-
+# Proposed changes
+
+The architecture of the initial implementation needs to be re-factored to with give better Model, View, Controller separation, allowing for:
+
+- more ways of interacting with the server than the ID Selector App and Web Provisioning;
+- different storage strategies;
+- ease of maintenance.
+
+## Overview
+
+This diagram shows the proposed new architecture.
+
+
+The re-factored Moonshot Client software will have the following components:
+
+*_identity-server_* shared library offering C and Vala APIs.
+
+- provides Create / Read / Update / Delete functionality for IDs
+- is the only means of accessing the identity-storage-server
+- includes the server functionality initially implemented in UI
+
+*_identity-storage-server_* encapsulates the Identity Store in a shared library offering a CRUD API to access the store.
+
+- protects the store from multiple concurrent write access
+- re-implemented per platform and per storage strategy so
+
+-- one version each for Linux, Mac OS and Windows, local storage. DBus provides an appropriate mechanism under Linux and Mac OSX for protecting the store from multiple concurrent write access. It is not supported on Windows, so the Windows implementation will use a different mechanism.
+-- one version for web storage, restful API. (Not in scope for this iteration).
+-- other versions as required for different storage solutions (Not in scope for this iteration).
+
+*_identity-provisioning_* - not currently implemented. Provides CRUD operations via (for now) .msht and XML files, and via command line. Implemented in portable code as far as possible. Uses *_identity-server_*. Consists of
+
+- *_identity-provisioning-file-handler_* - processes .msht (and XML and/or json, and maybe other format) files for file-based provisioning operations. Currently implemented as *_moonshot-webp_*, allowing only install access. Should also allow uninstall/revoke access.
+- *_identity-provisioning-cli-handler_* - provides a command line API to identity CRUD functions
+
+All of the components will be implemented in Vala. The shared libraries will be built with the -H option to enable access from C code, and introspection generated to allow use from other languages..
+
+## _identity-server_ detail
+
+Implemented as a shared library in Vala.
+
+Replaces the libmoonshot component from the initial implementation.
+
+Owns the public APIs for accessing the Identity Store (rather than exposing APIs provided via DBus by moonshot-ui).
+
+Provides new APIs needed by moonshot-ui to manage identities (e.g. CreateNewIdCard(), UpdateIdCard(), DeleteIdCard()) as well as the existing APIs provided by lib-moonshot (getIdentity(), GetDefaultIdentity(), InstallId_card()).
+
+Uses the APIs provided by the *_identity-storage-server_* component (_-dbus-local-storage-server_ on Linux and Mac, _-windows-local-storage-server_ on Windows).
+
+Uses GTK widgets for simple input from User.
+
+## _moonshout-ui_ detail
+
+This is now just an App for managing Identities. It's *only* function is to allows a User to manage Identities and Services.
+
+It no longer owns the IdentityStore.
+
+It no longer *provides* APIs (via DBus) for use by others via libmoonshot.
+
+Instead, it *uses* APIs provided by libmoonshot.
+
+Implemented in Vala using GTK widgets.
+
+## _identity-provisioning_ detail
+
+The *_identity-provisioning-file-handler_* component replaces the moonshot-webp component. It provides the same InstallIdentityCard() functionality as the moonshot-webp component in the initial implementation, as well as new functions to uninstall and revoke identities. It has no UI - any interaction with the User is done when the file is processed by the *_identity-server_*
+
+The *_identity-provisioning-cli-handler_* component is not part of the current iteration. In a future iterations it is intended to provide via the command line the same functionality as *_identity-provisioning-file-handler_* provides via files.
+
+## Use Case Implementation
+
+The re-factored software is designed to implement the following use cases that were part of the first iteration:
+
+1. User installs and identity by clicking on a .msht file downloaded from the Web
+1. User creates and installs an identity card using the UI
+1. User modifies an existing identity card using the UI
+1. User deletes an existing identity card using the UI
+
+It is designed to extend the above Uses cases as follows:
+
+1. User can install .msht files when attached to emails
+1. User can use .msht files can be used to delete or revoke identities
+1. User can create, view, update and delete installed identities via the command line
+1. User can create, view, update and delete installed identities using a script file
+
+Not all of these will be implemented in the current phase, but the software will be implemented in a way that facilitates their implementation if future phases.
projects / devwiki.git / commitdiff