertex="1" connectable="0" parent="31">
<mxGeometry x="0.0958" y="1" relative="1" as="geometry">
<mxPoint as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="33" value="" style="endArrow=classic;html=1;fontSize=12;exitX=0;exitY=1;exitDx=0;exitDy=0;" edge="1" parent="1" source="8">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="800" y="240" as="sourcePoint"/>
<mxPoint x="100" y="240" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="35" value="Endpoint:&amp;nbsp;&lt;br&gt;&lt;b&gt;verify&lt;br&gt;OneTimeCode&lt;br&gt;&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="810" y="450" width="100" height="50" as="geometry"/>
</mxCell>
<mxCell id="36" value="" style="endArrow=classic;html=1;fontSize=12;entryX=0;entryY=0;entryDx=0;entryDy=0;exitX=1;exitY=1;exitDx=0;exitDy=0;" edge="1" parent="1" target="35" source="29">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="150" y="430" as="sourcePoint"/>
<mxPoint x="570" y="540" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="37" value="request with one-time code, encrypted community key, public key as InputData" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" vertex="1" connectable="0" parent="36">
<mxGeometry x="0.1296" relative="1" as="geometry">
<mxPoint x="-93" as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="38" value="Endpoint:&lt;br&gt;&lt;b&gt;redirect URI&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="50" y="340" width="100" height="40" as="geometry"/>
</mxCell>
<mxCell id="11" value="Service: &lt;b&gt;familiarize&lt;br&gt;Community&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="810" y="800" width="100" height="50" as="geometry"/>
</mxCell>
<mxCell id="13" value="initialize CommunityTO" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="50" y="760" width="100" height="40" as="geometry"/>
</mxCell>
<mxCell id="15" value="define and store&lt;br&gt;TradingLevel" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="50" y="880" width="100" height="30" as="geometry"/>
</mxCell>
<mxCell id="39" value="" style="endArrow=classic;html=1;fontSize=12;exitX=0;exitY=1;exitDx=0;exitDy=0;entryX=1;entryY=0;entryDx=0;entryDy=0;" edge="1" parent="1" source="44" target="46">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="800" y="710" as="sourcePoint"/>
<mxPoint x="100" y="680" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="40" value="response with public key of Community-B as OutputData" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=12;" vertex="1" connectable="0" parent="39">
<mxGeometry x="0.0958" y="1" relative="1" as="geometry">
<mxPoint as="offset"/>
</mxGeometry>
</mxCell>
<mxCell id="41" value="check one-time code" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="810" y="510" width="100" height="40" as="geometry"/>
</mxCell>
<mxCell id="42" value="decrypt community-key with given &lt;br&gt;public key" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="810" y="560" width="100" height="60" as="geometry"/>
</mxCell>
<mxCell id="43" value="" style="endArrow=none;html=1;fontSize=20;entryX=0.5;entryY=1;entryDx=0;entryDy=0;startArrow=none;" edge="1" parent="1" source="44" target="42">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="860" y="910" as="sourcePoint"/>
<mxPoint x="860" y="240" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="44" value="&lt;span&gt;if decrypted key matches own community key&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="810" y="630" width="100" height="50" as="geometry"/>
</mxCell>
<mxCell id="45" value="" style="endArrow=none;html=1;fontSize=20;entryX=0.5;entryY=1;entryDx=0;entryDy=0;startArrow=none;" edge="1" parent="1" source="18" target="44">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="860" y="910" as="sourcePoint"/>
<mxPoint x="860" y="620" as="targetPoint"/>
</mxGeometry>
</mxCell>
<mxCell id="46" value="&lt;span&gt;store public key of Community-B&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="1">
<mxGeometry x="50" y="680" width="100" height="40" as="geometry"/>
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>

BIN
docu/Concepts/BusinessRequirements/image/Ablauf_Neue_Community_erstellen.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 327 KiB

After

Width:  |  Height:  |  Size: 332 KiB

BIN
docu/Concepts/BusinessRequirements/image/AuthenticateCommunityCommunication.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 202 KiB

