< Return to Summary | File Generated: Thu Apr 17 2025 12:25:58 GMT+0000 (Coordinated Universal Time)
Booking Flow:
Opportunity Type:
Feature: Authentication / Booking Partner OpenID Authentication for Multiple Seller Systems (Implemented)
Test: Authorization Code Flow
The Authorization Code Flow allows Sellers to authenticate with Booking Partners
npm start -- --runInBand test/features/authentication/booking-partner-openid-authentication-for-multiple-sellers/implemented/authorization-code-flow-test.js
The OpenActive Reference Implementation test result for this test can be used as a reference to help with debugging.
✅ 6 passed with 0 failures, 0 warnings and 0 suggestions
The test suite is using the credentials below for this test:
42474b35-db76-47c3-b853-32471ab8af95dVmj6J54WjeCvQjp0iojBbcc3PjhKkaFZQ9CReEpH1rThese credentials were retrieved using Dynamic Client Registration by the Broker Microservice upon startup, using the following configuration within bookingPartners.primary.authentication:
openactive_test_suite_client_12345xaqGET https://localhost:5003/.well-known/openid-configuration
"application/json""gzip, deflate, br""localhost:5003"Response status code: 200.
{
"issuer": "https://localhost:5003",
"jwks_uri": "https://localhost:5003/.well-known/openid-configuration/jwks",
"authorization_endpoint": "https://localhost:5003/connect/authorize",
"token_endpoint": "https://localhost:5003/connect/token",
"userinfo_endpoint": "https://localhost:5003/connect/userinfo",
"end_session_endpoint": "https://localhost:5003/connect/endsession",
"check_session_iframe": "https://localhost:5003/connect/checksession",
"revocation_endpoint": "https://localhost:5003/connect/revocation",
"introspection_endpoint": "https://localhost:5003/connect/introspect",
"device_authorization_endpoint": "https://localhost:5003/connect/deviceauthorization",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true,
"backchannel_logout_supported": true,
"backchannel_logout_session_supported": true,
"scopes_supported": [
"openid",
"openactive-identity",
"openactive-openbooking",
"openactive-ordersfeed",
"offline_access"
],
"claims_supported": [
"sub",
"https://openactive.io/sellerId",
"https://openactive.io/sellerName",
"https://openactive.io/sellerUrl",
"https://openactive.io/sellerLogo",
"https://openactive.io/bookingServiceName",
"https://openactive.io/bookingServiceUrl",
"name",
"https://openactive.io/clientId"
],
"grant_types_supported": [
"authorization_code",
"client_credentials",
"refresh_token",
"implicit",
"urn:ietf:params:oauth:grant-type:device_code"
],
"response_types_supported": [
"code",
"token",
"id_token",
"id_token token",
"code id_token",
"code token",
"code id_token token"
],
"response_modes_supported": [
"form_post",
"query",
"fragment"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"subject_types_supported": [
"public"
],
"code_challenge_methods_supported": [
"plain",
"S256"
],
"request_parameter_supported": true,
"registration_endpoint": "https://localhost:5003/connect/register"
}
POST http://localhost:3000/browser-automation-for-auth
"application/json, text/plain, */*""application/json;charset=utf-8"415"localhost:3000"{
"headless": true,
"offlineAccess": true,
"username": "test1",
"password": "test1",
"authorizationUrl": "https://localhost:5003/connect/authorize?client_id=42474b35-db76-47c3-b853-32471ab8af95&scope=openid%20openactive-openbooking%20offline_access%20openactive-identity&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fcb&code_challenge=XgdQwI4MqJQloVaK4b30GfaODXxq09_FMWRbyUzfZkc&code_challenge_method=S256"
}
"https://localhost:5003/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D42474b35-db76-47c3-b853-32471ab8af95%26scope%3Dopenid%2520openactive-openbooking%2520offline_access%2520openactive-identity%26response_type%3Dcode%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A3000%252Fcb%26code_challenge%3DXgdQwI4MqJQloVaK4b30GfaODXxq09_FMWRbyUzfZkc%26code_challenge_method%3DS256"
"https://localhost:5003/consent?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D42474b35-db76-47c3-b853-32471ab8af95%26scope%3Dopenid%2520openactive-openbooking%2520offline_access%2520openactive-identity%26response_type%3Dcode%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A3000%252Fcb%26code_challenge%3DXgdQwI4MqJQloVaK4b30GfaODXxq09_FMWRbyUzfZkc%26code_challenge_method%3DS256"
"/cb?code=AA667723807916753612535256D11B327499AE17AFA69395FE323AA0A245C70A&scope=openid%20openactive-openbooking%20offline_access%20openactive-identity&session_state=rD_ETFMQRpdqv6PsExw6N3F-A1YfeYnvqZlKqgrLMKc.FF3025691E2CD21B83B5D9C48D5249F4"
POST https://localhost:5003/connect/token
"Basic NDI0NzRiMzUtZGI3Ni00N2MzLWI4NTMtMzI0NzFhYjhhZjk1OmRWbWo2SjU0V2plQ3ZRanAwaW9qQmJjYzNQamhLa2FGWlE5Q1JlRXBIMXI=""application/json""application/x-www-form-urlencoded""205""gzip, deflate, br""localhost:5003""grant_type=authorization_code&code=AA667723807916753612535256D11B327499AE17AFA69395FE323AA0A245C70A&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fcb&code_verifier=E-QTvxVN7DOLeQbaE-iZhSDgu1kgFrbLJ_jwEHaxTms"
Response status code: 200.
