docs: Document clearly the available Authentication Strategies #578
Conversation
| Running `npm start` will orchestrate running the [OpenID Test Client](./packages/openactive-openid-test-client/), [Broker Microservice](./packages/openactive-broker-microservice/) and the [Integration Tests](./packages/openactive-integration-tests/) in order to test your Open Booking API implementation. | ||
| Running `npm start` will orchestrate running the [Broker Microservice](./packages/openactive-broker-microservice/) and the [Integration Tests](./packages/openactive-integration-tests/) in order to test your Open Booking API implementation. |
There was a problem hiding this comment.
Test Client is not "run" by npm start. It's just used as a library dependency
| @@ -39,6 +41,121 @@ The test suite uses the file `config/{NODE_ENV}.json` to override the settings i | |||
|
|
|||
| For more information see this [documentation](https://github.com/lorenwest/node-config/wiki/Environment-Variables#node_env). | |||
|
|
|||
| ### Configuration for `sellers` within `./config/{NODE_ENV}` | |||
There was a problem hiding this comment.
This is nearly identical to the section that was in Integration Tests' README with some additional input from the section that was in Broker Microservice's READE (there was some duplicated docs there)
I've moved it here to reflect the fact that sellers' config is not in either the broker nor integrationTests part of the config file
| }, | ||
| ``` | ||
|
|
||
| #### Client Credentials |
There was a problem hiding this comment.
This section was taken from Broker
| }, | ||
| ``` | ||
|
|
||
| This is different from the behaviour in the Client Credentials sub-section mentioned within the [OpenID Connect Booking Partner Authentication for Multiple Seller Systems](https://openactive.io/open-booking-api/EditorsDraft/#openid-connect-booking-partner-authentication-for-multiple-seller-systems) section in the spec as, in this case, Client Credentials are used to make booking requests for this Seller, rather than just to view the Booking Partner's Orders Feed. |
There was a problem hiding this comment.
Added this part. Before, the docs for this were misleadingly linking to the spec's bit on Client Credentials, which is incorrect as that is for Orders Feed Authentication only
| "description": "For multi-database booking systems where the customer manages Open Booking API client credentials.", | ||
| "explainer": "", | ||
| "description": "Implements OpenID Connect Dynamic Client Registration. For multi-database booking systems where the customer manages Open Booking API client credentials.", | ||
| "explainer": "The Booking System must implement OpenID Connect Dynamic Client Registration, which requires an Initial Access Token", |
There was a problem hiding this comment.
It looks like Initial Access Token is just one way of using Dynamic Client Registration. So I wanted to make it clear that that is all that is supported at present
|
|
||
| # Concepts | ||
|
|
||
| ## Booking Partner Authentication Strategy |
There was a problem hiding this comment.
This link is used in this GitBook PR (in draft at time of writing): https://app.gitbook.com/o/-LJTExWaXZFqcFJ_lZwF/s/-LOMz1IIOd5fl4xzfUYb/~/changes/273/open-booking-api/key-decisions
README.md
Outdated
| * `authentication`: Check out the [**Configuration for Seller Authentication**](#configuration-for-seller-authentication) section. | ||
| * `taxMode`: Which [Tax Mode](https://openactive.io/open-booking-api/EditorsDraft/1.0CR3/#tax-mode) is used for this Seller. | ||
|
|
||
| **Note: If testing both Tax Modes, make sure that there is at least one Seller with each**. Alternatively, if not supporting multiple Sellers, you can run the Test Suite once with `"taxMode": "https://openactive.io/TaxNet"` and once with `"taxMode": "https://openactive.io/TaxGross"`. |
There was a problem hiding this comment.
Great suggestion to run it twice - though how would this work with the certificate? Is it worth us clarifying that currently it's not possible to generate a certificate that covers both configurations unless multiple Sellers are supported?
There was a problem hiding this comment.
This was moved over from existing documentation, but I'll add something to that effect
|
|
||
| ### Booking Authentication | ||
|
|
||
| How a Booking Partner accesses the booking endpoints (C1, C2, B, etc) for a specific Seller's data. This differs from [Orders Feed Authentication](#orders-feed-authentication) as it can be specified at the per-Seller level for Multiple Seller Systems (relevant feature: [`multiple-sellers`](packages/openactive-integration-tests/test/features/core/multiple-sellers/)). |
There was a problem hiding this comment.
| How a Booking Partner accesses the booking endpoints (C1, C2, B, etc) for a specific Seller's data. This differs from [Orders Feed Authentication](#orders-feed-authentication) as it can be specified at the per-Seller level for Multiple Seller Systems (relevant feature: [`multiple-sellers`](packages/openactive-integration-tests/test/features/core/multiple-sellers/)). | |
| Authentication of the Booking Partner authorises them access to the booking endpoints (C1, C2, B, etc) for a specific Seller's data. This differs from [Orders Feed Authentication](#orders-feed-authentication) as it can be specified at the per-Seller level for Multiple Seller Systems (relevant feature: [`multiple-sellers`](packages/openactive-integration-tests/test/features/core/multiple-sellers/)). |
There was a problem hiding this comment.
I appreciate where you're going with this. I'll leave it as is for now as I think it reads more easily
Co-authored-by: Nick Evans <2616208+nickevansuk@users.noreply.github.com>
…ion-strategies-docs
Closes #577