remove the plantuml

Author: stevehu

404.html

@@ -173,6 +173,22 @@ <h1 id="document-not-found-404"><a class="header" href="#document-not-found-404"
 
         </div>
 
+        <!-- Livereload script (if served using the cli tool) -->
+        <script>
+            const wsProtocol = location.protocol === 'https:' ? 'wss:' : 'ws:';
+            const wsAddress = wsProtocol + "//" + location.host + "/" + "__livereload";
+            const socket = new WebSocket(wsAddress);
+            socket.onmessage = function (event) {
+                if (event.data === "reload") {
+                    socket.close();
+                    location.reload();
+                }
+            };
+
+            window.onbeforeunload = function() {
+                socket.close();
+            }
+        </script>
 
 
 

architecture.html

@@ -183,6 +183,22 @@ <h1 id="architecture"><a class="header" href="#architecture">Architecture</a></h
 
         </div>
 
+        <!-- Livereload script (if served using the cli tool) -->
+        <script>
+            const wsProtocol = location.protocol === 'https:' ? 'wss:' : 'ws:';
+            const wsAddress = wsProtocol + "//" + location.host + "/" + "__livereload";
+            const socket = new WebSocket(wsAddress);
+            socket.onmessage = function (event) {
+                if (event.data === "reload") {
+                    socket.close();
+                    location.reload();
+                }
+            };
+
+            window.onbeforeunload = function() {
+                socket.close();
+            }
+        </script>
 
 
 

chapter_1.html

@@ -177,6 +177,22 @@ <h1 id="chapter-1"><a class="header" href="#chapter-1">Chapter 1</a></h1>
 
         </div>
 
+        <!-- Livereload script (if served using the cli tool) -->
+        <script>
+            const wsProtocol = location.protocol === 'https:' ? 'wss:' : 'ws:';
+            const wsAddress = wsProtocol + "//" + location.host + "/" + "__livereload";
+            const socket = new WebSocket(wsAddress);
+            socket.onmessage = function (event) {
+                if (event.data === "reload") {
+                    socket.close();
+                    location.reload();
+                }
+            };
+
+            window.onbeforeunload = function() {
+                socket.close();
+            }
+        </script>
 
 
 

design.html

@@ -185,6 +185,22 @@ <h1 id="design"><a class="header" href="#design">Design</a></h1>
 
         </div>
 
+        <!-- Livereload script (if served using the cli tool) -->
+        <script>
+            const wsProtocol = location.protocol === 'https:' ? 'wss:' : 'ws:';
+            const wsAddress = wsProtocol + "//" + location.host + "/" + "__livereload";
+            const socket = new WebSocket(wsAddress);
+            socket.onmessage = function (event) {
+                if (event.data === "reload") {
+                    socket.close();
+                    location.reload();
+                }
+            };
+
+            window.onbeforeunload = function() {
+                socket.close();
+            }
+        </script>
 
 
 

