Versions Compared

Old Version 1

changes.mady.by.user Dmytro Omelchenko (SoE eHealth)

Saved on

compared with

New Version Current

changes.mady.by.user Dmytro Omelchenko (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Оновлено посилання на Apiary.

...

This WS designed to create authentication method request for Patient

Specification

Apiary

Authorization

  • Verify the validity of access token

    • Return (401, 'Invalid access token') in case of validation fails

  • Verify that token is not expired

    • in case of error - return (401, 'Invalid access token')

  • Check user scopes in order to perform this action (scope = 'authentication_method_request:write_pis')

    • Return (403, 'Your scope does not allow to access this resource. Missing allowances: 'authentication_method_request:write_pis') in case of invalid scope(s)

  • Check that token contains person_id

    • in case of error - return (401, 'Invalid access token')

...

  • If equals - check that person must not be authorized by confidant person, so it doesn’t correspond to following rules:

    • persons age < no_self_registration_age global parameter;

    • persons age between no_self_registration_age and person_full_legal_capacity_age global parameters and person does not have document with type from PIS_PERSON_LEGAL_CAPACITY_DOCUMENT_TYPES config parameter;

    • persons age > person_full_legal_capacity_age global parameter and exists at least one active and approved confidant person relationship for person (using following process /wiki/spaces/PCAB/pages/17415995422 Check confidant person relationship with person_id = person from request - expected :ok, :approved response)

      • In case of error - return 409 (‘Only THIRD_PERSON authentication method is allowed')

  • If not equal -

    • error - return 409 (‘Only THIRD_PERSON authentication method is allowed’)

...

  1. Create authentication method request in il.authentication_method_request with

    • status = NEW

    • action = INSERT

    • authentication_method = $authentication_method

    • authentication_method_current =

    • authentication_method_id = $authentication_method_id

    • channel = PIS

  2. If OTP verification needed

    • Invoke Initialize OTP to generate one-time password and send it to the client number.

    • Search requests where person_id = person.id and authentication_method_requests.status = NEW, then

    • Change the status of all found authentication_method_requests to CANCELED.

    • then Approve Person authentication method request

  3. If OTP verification is not needed

    • Search requests where person_id = person.id and authentication_method_requests.status = NEW, then

    • Change the status of all found authentication_method_requests to CANCELED.

    • Update mpi.person_authentication_methods

      • person’s auth method that was before becomes inactive - set ended_at = now() (Get current date-time) and is_active = false

      • set new auth_method in person_auth_methods. Set fields - type,phone_numer, alias(if it is in request)

    • Update authentication method request

      • Change entity status in il.authentication_method_request to COMPLETED

      • Set updated_at - now() (Get current date-time)

  4. Render response according to specification.