Uploaded image for project: 'UX Product'
  1. UX Product
  2. UXPROD-2673

Implement Oauth2 Consumer for Requesting D2IR (INN-Reach) OAuth2 Tokens

    XMLWordPrintable

Details

    • Volaris
    • 100
    • R4
    • R5
    • R5
    • R5
    • R5
    • R2
    • R2
    • R5
    • R5

    Description

      Current situation or problem:
      In order to make D2IR API called to the central INN-Reach server, FOLIO must have a valid Bearer Auth token. These tokens are generated by POSTing a request to a configuration-specified API endpoint using a client key and secret combination. Key and secret should be concatenated together using a ":" and base64 encoded.

      Sample request:

      curl -X POST https://rssandbox-api.iii.com/auth/v1/oauth2/token -H 'Authorization: Basic YjU0ZTU2YzgtMGNlNi00MzhjLTk3NzktYzcyMWIxY2RjMz ZhOjFjYjQ4YjNmLTE1OTAtNDc0YS1iMDhhLWZjNDRlMjczMTlmOQ=='
   -H 'Content- Type: application/x-www-form-urlencoded'
   -d 'grant_type=client_credentials&scope=innreach_tp'

      Sample Response:

      {
"access_token": "06b42df732f628ae2c3764d86073cd76", 
"token_type": "Bearer",
"expires_in": 599
}

      Issued tokens are valid for 600 seconds. Expired tokens result in a 401 Unauthorized response from the server. Client should handle these responses and request a new token when needed.

      In scope
      API client for requesting OAuth2 Bearer Tokens from Central Server based on supplied Base64-encoded ket/secret pair

      Out of scope
      API Endpoint to provide OAuth2 Bearer Tokens to a client based on supplied Base64-encoded key/secret pair.

      Use case(s)
      All API calls from FOLIO to INN-Reach central server require an Oauth2 Bearer Authentication token to be included in the request headers. FOLIO must request a new token before attempting any other API calls.

      Proposed solution/stories
      Given a known API key/secret combination issued by the INN-Reach Central Server, the edge-inn-reach module should issue a request to the Central Server Oauth2 api to request a valid Bearer Auth token and store it for subsequent use, and request a new token when the previous one expires.

      Questions

      • How do we store the API key/secret pair issues by the D2IR Central Server?
      • Should a new token be requested for each transaction with the server, or stored and re-used until expiration?

      TestRail: Results

        Attachments

          Issue Links

            is defined by

            Story - Created by Jira Software - do not edit or delete. Issue type for a user story. MODINREACH-9 Store INN-Reach/D2IR API Oauth2 Keys and Secrets Securely

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed
            is required by

            New Feature - New feature requests UXPROD-2764 Record Contribution Enhancements/Ongoing Record Contribution ("Bibs" and "Items") for INN-Reach Central Server

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed

            New Feature - New feature requests UXPROD-2765 Contribute Inventory Item Records ("Items") to INN-Reach Central Server

            • TBD - To be determined
            • Closed

            New Feature - New feature requests UXPROD-2777 INN-Reach: Submit Local Server Locations to INN-Reach Central Server

            • TBD - To be determined
            • Closed

            New Feature - New feature requests UXPROD-2778 Manage a Map of Local Patron Groups to INN-Reach Central Server Patron Types (PTYPE)

            • TBD - To be determined
            • Closed

            New Feature - New feature requests UXPROD-2779 Retrieve List of Local Servers in an INN-Reach Consortium and their Associated Agencies and Provide Representations in the FOLIO Location System

            • TBD - To be determined
            • Closed

            New Feature - New feature requests UXPROD-2782 Handle Check-In of INN-Reach Items

            • TBD - To be determined
            • Closed

            New Feature - New feature requests UXPROD-2783 Handle Recall of INN-Reach Loans By Patron at Owning Site

            • TBD - To be determined
            • Closed

            New Feature - New feature requests UXPROD-2786 Handle Checkout of INN-Reach Items From Owning Site

            • TBD - To be determined
            • Closed

            New Feature - New feature requests UXPROD-2787 Handle INN-Reach Borrower Renewal Requests (Borrowing Library)

            • TBD - To be determined
            • Closed

            New Feature - New feature requests UXPROD-2788 Handle "Move Request" Action on INN-Reach Requests (Owning Site)

            • TBD - To be determined
            • Closed

            New Feature - New feature requests UXPROD-2789 Handle "Claimed Returned" on INN-Reach Items (Borrowing Site)

            • TBD - To be determined
            • Closed

            New Feature - New feature requests UXPROD-3615 Record Contribution Enhancements ("Bibs" and "Items") for INN-Reach Central Server (Phase 3)

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed

            Activity

              People

                brookstravis Brooks Travis
                brookstravis Brooks Travis
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases