Skip to content

Commit e434611

Browse files
iinuwaiinuwa
committed
docs: Address architecture guide feedback
1 parent c697508 commit e434611

File tree

1 file changed

+20
-7
lines changed

1 file changed

+20
-7
lines changed

ARCHITECTURE.md

Lines changed: 20 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -17,12 +17,18 @@ Controler and UI Controller work together to guide the user through the
1717
process of selecting an appropriate credential based on the request received by
1818
the Gateway.
1919

20-
The **UI Control API** is used to launch a UI for the user to respond to
21-
authenticator requests for user interaction. The **Flow Controller** mediates
22-
authenticator requests for user interaction. The UI Controller and Flow
23-
Controller pass user interaction request and action messages back and forth
24-
until the authenticator releases the credential. Then, the Flow Controller
25-
sends the credential to the Gateway, which relays the credential to the client.
20+
The **UI Controller** is used to launch a UI for the user to respond to
21+
authenticator requests for user interaction. The **Flow Controller** interacts
22+
with the OS and hardware, like detecting available transports and
23+
authenticators. It then relays the information needed for the UI to guide the
24+
user through the authentication flow, like prompts for a user to enter their PIN
25+
or touch the device. The UI Controller takes user input and responds back to the
26+
Flow Controller.
27+
28+
The UI Controller and Flow Controller pass user interaction request and action
29+
messages back and forth until the authenticator releases the credential. Then,
30+
the Flow Controller sends the credential to the Gateway, which relays the
31+
credential to the client.
2632

2733
Here is a diagram of the intended usage and interactions between the APIs.
2834

@@ -110,10 +116,17 @@ they do not live in `credentialsd-common`).
110116

111117
### `credentialsd/src/webauthn.rs`
112118

113-
Types and functions to deal with WebAuthn data.
119+
Types and functions needed to repackage requests from and responses to
120+
JSON-strings according to the [WebAuthn spec](webauthn-3). With one notable
121+
deviation from the spec: Since we use JSON strings for requests and responses,
122+
raw binary fields need to be base64url-encoded strings. It is the
123+
responsibility of the application using this service to de/construct the field
124+
accordingly.
114125

115126
Re-exports many types from `libwebauthn`.
116127

128+
[webauthn-3]: https://www.w3.org/TR/webauthn-3
129+
117130
### `credentialsd/tests`
118131

119132
The `tests/` directory contains a setup for integration tests, allowing

0 commit comments

Comments
 (0)