Skip to main content

RTAS

Deep Dive Explanation

Sequence Diagram

Deep dive into the implementation of the RTAS.

Transaction diagram with RTAS - Fig. 1

  1. To create a new transaction the Client's Application starts by calling the Application's Backend, in which the TF Cloud Services are called.
  2. Right after the transaction is created, two requests are made to the RTAS Backend Service: one to get a RTAS Token used by the Client's Application to connect to the SignalR Server and another request to inform the RTAS services that a transaction has been created.
  3. After the Application's Backend gets the transaction created response, a WebUI with custom JavaScript injection is loaded with the RTAS URL and Token to create the RTAS client.
  4. The custom JavaScript will establish a web socket connection with the SignalR Server using the SecuritySide's RTAS JavaScript library.
  5. Once the connection is established a ConnectionEstablished event is sent to the RTAS client.
  6. Right after the connection established event is received, a TransactionCreatedEvent is sent to the RTAS client, as the SignalR Server has a cache for the last event.
  7. Even if the event is sent earlier than the connection, the user still receives the event.
  8. In the meantime the user accepts the transaction on the TF Agent, which triggers a callback to the Application's Backend services from the TF Cloud services.
  9. The Application's Backend then sends a request to the RTAS Backend services to inform that the transaction was decided.
  10. The SignalR Server then informs the connected users with the token used earlier that the transaction was decided with a TransactionDecidedEvent event.

Infrastructure

Polling Infrastructure

Infrastructure diagram with RTAS - Fig. 2

RTAS integration with Mobile Apps

On native mobile applications RTAS can be implemented by using the SecuritySide's RTAS JavaScript library. Both iOS and Android support mechanisms to bridge JavaScript to native code meaning that the RTAS library's callbacks can be mapped to native code implementations. The reason JavaScript is used is that SecuritySide's RTAS library takes advantage of the Microsoft's official SignalR implementation in order to reduce inconsistencies between the server and client, also our JavaScript library has been widely used by our clients translating in a high level of confidence of its sturdiness.

Explaining JavaScript injection

JavaScript injection refers to the practice of evaluating JavaScript programs from within the native code and/or inserting JavaScript objects into the JavaScript environment.

Some precautions to keep in mind when using JavaScript injection are:

  • Security
    • Authorization: Ensure that only authorized personnel or processes can inject JavaScript into your app's content to prevent unauthorized changes.
  • Performance:
    • Minimize Impact: Be mindful of the performance impact of injected JavaScript code. Ensure that your code is efficient and doesn't degrade the user experience.
  • Documentation
    • Usage guidelines: Provide clear and detailed documentation on how to use the JavaScript injection feature.