< Return to Summary | File Generated: Tue Apr 16 2024 11:55:33 GMT+0000 (Coordinated Universal Time)
Booking Flow:
Opportunity Type:
Feature: Authentication / Booking Partner Authentication for Multiple Seller Systems (Implemented)
Test: Authorization persists when not requesting offline access
When authorisation is requested without offline access and a user has already given permission, consent must not be required.
npm start -- --runInBand test/features/authentication/booking-partner-authentication/implemented/authorization-persisted-test.js
The OpenActive Reference Implementation test result for this test can be used as a reference to help with debugging.
✅ 9 passed with 0 failures, 0 warnings and 0 suggestions
The test suite is using the credentials configured by bookingPartnersForSpecificTests.authorizationPersisted.authentication.clientCredentials
for this test:
clientid_801
secret
GET https://localhost:5003/.well-known/openid-configuration
"application/json"
"gzip, deflate, br"
"localhost:5003"
Response status code: 200.
{
"issuer": "https://localhost:5003",
"jwks_uri": "https://localhost:5003/.well-known/openid-configuration/jwks",
"authorization_endpoint": "https://localhost:5003/connect/authorize",
"token_endpoint": "https://localhost:5003/connect/token",
"userinfo_endpoint": "https://localhost:5003/connect/userinfo",
"end_session_endpoint": "https://localhost:5003/connect/endsession",
"check_session_iframe": "https://localhost:5003/connect/checksession",
"revocation_endpoint": "https://localhost:5003/connect/revocation",
"introspection_endpoint": "https://localhost:5003/connect/introspect",
"device_authorization_endpoint": "https://localhost:5003/connect/deviceauthorization",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true,
"backchannel_logout_supported": true,
"backchannel_logout_session_supported": true,
"scopes_supported": [
"openid",
"openactive-identity",
"openactive-openbooking",
"openactive-ordersfeed",
"offline_access"
],
"claims_supported": [
"sub",
"https://openactive.io/sellerId",
"https://openactive.io/sellerName",
"https://openactive.io/sellerUrl",
"https://openactive.io/sellerLogo",
"https://openactive.io/bookingServiceName",
"https://openactive.io/bookingServiceUrl",
"name",
"https://openactive.io/clientId"
],
"grant_types_supported": [
"authorization_code",
"client_credentials",
"refresh_token",
"implicit",
"urn:ietf:params:oauth:grant-type:device_code"
],
"response_types_supported": [
"code",
"token",
"id_token",
"id_token token",
"code id_token",
"code token",
"code id_token token"
],
"response_modes_supported": [
"form_post",
"query",
"fragment"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"subject_types_supported": [
"public"
],
"code_challenge_methods_supported": [
"plain",
"S256"
],
"request_parameter_supported": true,
"registration_endpoint": "https://localhost:5003/connect/register"
}
POST http://localhost:3000/browser-automation-for-auth
"application/json, text/plain, */*"
"application/json;charset=utf-8"
349
"localhost:3000"
{
"headless": true,
"offlineAccess": true,
"username": "test1",
"password": "test1",
"authorizationUrl": "https://localhost:5003/connect/authorize?client_id=clientid_801&scope=openid%20openactive-identity&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fcb&code_challenge=7u2pCYCMZM2iVjHkg26qpqPiXj4-eaaVCHVwEVkJZdU&code_challenge_method=S256"
}
"https://localhost:5003/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dclientid_801%26scope%3Dopenid%2520openactive-identity%26response_type%3Dcode%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A3000%252Fcb%26code_challenge%3D7u2pCYCMZM2iVjHkg26qpqPiXj4-eaaVCHVwEVkJZdU%26code_challenge_method%3DS256"
"https://localhost:5003/consent?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dclientid_801%26scope%3Dopenid%2520openactive-identity%26response_type%3Dcode%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A3000%252Fcb%26code_challenge%3D7u2pCYCMZM2iVjHkg26qpqPiXj4-eaaVCHVwEVkJZdU%26code_challenge_method%3DS256"
"/cb?code=308C4E656AA47B29EF150ED2BBBE48395ECCEE3A8D61D6435722470FC821C4B6&scope=openid%20openactive-identity&session_state=BUfw98j8MzNqUl9VWjObH-Vo7MC82ESeJ-n368sGFq0.84C7B0C5871DF9BDBF6629EE07449FF5"
POST https://localhost:5003/connect/token
"Basic Y2xpZW50aWRfODAxOnNlY3JldA=="
"application/json"
"application/x-www-form-urlencoded"
"205"
"gzip, deflate, br"
"localhost:5003"
"grant_type=authorization_code&code=308C4E656AA47B29EF150ED2BBBE48395ECCEE3A8D61D6435722470FC821C4B6&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fcb&code_verifier=ZhNJxqO29u6o5_GGK8hQQQtGzeOgdNuBAGxwAg0PefA"
Response status code: 200.
