graph TB
subgraph server-side flow
AaiLoginServlet[AaiLoginServlet:AAI login] -- checkAaiHeaders --> checkAaiHeaders{checkAaiHeaders}
checkAaiHeaders -- not valid --> aaiError[aaiAttrubutesNotValid.html]
aaiError -- AAI logout -->login[AAI login]
checkAaiHeaders -- valid --> validateAaiAttributes{validateAaiAttributes}
validateAaiAttributes -- not valid --> aaiError
validateAaiAttributes -- valid -->loginOnBackend[loginOnBackend]
loginOnBackend -- catch:AObjectNotValid:idpReamlNotvalid -->idpReamlNotvalid[idpRealmNotValid.html]
idpReamlNotvalid -- AAI logout -->login
loginOnBackend -- catch:AInvalidObjectState:orgNoProcurator -->orgNoProcurator[orgNoProcurator.html]
orgNoProcurator-- AAI logout -->login
loginOnBackend -- catch:AObjectMismatch:orgMismatch -->orgMismatch[orgMismatch.html]
orgMismatch -- AAI logout -->login
loginOnBackend -- catch:AAuthorizationFailed:ssopGuestIdp -->ssopGuestIdp[ssopGuestIdp.html]
ssopGuestIdp -- AAI logout -->login
loginOnBackend -- ok --> notUserLocked{notUserLocked}
notUserLocked -- user locked --> userLocked[userLocked.html]
userLocked -- AAI logout -->login
end
subgraph client-side flow
notUserLocked -- not locked --> welcome[welcome: AccountGuard določi kaj s uporabnikom]
welcome -- AccountGuard: nimamo username --> no-user:do{no-user/do: user-new or user-tansfer}
welcome -- AccountGuard: imamo username --> user-to-update{user-to-update: posodobit račun?}
no-user:do -- uporabnik: nov račun --> no-user:user-new[no-user:user-new: forma za nov račun]
no-user:do -- uporabnik: imam račun --> no-user:user-transfer[no-user:user-transfer: preverba username & pass]
no-user:user-new --> account[account: user data]
no-user:user-transfer --> account
user-to-update -- netId guest realm --> account
user-to-update -- netId not guest realm --> user-to-update:user-update[user-to-update:user-update: kaj se bo posodobilo]
user-to-update:user-update --> account
end
