josso_auth.puml

@startuml
actor browser
participant geosamples as "app\n.geosamples\n.org"
participant geopass as "geopass\n.iedadata\n.org"
browser -> geosamples: [1] login.php
geosamples --> browser: 200
browser -> browser: Click button

browser -> geosamples: [2] /geopass_auth.php
note left of geosamples: No user session.\n\nRedirect to https://geopass.iedadata.org/\n josso/signon/login.do?\n josso_back_to=\n  https://app.geosamples.org/\n  geopass/josso-security-check.php\n &josso_partnerapp_host=app.geosamples.org
geosamples --> browser: 302 -> geopass.iedadata.org

browser -> geopass: [3] /josso/sigon/login.do
note left of geopass: Redirect to:\n/josso/
geopass --> browser: 302 -> /josso/

browser -> geopass: [4] /josso/
geopass --> browser: 200
browser -> browser: Enter Credentials

browser -> geopass: [5] usernamePasswordLogin.do
activate geopass
note left of geopass: Redirect to:\nhttps://app.geosamples.org\n/geopass/josso-security-check.php\n?josso_assertion_id=C382BAEDF066XXX
geopass --> browser: 302 -> josso-security-check.php

browser -> geosamples: [6] /geopass/josso-security-check.php
activate geosamples
geosamples -> geopass: SOAP call
note left of geopass: Verify the josso_assertion_id
geopass --> geosamples: 200
deactivate geopass
note left of geosamples: Redirect to:\nhttps://app.geosamples.org/\n geopass_auth.php\n ?redirect_uri=geopass_auth.php\nSet Cookie: JOSSO_SESSION_ID
geosamples --> browser: 302 -> [7] /geopass_auth.php
browser -> geosamples: geopass_auth.php
note left of geosamples: User session available.\n\nRedirect to requested resource.
geosamples --> browser: 302 -> /index.php
browser -> geosamples: [8] /index.php
geosamples --> browser: 200
@enduml