Skip to main content

How it works

Sequence Diagram

Deep dive into the implementation of the RTAS.

Transaction diagram with RTAS - Fig. 1

  1. To create a new transaction the Client's Application starts by calling the Application's Backend, in which the TF Cloud Services are called.
  2. Right after the transaction is created, two requests are made to the RTAS Backend Service: one to get a RTAS Token used by the Client's Application to connect to the SignalR Server and another request to inform the RTAS services that a transaction has been created.
  3. After the Application's Backend gets the transaction created response, a WebUI with custom JavaScript injection is loaded with the RTAS URL and Token to create the RTAS client.
  4. The custom JavaScript will establish a web socket connection with the SignalR Server using the SecuritySide's RTAS JavaScript library.
  5. Once the connection is established a ConnectionEstablished event is sent to the RTAS client.
  6. Right after the connection established event is received, a TransactionCreatedEvent is sent to the RTAS client, as the SignalR Server has a cache for the last event.
  7. Even if the event is sent earlier than the connection, the user still receives the event.
  8. In the meantime the user accepts the transaction on the TF Agent, which triggers a callback to the Application's Backend services from the TF Cloud services.
  9. The Application's Backend then sends a request to the RTAS Backend services to inform that the transaction was decided.
  10. The SignalR Server then informs the connected users with the token used earlier that the transaction was decided with a TransactionDecidedEvent event.

Infrastructure

Polling Infrastructure

Infrastructure diagram with RTAS - Fig. 2

Integration with Web and Mobile Apps

To integrate with web and mobile apps, you will need to use one of the SecuritySide JavaScript libraries. These libraries are responsible for connecting to the SignalR Server and handling events, exposing only callbacks to simplify the integration process.

This JavaScript library leverages Microsoft's official SignalR implementation, which helps minimize inconsistencies between the server and client. Additionally, the widespread usage of our JavaScript library by clients has established a high level of confidence in its robustness.

Integration with Mobile Apps

For mobile apps, the integration should be done via a WebView that imports the JavaScript library. Then, the callbacks are mapped to the native code of the app.

With this approach, we ensure that both web and mobile applications can benefit from the efficiency and reliability of our JavaScript libraries, providing a consistent and robust experience.

Explaining JavaScript injection

JavaScript injection refers to the practice of evaluating JavaScript programs from within the native code and/or inserting JavaScript objects into the JavaScript environment.

Some precautions to keep in mind when using JavaScript injection are:

  • Security
    • Authorization: Ensure that only authorized personnel or processes can inject JavaScript into your app's content to prevent unauthorized changes.
  • Performance:
    • Minimize Impact: Be mindful of the performance impact of injected JavaScript code. Ensure that your code is efficient and doesn't degrade the user experience.
  • Documentation
    • Usage guidelines: Provide clear and detailed documentation on how to use the JavaScript injection feature.