design/authentication-authorization.html

@@ -156,46 +156,6 @@ <h1 id="authentication--authorization"><a class="header" href="#authentication--
 <p>Light-Portal is a single-page application (SPA) that utilizes both the OAuth 2.0 Authorization Code and Client Credentials flows.</p>
 <p>The following pattern illustrates the end-to-end process recommended by the Light Platform for an SPA interacting with downstream APIs.</p>
 <h3 id="sequence-diagram"><a class="header" href="#sequence-diagram">Sequence Diagram</a></h3>
-<p>The following is the raw data that can be used to render the diagram in http://www.plantuml.com</p>
-<pre><code class="language-plantuml">@startuml
-participant "Portal View" as PortalView
-participant "Login View" as LoginView
-participant "Light Gateway" as Gateway
-participant "OAuth-Kafka" as OAuthKafka
-participant "Auth Service" as AuthService
-participant "Proxy Sidecar" as ProxySidecar
-participant "Backend API" as BackendAPI
-
-PortalView -&gt; LoginView: 1. Signin redirect
-LoginView -&gt; OAuthKafka: 2. Authenticate user
-OAuthKafka -&gt; AuthService: 3. Authenticate User\n (Active Directory\n for Employees)\n (CIF System\n for Customers)
-AuthService -&gt; OAuthKafka: 4. Authenticated
-OAuthKafka -&gt; OAuthKafka: 5. Generate auth code
-OAuthKafka -&gt; PortalView: 6. Redirect with code
-PortalView -&gt; Gateway: 7. Authorization URL \n with code param
-Gateway -&gt; OAuthKafka: 8. Create JWT access \n token with code
-OAuthKafka -&gt; OAuthKafka: 9. Generate JWT \n access token \n with user claims
-OAuthKafka -&gt; Gateway: 10. Token returns \n to Gateway
-Gateway -&gt; PortalView: 11. Token returns \n to Portal View \n in Secure Cookie
-PortalView -&gt; Gateway: 12. Call Backend API
-Gateway -&gt; Gateway: 13. Verify the token
-Gateway -&gt; OAuthKafka: 14. Create Client \n Credentials token
-OAuthKafka -&gt; OAuthKafka: 15. Generate Token \n with Scopes
-OAuthKafka -&gt; Gateway: 16. Return the \n scope token
-Gateway -&gt; Gateway: 17. Add scope \n token to \n X-Scope-Token \nHeader
-Gateway -&gt; ProxySidecar: 18. Invoke API
-ProxySidecar -&gt; ProxySidecar: 19. Verify \n Authorization \ntoken
-ProxySidecar -&gt; ProxySidecar: 20. Verify \n X-Scope-Token
-ProxySidecar -&gt; ProxySidecar: 21. Fine-Grained \n Authorization
-ProxySidecar -&gt; BackendAPI: 22. Invoke \n business API
-BackendAPI -&gt; ProxySidecar: 23. Business API \n response
-ProxySidecar -&gt; ProxySidecar: 24. Fine-Grained \n response filter
-ProxySidecar -&gt; Gateway: 25. Return response
-Gateway -&gt; PortalView: 26. Return response
-
-@enduml
-</code></pre>
-<p>Mermaid</p>
 <pre class="mermaid">sequenceDiagram
     participant PortalView as Portal View
     participant LoginView as Login View
@@ -233,7 +193,6 @@ <h3 id="sequence-diagram"><a class="header" href="#sequence-diagram">Sequence Di
     Gateway -&gt;&gt; PortalView: 26. Return response
 
 </pre>
-<p><img src="authentication-sequence.png" alt="Sequence Diagram" /></p>
 <ol>
 <li>
 <p>When a user visits the website to access the single-page application (SPA), the Light Gateway serves the SPA to the user's browser. Each single page application will have a dedicated Light Gateway instance acts as a BFF. By default, the user is not logged in and can only access limited site features. To unlock additional features, the user can click the <code>User</code> button in the header and select the <code>Sign In</code> menu. This action redirects the browser from the Portal View to the Login View, both served by the same Light Gateway instance.</p>
@@ -344,6 +303,22 @@ <h3 id="sequence-diagram"><a class="header" href="#sequence-diagram">Sequence Di
 
         </div>
 
+        <!-- Livereload script (if served using the cli tool) -->
+        <script>
+            const wsProtocol = location.protocol === 'https:' ? 'wss:' : 'ws:';
+            const wsAddress = wsProtocol + "//" + location.host + "/" + "__livereload";
+            const socket = new WebSocket(wsAddress);
+            socket.onmessage = function (event) {
+                if (event.data === "reload") {
+                    socket.close();
+                    location.reload();
+                }
+            };
+
+            window.onbeforeunload = function() {
+                socket.close();
+            }
+        </script>
 