{
"id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkIwNEY3QjkxREUzQjk0NzhDNjE4MzNGQjI0QUE1Q0RCIiwidHlwIjoiSldUIn0.eyJuYmYiOjE3MTMyNjg1MzUsImV4cCI6MTcxMzI2ODgzNSwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMyIsImF1ZCI6ImNsaWVudGlkXzgwMSIsImlhdCI6MTcxMzI2ODUzNSwiYXRfaGFzaCI6InVaTEZxU1g0eDlrYjJFcjlfSjRXTmciLCJzaWQiOiI4Qzc1Mjc3RTExOTUyQkY2NkE4MDc2QThGRkMzQjEyMiIsInN1YiI6IjEwMCIsImF1dGhfdGltZSI6MTcxMzI2ODUzNCwiaWRwIjoibG9jYWwiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyTmFtZSI6IkFjbWUgRml0bmVzcyBMdGQiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVySWQiOiJodHRwczovL2xvY2FsaG9zdDo1MDAxL2FwaS9pZGVudGlmaWVycy9zZWxsZXJzLzEiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyVXJsIjoiaHR0cHM6Ly93d3cuZXhhbXBsZS5jb20iLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyTG9nbyI6Imh0dHBzOi8vcGxhY2VraXR0ZW4uY29tLzY0MC8zNjAiLCJhbXIiOlsicHdkIl19.Bnvi_I5EbZ7q4VP56xwFDdx0XAtSrY_7hsqFPwQ9qjnkvZegqpIBYrV7hy6V3eR5weUxiW5tTn9tMONRSEe7YeNGslu43oXMYIitnd61h0FyjRhCSbexJcxy5fbdgeRNVzEZ9e3XhORK5n539Bip0yJHiXxfeSYiEiFRhFZZTsl_4eH5TrWAsrdDUhZXO4Wz9xdpGs56hoTmUMcZNN1O7Q6xeq-0vepGnuYt8Ltwhf9-FxJTorq7NwtcS2rc4usg5nYMlK_lHHGppKdq4MAIFGXkIXGXF_LQzuQfE_cv3FwmPKZHZYKEyWd5mlflHA2sG8_ruONCIfg9NrIbQSVg0A",
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkIwNEY3QjkxREUzQjk0NzhDNjE4MzNGQjI0QUE1Q0RCIiwidHlwIjoiYXQrand0In0.eyJuYmYiOjE3MTMyNjg1MzUsImV4cCI6MTcxMzI3MjEzNSwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMyIsImNsaWVudF9pZCI6ImNsaWVudGlkXzgwMSIsImh0dHBzOi8vb3BlbmFjdGl2ZS5pby9jbGllbnRJZCI6ImNsaWVudGlkXzgwMSIsInN1YiI6IjEwMCIsImF1dGhfdGltZSI6MTcxMzI2ODUzNCwiaWRwIjoibG9jYWwiLCJqdGkiOiJEOUJDNTk0MENEM0EyNEY1QkM5QjI1Mzc4OTlEMkZGNSIsInNpZCI6IjhDNzUyNzdFMTE5NTJCRjY2QTgwNzZBOEZGQzNCMTIyIiwiaWF0IjoxNzEzMjY4NTM1LCJzY29wZSI6WyJvcGVuaWQiLCJvcGVuYWN0aXZlLWlkZW50aXR5Il0sImFtciI6WyJwd2QiXX0.sM-y2dWlaLKmw6QKM6BQ40Z48_JE1cPsKbOiLAj5xbzVpRLIIbGsgsxJNd-pM4S4tfP92S6b91pjyyScbh4YtLBI18VeQLrsp2tvM4Oy0Tbp6bPJ0svsicx5-yfjjLEFG0YFEf71XHoGzB7xDHd5ShZLmwq8jjyqx2ySMkBJPeyApLV86y5YrR-JxXUx1TMtQpJd7AUqLx6jXQMZPqsG8kuxXehcEtf2tgF979-pT4vw2_q6aFYTxU37St9A0O1zQXej8ysPwK4H8sCk6P1FyA4tEngUe-d3Nk04gbjU03VW8yuttC4467zzdCh2olgEAzXM1Xw1UCnnbFt3yilZTQ",
"expires_in": 3600,
"token_type": "Bearer",
"scope": "openid openactive-identity"
}
GET https://localhost:5003/.well-known/openid-configuration/jwks
"application/json"
"gzip, deflate, br"
"localhost:5003"
Response status code: 200.