82
docu/Concepts/TechnicalRequirements/CommunityCommunication.md
View File

@ -2,7 +2,7 @@
This document contains the detailed descriptions of the public API of a community.
## Authentication and Autorization
## Authentication/Autorization of new Community
Each public API of a community has to be authenticated and autorized before.
@ -12,34 +12,75 @@ This could be done by following the *OpenID Connect* protocoll. To fullfil these
Following the link [OpenID Connect](https://www.npmjs.com/package/openid-client) there can be found a server-side OpenID relying party implementation for node.js runtime.
The authentication of communities base on the community-attributes *key* and *URL*, which where exchanged during the *federation process* before. In concequence a community that hasn't execute his federation well will be unknown for other communities and can't be authenticated and autorized for further API calls.
The authentication of communities base on the community-attributes *key* and *URL*, which where exchanged during the *federation process* before. In concequence a community that hasn't execute his federation well will be unknown for other communities and can't be authenticated and autorized for further cross community API calls.
### Variant B:
A similar solution of authentication to variant A but without autorization can be done by using private and public key encryption. The *community creation* process will create a private and public key and store them internally. As the third step of the federation the *community communication* background process of the new community will be startet and a sequence of service invocations will exchange the necessary security data:
A similar solution of authentication to variant A but **without autorization** can be done by using private and public key encryption. The *community creation* process will create a private and public key and store them internally. As the third step of the federation the *community communication* background process of the new *community-A* will be startet and a sequence of service invocations will exchange the necessary security data:
1. the service *authenticateCommunity* sends the own community key as input data, which will be checked against the internally stored list of communities and their keys.
2. If the given key is found a one-time code is passed back to a predefined Redirect URI of the invoker community.
3. The next invocation of the new community sends the one-time code, the encrypted community-key of the receiver community, the own public key to
1. the new *community-A* encrypt the community key of the existing *community-B* with its own privat key. Then it invokes the service *authenticateCommunity* at *community-B* by sending the own community key, the encrypted community key of *community-B* and a redirect URI back to *community-A* as input data. The *community-B* will search the given community key of *community-A* in the internally stored list of communities, which are a result of the previous *federation process* collected over a different medium.
2. If in *community-B* the given community key of *community-A* is found, a generated one-time code is kept together with the given encrypted community key, till an invocation of the service verifyOneTimeCode with this one-time-code. The one-time-code is passed back to the given Redirect URI of the *community-A*.
3. *Community-A* will send with the next invocation to *community-B* the received one-time code and the own public key by requesting the service *verifyOneTimeCode* at *community-B*.
4. *Community-B* will verify the given one-time-code and if valid, decrypt the previous received and encrypted community key from step 1 of the invocation-chain by using the given public key from *community-A*. If the decrypted community-key is equals the own community key, the public key of *community-A* is stored in the entry of *community-A* of the internal community list. As response of the *verifyOneTimeCode* the *community-B* will send back his own public key to *community-A*.
5. *Community-A* will store the received public key of *community-B* in the corresponding entry of the internal community-list.
The first invocation of a cross community communication must be the service "Authenticate Community". This service will exchange the necesarry data to ensure a sufficient security level for the community communication.
The result of this invocation chain is the public key exchange of the involved communities, which is the foundation to authenticate a future cross community communication.
To reach in Variant B nearly the same security level as in Variant A each community has to integrate several components to process this invocation chain like Variant A does.
### Variant C:
like Variant B but without one-time code and direct response of public key of community B
The third Variant exchange the all necessary data directly without the step in between returning a one-time code per redirection URI:
1. the new *community-A* encrypt the community key of the existing *community-B* with its own privat key. Then it invokes the service *authenticateCommunity* at *community-B* by sending the own community key, the encrypted community key of *community-B* and its own public key as input data. The *community-B* will search the given community key of *community-A* in the internally stored list of communities, which are a result of the previous *federation process* collected over a different medium.
2. If in *community-B* the given community key of *community-A* is found and if the decryption of the given encrypted community key with the given public key is equals the own community key, the public key of *community-A* is stored in the entry of *community-A* of the internal community list. As response of the *authenticateCommunity* the *community-B* will send back his own public key to *community-A*.
3. *Community-A* will store the received public key of *community-B* in the corresponding entry of the internal community-list.
Variant C is quite similar to Variant B, but to exchange all security relevant data in a single request-response-roundtrip bears more security risks.
## Service: "Authenticate Community"
This service must be invoked at first before further cross community communication can be done.
This service must be invoked at first to exchange the security relevant data before further cross community communication can be done.
The third step of the *federation process* starts the background process for community communication. As result of the previous federation steps the new community has received from at least one existing community the URL and the community key.
To prepare the input-data for the invocation the own community key and the community key of the
After receiving the input data the service answers directly with an empty response. Then it searches for the attribute "community-key-A" in the internal community list the entry of *community-A*. If the entry of *community-A* could be found with this key, a new one-time-code is generated and stored together with the attribute "community-key-B" till the invocation of service "verifyOneTimeCode". With the given redirection URI a callback at *community-A* is invoked by sending the generated One-Time-Code back to *community-A*.
### Route:
POST https://<New_Community_URL>/authenticateCommunity
### Input-Data:
```
{
"community-key-A" : "the community-key of the new community-A"
"community-key-B" : "the community-key of the existing community-B, which was replied during the federation, encrypted by the own private key"
}
```
### Output-Data:
* none
* redirection URI: "one-time-code" : "one-time usable code as input for the service verifyOneTimeCode"
### Exceptions:
## Service: "Verify OneTimeCode"
This service must be invoked at first to exchange the security relevant data before further cross community communication can be done.
The third step of the *federation process* starts the background process for community communication. As result of the previous federation steps the new community has received from at least one existing community the URL and the community key.
To prepare the input-data for the invocation the own community key and the community key of the new community
### Route:
POST https://<New_Community_URL>/verifyOneTimeCode
### Input-Data:
```
@ -55,6 +96,27 @@ To prepare the input-data for the invocation the own community key and the commu
### Exceptions:
## Service: "open Communication"
### Route:
POST https://<New_Community_URL>/openCommunication
### Input-Data:
```
{
}
```
### Output-Data:
### Exceptions:
## Service: "Familiarize communities"
This request is used to exchange data between an existing and a new community. It will be invoked by the existing community, which received a valid *newCommunity*-Message from a new community during the federation process.