This document describes general workflow between User, Client Application and Observant server.
- Client Application has registered in Observant system.
- Client Application is properly configured to use Observant system.
- Client identity is established in Client Application. Eg. user is logged in and has active session.
- Client Application displays link or button 'Connect with Observant' or similar to User.
- User clicks on link and HTTP request is sent to Client Application.
Client Application sends HTTP redirect response containing Observant authorization URL and required parameters client_id
, redirect_uri
, response_type
and optional state
.
For example https://global.test-jainlogic.com/uaa/oauth/authorize?client_id=myService&redirect_uri=http%3A%2F%2Flocalhost%3A1888%myservice%2Foada%2F&response_type=code&state=ABC123
.
Browsers sends HTTP GET request to Observant server using URL from previous step.
- Observant server recognises request and redirects browser to login form using HTTP 302 response and URL.
For example
https://global.test-jainlogic.com/uaa/authenticate
. - Browser sends GET request to specified URL.
- Observant server responds with login page.
Browser submits login form using HTTP POST request after user clicks 'SIGN IN' button.
- Observant server recognises User and sends HTTP 302 response to redirect User to the authorization page.
For example
https://global.test-jainlogic.com/uaa/oauth/authorize?client_id=myService&redirect_uri=http%3A%2F%2Flocalhost%3A1188%2Fmyservice%2Foada%2F&response_type=code&state=ABC123
. - Browser sends GET request with specified URL to Observant server.
- Observant server responds with authorization page.
Browser submits authorization form using HTTP POST request after user clicks 'ALLOW' button.
Observant server recognises request and responds with HTTP 302 and URL http://localhost:1888/myservice/oada/?code=XYZ789
.
Browser sends HTTP GET request to specified URL in Client Application.
Client Application recognises request and sends HTTP POST request to Observant server to exchange code for tokens including Client Application credentials and required parameters grant_type
, client_id
, redirect_uri
& code
.
For example https://global.test-jainlogic.com/uaa/oauth/token
.
Observant server recognises request and responds with tokens. For example
{
"access_token":"abcdef",
"token_type":"bearer",
"refresh_token":"0123456789",
"expires_in":86400,
"scope":"sensor-data"
}
- Client application receives response.
- Extracts and stores tokens for later use.
- Sends suitable response for still pending Client request from step 9.
Client Application makes HTTP request to Observant server on behalf of the Client using stored access_token
. This request needs no Client involvement and can be issued using timer, cron job or any other suitable mechanism. Client Application can repeat this step until it has valid access_token
.
- Observant server recognises
access_token
and sends response with requested data. - Client Application handles response data as needed. Eg. stores for later use.
Browser sends request to Client App to access data collected from Observant server.
Client Application responds with stored data collected from Observant server.