{
"keys": [
{
"kty": "RSA",
"use": "sig",
"kid": "B04F7B91DE3B9478C61833FB24AA5CDB",
"e": "AQAB",
"n": "yZO68vCGrvfBQ5R1z0DVCRAADOWeF3aLlhOaz1Je1SnmohmmlO-1F1hkRM_4MJtR5aECMxMz-MUW1nBCPmUrH0h_rrdCdDdlk8vTHki0ixK-gO73W2ZscOCZ6L2fZ2Oqz0_I840cnSCv55zpiOk9oGJL9TEsLAWYAIyQheaqZO3BkqImuBFmaLVTckvaZeONjHDQa01rxEjRQByir6oYSZPJy54XuRQJaPuCVNeOW8r0R9rKUQf9nl7tnVvhCsU3q1-UPrs8ZW_kaYXuYQJJMk392jX6XNm6czehIYM-O8Z5eGFdR3WW7IAWYEmqTCxrCRuuKU-EEcKOwksx8gBPgQ",
"alg": "RS256"
}
]
}
id_token
claims:
{
"nbf": 1713268535,
"exp": 1713268835,
"iss": "https://localhost:5003",
"aud": "clientid_801",
"iat": 1713268535,
"at_hash": "uZLFqSX4x9kb2Er9_J4WNg",
"sid": "8C75277E11952BF66A8076A8FFC3B122",
"sub": "100",
"auth_time": 1713268534,
"idp": "local",
"https://openactive.io/sellerName": "Acme Fitness Ltd",
"https://openactive.io/sellerId": "https://localhost:5001/api/identifiers/sellers/1",
"https://openactive.io/sellerUrl": "https://www.example.com",
"https://openactive.io/sellerLogo": "https://placekitten.com/640/360",
"amr": [
"pwd"
]
}
POST http://localhost:3000/browser-automation-for-auth
"application/json, text/plain, */*"
"application/json;charset=utf-8"
349
"localhost:3000"
{
"headless": true,
"offlineAccess": true,
"username": "test1",
"password": "test1",
"authorizationUrl": "https://localhost:5003/connect/authorize?client_id=clientid_801&scope=openid%20openactive-identity&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fcb&code_challenge=aspfRv7bJM99C1R_7dCqPT52lKCQRlOV8PrfFTx-0Lc&code_challenge_method=S256"
}
"https://localhost:5003/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dclientid_801%26scope%3Dopenid%2520openactive-identity%26response_type%3Dcode%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A3000%252Fcb%26code_challenge%3DaspfRv7bJM99C1R_7dCqPT52lKCQRlOV8PrfFTx-0Lc%26code_challenge_method%3DS256"
"/cb?code=15DEA6626C069C3D3EF5DEEDDBBE86D7A63D980FF71AC1EEE07541FF8E01515D&scope=openid%20openactive-identity&session_state=J9VgGD0Qm0_xnw_kV69Cw_VmN-xEYRVziEommq4GIbo.E71C8BB7EB0E634286949F73BA5C9919"
POST https://localhost:5003/connect/token
"Basic Y2xpZW50aWRfODAxOnNlY3JldA=="
"application/json"
"application/x-www-form-urlencoded"
"205"
"gzip, deflate, br"
"localhost:5003"
"grant_type=authorization_code&code=15DEA6626C069C3D3EF5DEEDDBBE86D7A63D980FF71AC1EEE07541FF8E01515D&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fcb&code_verifier=vbzQjibzofKH9TS5FNJbX1MhpoLXBNvVdu3qkTabuy4"
Response status code: 200.
