# 2024-01-15 MABS-RI+ Sequence Diagram
# 1. Create Campaign & SSO
## Pseudo Flow
- Use Form POST with jwtToken in PostBody
- MerchantAdvBooking System -- Form POST: `/user/transfer` with Body: `{"token": ${jwt}}` --> Radica System
- Details: refer to the SSO Diagram
- Transfer Endpoint API Stub: Provided by Radica Dev Team
## JWT Spec
### Header
```json
{
"alg": "RS256",
"typ": "JWT"
}
```
### Payload
```jsonc
{
"iss": "hktv-edms",
"sub": "edms-ri-sso",
"username": "mabs-merchant-user", // Created by RI+ User API
"iat": ${now_time},
"exp": ${now_time + 120s}, // 120 sec expired
}
```
- Need to put campaign id in order to open the campaign page after login?
### JWT Example
- Keys: (HKTV-EDM owned the private key)
- *RSA Public key should be given in offline at this moment*
- May consider to use jwks endpoint in the future
```
-----BEGIN RSA PRIVATE KEY-----
MIIG5AIBAAKCAYEA5AlZOzY2vfohM/k2ubdQiiSC1lZVPJdS1RkmgqLRemChXy/o
X2Sys1Yfne0mbtGrdMADMWghITHUErjXgtOM1kAIjQ/mc3+Pj4REWW7wHxoJUvGj
eLn1bxr4YOg0kCfE2cy4O6lE+5KYB220CEjg921Wb9TbWb3eJg69dp7SHRszlOhy
oewbtiqv3CCLRKyj0n1mmw14SttaqW6y43ttxzHYDAmxeCxLxcTU8m6u+dpa1QFO
rDU4tUreB8zFmHuTINqGBhuUghwtTET/cFtXNuJj2jO0a+HL7/7Iz6C7Xjhy01GG
BRCRdxqZ+6PLrGzv1/wJFnKOhaCr3s8ouYLpIXQ9YR1qvr2tJHG5HO1YS5bqSiDm
WU9tUMI6kkzh/y5QaQJ9NP3pH+lrb5JxmDzz63lWzBmiRljsRM4HQs247Xw02oMG
REKwt1V/OctMcu1vW1iSA6458oGK0cKLf0f0dDmW5+F1bYaB1ehQxZAdf/bgPB1e
lg6NEKl+EKLOZVBbAgMBAAECggGBAK5I+tsHh3VRfBkGCy6MDdFXMGxy1XiWy2c1
brp/iIz4170xl295Ph9U3ptMSoh+VYXIz2fuhwug0s5wWb6Sw1xo2mA928tAnk95
LugPoxSSSLgNGPzHW+9L9LPUJYBb9Nbl4ZUvvRptoyZiUSvXz6Er/tlAHVoMhIIf
1+yWXE6EoLrZoeth0pg7LeeXM/oL3LWexFITTHIiDrvacHzutCt/S/l/WxVW/Z6s
3nhf4fnySmPsON3jW3EsRGA/wHHXV109rUq1BknbQxcUcR8NEBD7AvV7GW8VdwBi
B/ZlOLTNKax0AV+atxzsa8GPTL15+O1HGE2Df0Ex4HvzFOetI0XRnR1ZIGTZzLIW
eIzlM9/qtncBbz8DmH6zOCpX4MxJN33TPr2OZmZiNVxjGWchvuvGHO9+wX2x4xBb
o3on3T96L27ZxgDcTi0V7nMYUZcYNIlyXuU84sGgZGXoO405U9H7G+BREHm4xpUX
6e7WeFDnzezk4owMHzJ/YY64ruu5yQKBwQD6fufO28Zflhx3T0lX9g/lyv7iVBrK
u46sE7e9WtC3xohfo9M23wD0Bt1RAsUVrVTwCcg30+ACHEX5ybXkq811e7dThiP7
wEpzxbKF2PU4NK90ZvoYR/ODFb5T+8sTsmfFAxwXZfr3Bb9bmOkY/R0mOC8+eOVs
ctyTlxMIXOLBs9hswy01/U0XketrT9QhSOXSPNlwQqmzlGTm1PCUYVi62I+Ctug8
o4WO/Sq3RXuFQE9GIhgzGriZFADMB/u4zC0CgcEA6Qwa4QWGjqmXhyivuX7VHlhH
EnMoTKVvFQFNbdBEqcxkRv2MBqICyyyC23FlTNYHmSv+T/SD77bdXjKpDJG/kDQu
/TLzYe16Qx5yA6wYWT3b0xrZj6f4isS2MW1FNA8K5MeUq5gVeAIUB96pQGzmyRJ6
ZdnvEt4zs9FQeI1EOOuq6VsD/9oDlpWQ+EppfCaxgS6HAdjycF+jJ1njMuDWfioa
TagHxZ4lKOjvfOzYzVU0VRiuSqGhSymBgm9sSPunAoHAbzX4ZHZeVAGpEa85uLud
wz+keYctfeRXKz51zLONBoo18YAiPbI0EiMaDuVT6pPRqeAt69s9ELLMvmE3SBae
WRJcCdD8GMD+TPfwkkwIUrPRUbSGRFFtYz08Cr03I7+JIoaG6jx0d0ct9dSlaFq3
nkhDcVDrSoKUO1JPON9ELQtTgrYEVHvoxhYalsISQ9TBc91gC98MyJWRVoojZTzy
z8FltXrPEFzo5tqvJD7M4BP1HgX1CHtMiWnAENVahGjhAoHBAM0MMI4yrWzSvRdX
7h1ZAi0b4RTTq+6cVLt3lOf9Kpz30HdB2TVw0OJxPIXWJRpQ6wiTU8SH0JpXHDko
e+MqThGUSI/Rh6FvMHbjz895WUcUDVmWMzyZvy5h3ChrC0u9vIkFLcM5IhKgSX2P
JP4hk4HxNy5sbVT9myIpFhOrwA4RFSUTRtaTvTp+SLqdxmhNJzsRdAplFxNWopga
F7SJbVA+vTv8jzIKbomrQiR5xFwODuicuaXCxsb6MxBP90fT2wKBwHrhFecM2F4L
i0fp2L+o1WdrabLLRVFJdGOkrftbvKtHSx816wUZxbGfqAaCYqgvWQ0MVdqOMgH6
kaQf2Uw8SDVcrKBDFZNzbP0bAKyi9UwwmOAQnaXRGbmQU8M1tErQ3Y5uMylO6414
PHH4wgAkF1pwxahhvgIGhEAXH2BrLPYSsX9opbObYiKClVlNPWqQVZc+sU0o1VbR
BN7YCB849nzeKmwfmhUEJRx8ZTlxHSK26i74VeyFakCCLFi8qk4P1w==
-----END RSA PRIVATE KEY-----
```
- JWT generated by above key:
```
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJoa3R2LWVkbXMiLCJzdWIiOiJlZG1zLXJpLXNzbyIsInVzZXJuYW1lIjoibWFicy1tZXJjaGFudC11c2VyIiwiaWF0IjoxNzA1MzkzOTkxLCJleHAiOjE3MDUzOTQxMTEsImFjY2Vzc190b2tlbiI6Inh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4In0.GFwSOA9Kwtsoc3PaAIer1wfbbOSIH-Arem-2TfR-7Dclo3P0WKtfEqSsilenX0GozDNJHFFoFNTViPCPb0Dyx1CSy2YxYCIDlO8NOaq6bb3RIXAYxLkWaqQu9J5DVoWXuf9YWzwNDXM4TQm6cuuWAcKR2ML20ot4WGziKhY4Ab85UdwCrSMgE2tps2Bs0bZzHxCtIyiVT5eWzpDW9j5qCnawpNhAvbpaGMjhvi1tcWuThs268eub7vHDpKfDPsNmBR74aJYSA4qu_R6s2KFJJzBg7PuKp0qoVnjq9I-ifC9VNXVQfq5ltx_9-gh7sUDugELAZpJJWXgOytJNH2XG2gE5Nk-hBNYAUPzGRvXc8U1qPzp-VtTOFdsnoTFQiOwejk8YGZ-M0Xf2pHVGZ92Ane0s_CvbgpyXso5I3ghXyLl3MqDppXUTnQTSJjf-stNqq5d_vp_0BsSeOPMEqFj_Gei1OwFcdfmnERpWVijP5R5MVQ9d1yNfED8NLHA_mQML
```
## Flow Diagram (Merchant: Create User & SSO Login)
```mermaid
sequenceDiagram
box green HKTV
participant HKTV-MABS Web
participant HKTV-MABS
participant HKTV-EDM
end
box blue Radica
participant RADICA-RI
participant RADICA-RI Web
end
rect rgb(100,100,100)
note right of HKTV-MABS Web: Create a EDM Booking
HKTV-MABS Web ->> HKTV-MABS: Create EDM Booking
HKTV-MABS ->>+ HKTV-EDM: Request Create Campaign <br/> by User & StoreCode & RefId
note over HKTV-EDM: Check if Radica Division exists for Store
alt is Division NotExist
HKTV-EDM ->>+ RADICA-RI: Create Division
RADICA-RI ->>- HKTV-EDM: Return Division
end
note over HKTV-EDM: Check if Radica User Account exists for Merchant
alt is User NotExist
HKTV-EDM ->>+ RADICA-RI: Create User
RADICA-RI ->>- HKTV-EDM: Return User
end
note over HKTV-EDM: Check if Radica User Account is Under Division
alt is User NotUnderDivision
HKTV-EDM ->>+ RADICA-RI: Update User Division
RADICA-RI ->>- HKTV-EDM: Return User
end
HKTV-EDM ->>+ RADICA-RI: Create Campaign <br/> by (Division=StoreCode & RefId)
RADICA-RI ->>- HKTV-EDM: Return CampaignId
note left of HKTV-EDM: Store CampaignInfo By StoreCode & RefId
HKTV-EDM ->>- HKTV-MABS: Return booking success
HKTV-MABS ->> HKTV-MABS Web: Display Button for Editing / Viewing Campaign in Radica
end
rect rgb(0,100,100)
note right of HKTV-MABS Web: SSO to RI+ Web
HKTV-MABS Web ->>+ HKTV-MABS: Press create EDM Template Button <br/> or View Ad Job Status
HKTV-MABS ->>+ HKTV-EDM: Request JWT Token to access RI+ (User + RefId)
HKTV-EDM ->>- HKTV-MABS: Return JWT
HKTV-MABS ->>- HKTV-MABS Web: Return JWT to Client
HKTV-MABS Web ->>+ RADICA-RI Web: POST: /user/transfer Body: {token: ${jwt}}
RADICA-RI Web ->>+ RADICA-RI: Verify Token Signature
RADICA-RI ->>- RADICA-RI Web: Return User Info & User Session
note left of RADICA-RI Web: Merchant create their own EDM Template <br/> or View Campaign Status
end
```
# 2. Admin SSO
## Sequence Diagram
```mermaid
sequenceDiagram
box green HKTV
participant HKTV-MABS Web
participant HKTV-MABS
participant HKTV-EDM
end
box blue Radica
participant RADICA-RI
participant RADICA-RI Web
end
rect rgb(100,100,100)
note right of HKTV-MABS Web: Admin Login
HKTV-MABS Web->>+HKTV-MABS: Admin clicks SSO
HKTV-MABS->>+HKTV-EDM: Request JWT Token to access RI+ <br/> (User)
note over HKTV-EDM: Check if User Account exists for Admin
alt is User NotExist
HKTV-EDM ->>+ RADICA-RI: Create User (is_all_division=true)
RADICA-RI ->>- HKTV-EDM: Return User
end
HKTV-EDM ->>- HKTV-MABS: Return JWT
HKTV-MABS ->>- HKTV-MABS Web: Return JWT to Client
HKTV-MABS Web ->>+ RADICA-RI Web: POST: /user/transfer Body: {token: ${jwt}}
RADICA-RI Web ->>+ RADICA-RI: Verify Token Signature
RADICA-RI ->>- RADICA-RI Web: Return User Info & User Session
note left of RADICA-RI Web: Admin Approve EDM Campaigns <br/> or View Campaign Status
end
```
# 3. Sync email list (i.e. customer group)
## Sequence Diagram
```mermaid
sequenceDiagram
box green HKTV
participant HKTV-EDM
participant HKTV-datalake
end
box blue Radica
participant RADICA-RI
end
rect rgb(100,100,100)
note right of HKTV-EDM: Get Email list
HKTV-EDM->>+HKTV-datalake: Request email list by customer group table_uuid
HKTV-datalake->>-HKTV-EDM: Return email list by RabbitMQ <br/> (excluded opt-out emails)
HKTV-EDM->>+RADICA-RI: POST contact list
end
```
Sign in with Wallet
Connect another wallet