current-docu/Dabory-SequenceDiagram/GateToken-AppKey-old-version/provider-reciever-webapp-service.uml

title "How to Create GateToken for Api23 Service

boundary ReceiverApp as rec_page

boundary Api23Service as api23
entity ProvBackend as prov_back
database ProvDB as prov_db
database MemoryDB as bunt_db
entity SsoServer as sso_svr

autonumber

rec_page->api23: request /api23-webapp\n(Api23Key)@Htm header, \n Json in htm body

activate api23

api23->api23: get ClientId #SysVars
api23->prov_back: request\n/gate-token-get \n %ClientId, BB64, %json & \n( Referer, Api23Key ) @htmHeader

activate prov_back
prov_back->sso_svr: request /key-pair-get % ClientID
activate sso_svr
sso_svr->prov_back: respond KeyPair
deactivate sso_svr

prov_db->prov_back: get Api23eKeyPair@setup table
prov_back->prov_back: extract Api23KeyPair \n $Api23eKeyPair, KeyPair
prov_back->prov_back: decrypt Api23Key %Api23KeyPair \n #(ClientId, RecUrl, SsoSubId)

note over prov_back
[if not]
ClientId@HtmHeader = ClientId
Referer@HtmHeader = RecUrl
end note
prov_back->api23: response Failure
note over prov_back: [else]

prov_back->prov_back: get GateToken, GTB %BB23, KeyPair 
prov_back->bunt_db: save GateToken and GateTokenInfo

note over prov_back: [receiver_type=app]
prov_back->api23: response OK \nwith GateToken

deactivate prov_back
api23->rec_page: response OK \nwith GateToken, ApiUrl

deactivate api23