 
 

design/authentication-sequence.png

@@ -236,7 +236,7 @@ <h2 id="standard-models-for-implementing-fga"><a class="header" href="#standard-
 </ul>
 <p>Each of these models offers different strengths and may be more suitable for different scenarios. FGA allows for fine grained control over access, enabling organizations to enforce highly specific access policies tailored to their requirements.</p>
 <h2 id="streamlining-fga-by-implementing-rule-based-access-control"><a class="header" href="#streamlining-fga-by-implementing-rule-based-access-control">Streamlining FGA by Implementing Rule-Based Access Control:</a></h2>
-<p>ABAC (Attribute-Based Access Control) focuses on data attributes, PBAC (Policy-Based Access Control) centers on logic, and ReBAC (Relationship-Based Access Control) emphasizes relationships between users and resources. But what if we combined all three to leverage the strengths of each? This is the idea behind <strong>Rule-Based Access Control (RBAC)</strong>.</p>
+<p>ABAC (Attribute-Based Access Control) focuses on data attributes, PBAC (Policy-Based Access Control) centers on logic, and ReBAC (Relationship-Based Access Control) emphasizes relationships between users and resources. But what if we combined all three to leverage the strengths of each? This is the idea behind <strong>Rule-Based Access Control (RuBAC)</strong>.</p>
 <p>By embedding a lightweight rule engine, we can integrate multiple rules and actions to achieve the following:</p>
 <ul>
 <li>
@@ -279,6 +279,22 @@ <h2 id="streamlining-fga-by-implementing-rule-based-access-control"><a class="he
 
         </div>
 
+        <!-- Livereload script (if served using the cli tool) -->
+        <script>
+            const wsProtocol = location.protocol === 'https:' ? 'wss:' : 'ws:';
+            const wsAddress = wsProtocol + "//" + location.host + "/" + "__livereload";
+            const socket = new WebSocket(wsAddress);
+            socket.onmessage = function (event) {
+                if (event.data === "reload") {
+                    socket.close();
+                    location.reload();
+                }
+            };
+
+            window.onbeforeunload = function() {
+                socket.close();
+            }
+        </script>
 
 
 

design/fine-grained-authorization.html

@@ -215,6 +215,22 @@ <h3 id="table-structure"><a class="header" href="#table-structure">Table Structu
 
         </div>
 
+        <!-- Livereload script (if served using the cli tool) -->
+        <script>
+            const wsProtocol = location.protocol === 'https:' ? 'wss:' : 'ws:';
+            const wsAddress = wsProtocol + "//" + location.host + "/" + "__livereload";
+            const socket = new WebSocket(wsAddress);
+            socket.onmessage = function (event) {
+                if (event.data === "reload") {
+                    socket.close();
+                    location.reload();
+                }
+            };
+
+            window.onbeforeunload = function() {
+                socket.close();
+            }
+        </script>
 
 
 

design/json-schema-registry.html

@@ -183,6 +183,22 @@ <h1 id="light-controller"><a class="header" href="#light-controller">Light Contr
 
         </div>
 
+        <!-- Livereload script (if served using the cli tool) -->
+        <script>
+            const wsProtocol = location.protocol === 'https:' ? 'wss:' : 'ws:';
+            const wsAddress = wsProtocol + "//" + location.host + "/" + "__livereload";
+            const socket = new WebSocket(wsAddress);
+            socket.onmessage = function (event) {
+                if (event.data === "reload") {
+                    socket.close();
+                    location.reload();
+                }
+            };
+
+            window.onbeforeunload = function() {
+                socket.close();
+            }
+        </script>
 
 
 

design/light-controller.html

@@ -183,6 +183,22 @@ <h1 id="yaml-rule-registry"><a class="header" href="#yaml-rule-registry">YAML Ru
 
         </div>
 
+        <!-- Livereload script (if served using the cli tool) -->
+        <script>
+            const wsProtocol = location.protocol === 'https:' ? 'wss:' : 'ws:';
+            const wsAddress = wsProtocol + "//" + location.host + "/" + "__livereload";
+            const socket = new WebSocket(wsAddress);
+            socket.onmessage = function (event) {
+                if (event.data === "reload") {
+                    socket.close();
+                    location.reload();
+                }
+            };
+
+            window.onbeforeunload = function() {
+                socket.close();
+            }
+        </script>