{
"id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkIwNEY3QjkxREUzQjk0NzhDNjE4MzNGQjI0QUE1Q0RCIiwidHlwIjoiSldUIn0.eyJuYmYiOjE3MTMyNjg1MzYsImV4cCI6MTcxMzI2ODgzNiwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMyIsImF1ZCI6ImNsaWVudGlkXzgwMSIsImlhdCI6MTcxMzI2ODUzNiwiYXRfaGFzaCI6InFJb2tCTFl2WTkxQTh2M0g5TktQYnciLCJzaWQiOiI2NDNGNzIzMjgzNkU0MEFCMEZBQkFDRDA5RDA2MDY2RCIsInN1YiI6IjEwMCIsImF1dGhfdGltZSI6MTcxMzI2ODUzNiwiaWRwIjoibG9jYWwiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyTmFtZSI6IkFjbWUgRml0bmVzcyBMdGQiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVySWQiOiJodHRwczovL2xvY2FsaG9zdDo1MDAxL2FwaS9pZGVudGlmaWVycy9zZWxsZXJzLzEiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyVXJsIjoiaHR0cHM6Ly93d3cuZXhhbXBsZS5jb20iLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyTG9nbyI6Imh0dHBzOi8vcGxhY2VraXR0ZW4uY29tLzY0MC8zNjAiLCJhbXIiOlsicHdkIl19.Eg9wcfwAJP5hM-WKTuUyAZwVraieB8z1tmKS3bH8F3puWHZwP3EEsKSSyzRLdd42ZiPq3iq5vXvHr7qVE4_X9L8q3_0LCl1ONIfP8TSxhWOmJVVi-RXfu43WIUf8eKxM294ri8fjkxrTiDrMRGrqS2TXeeMVMz5Y2T7nn-Nr_tRTnvcU5w1LjxxCZw4Wp_rOZXhG-l2KDAcybiHMR-7Qdg19HQExK10UxI-DCS0mqe8PyvzZwNM6jOyTyPJCn0mP_ZXHrHi_JscpPI9_sQ7iM9ZbHQiuYWaACbueY9nw7iEph7KgySHok5n2ATJTScctJm1CdUIL-4qB76iWM3OwNg",
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkIwNEY3QjkxREUzQjk0NzhDNjE4MzNGQjI0QUE1Q0RCIiwidHlwIjoiYXQrand0In0.eyJuYmYiOjE3MTMyNjg1MzYsImV4cCI6MTcxMzI3MjEzNiwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMyIsImNsaWVudF9pZCI6ImNsaWVudGlkXzgwMSIsImh0dHBzOi8vb3BlbmFjdGl2ZS5pby9jbGllbnRJZCI6ImNsaWVudGlkXzgwMSIsInN1YiI6IjEwMCIsImF1dGhfdGltZSI6MTcxMzI2ODUzNiwiaWRwIjoibG9jYWwiLCJqdGkiOiI3MzI1QkFDN0ZGRDE1MjdGRkU5OTg4NkZBNkY3NzY0QiIsInNpZCI6IjY0M0Y3MjMyODM2RTQwQUIwRkFCQUNEMDlEMDYwNjZEIiwiaWF0IjoxNzEzMjY4NTM2LCJzY29wZSI6WyJvcGVuaWQiLCJvcGVuYWN0aXZlLWlkZW50aXR5Il0sImFtciI6WyJwd2QiXX0.NLBH_w9wO8J4nC-NFQurYmrVIq0_eXYeqZqkom9abR9E1TYUJ0ip-VSS-rMfkkJK-YqE7KvmdL633v0a6hJge_zjVj45mzwJgwllU-pPKWQ1WBmHWUs7OuT96UuvXxj4vDTPKgp30qkMA0pBvxzB3Zr5TdVqMliOkkzBbmKjQjXQG3agYlzTTtsW8Z9Ex5xZBVlWU5ePNxHa5Jyy0GRfF8Oo0Xw3JocGbbbxICA6PWyDvSJ_618-3CKdNDN2nBFal4aoDYTJQm_IbctCHgOlTJ3u_xflnFISUGsKVTKtNU7oFx4JKaxCANuX7-jtZHPE5V7f8DUQoiTt7Zj1--nL5A",
"expires_in": 3600,
"token_type": "Bearer",
"scope": "openid openactive-identity"
}
id_token
claims:
{
"nbf": 1713268536,
"exp": 1713268836,
"iss": "https://localhost:5003",
"aud": "clientid_801",
"iat": 1713268536,
"at_hash": "qIokBLYvY91A8v3H9NKPbw",
"sid": "643F7232836E40AB0FABACD09D06066D",
"sub": "100",
"auth_time": 1713268536,
"idp": "local",
"https://openactive.io/sellerName": "Acme Fitness Ltd",
"https://openactive.io/sellerId": "https://localhost:5001/api/identifiers/sellers/1",
"https://openactive.io/sellerUrl": "https://www.example.com",
"https://openactive.io/sellerLogo": "https://placekitten.com/640/360",
"amr": [
"pwd"
]
}
https://openactive.io/sellerId
claim in id_token
id_token
as defined in specificationhttps://openactive.io/sellerId
claim in id_token
id_token
as defined in specification