{
"id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkIwNEY3QjkxREUzQjk0NzhDNjE4MzNGQjI0QUE1Q0RCIiwidHlwIjoiSldUIn0.eyJuYmYiOjE3NDQ4OTI3NjEsImV4cCI6MTc0NDg5MzA2MSwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMyIsImF1ZCI6IjQyNDc0YjM1LWRiNzYtNDdjMy1iODUzLTMyNDcxYWI4YWY5NSIsImlhdCI6MTc0NDg5Mjc2MSwiYXRfaGFzaCI6IjBYcng3b2l0LXdYVzNNbFlYM09wd1EiLCJzaWQiOiI2RjVDODk0RDA0MEQ5QTgxRDgzMEExRjFDNTQ1NjUzQSIsInN1YiI6IjEwMCIsImF1dGhfdGltZSI6MTc0NDg5Mjc1OSwiaWRwIjoibG9jYWwiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyTmFtZSI6IkFjbWUgRml0bmVzcyBMdGQiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVySWQiOiJodHRwczovL2xvY2FsaG9zdDo1MDAxL2FwaS9pZGVudGlmaWVycy9zZWxsZXJzLzEiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyVXJsIjoiaHR0cHM6Ly93d3cuZXhhbXBsZS5jb20iLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyTG9nbyI6Imh0dHBzOi8vcGxhY2VraXR0ZW4uY29tLzY0MC8zNjAiLCJhbXIiOlsicHdkIl19.u-xuHrmfj_d4axNeCfFxB6xpk3jWuPrtRkVYotoqwswpCzOBz2iTs1cX4Yp8rjQcVoFYr7Do_3iWbIM-j6kWqoQplJcR7hdt5Zym37x9yn5we18vxCVEdhYOlecRSwFxotnW5Os6o6xM_92eObrv8xQHKMs8l2GQbJWhiUlUzVRfiV5IwojMT4w3N1hRkVt-wRGcjKAxpTUzsLYIo2IAhJ57ZqrGVu19DIiYm8NmdpMCIEL2cG5enYUUMFavMf-r5S4H1Immwpuz6vUfLAewUXLcF3W7ZZbHq69A1OHeGLn8STmdBPlXh5LIh3Q5mpQ7TcAbWik1RMaL40wMj0VRqw",
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkIwNEY3QjkxREUzQjk0NzhDNjE4MzNGQjI0QUE1Q0RCIiwidHlwIjoiYXQrand0In0.eyJuYmYiOjE3NDQ4OTI3NjEsImV4cCI6MTc0NDg5NjM2MSwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMyIsImF1ZCI6Im9wZW5ib29raW5nIiwiY2xpZW50X2lkIjoiNDI0NzRiMzUtZGI3Ni00N2MzLWI4NTMtMzI0NzFhYjhhZjk1IiwiaHR0cHM6Ly9vcGVuYWN0aXZlLmlvL2NsaWVudElkIjoiNDI0NzRiMzUtZGI3Ni00N2MzLWI4NTMtMzI0NzFhYjhhZjk1Iiwic3ViIjoiMTAwIiwiYXV0aF90aW1lIjoxNzQ0ODkyNzU5LCJpZHAiOiJsb2NhbCIsImh0dHBzOi8vb3BlbmFjdGl2ZS5pby9zZWxsZXJJZCI6Imh0dHBzOi8vbG9jYWxob3N0OjUwMDEvYXBpL2lkZW50aWZpZXJzL3NlbGxlcnMvMSIsImp0aSI6IjQ3MzUwRkVBMEI5ODY1MEIyNUFDNDhGNkNFRTIxNTA4Iiwic2lkIjoiNkY1Qzg5NEQwNDBEOUE4MUQ4MzBBMUYxQzU0NTY1M0EiLCJpYXQiOjE3NDQ4OTI3NjEsInNjb3BlIjpbIm9wZW5pZCIsIm9wZW5hY3RpdmUtb3BlbmJvb2tpbmciLCJvcGVuYWN0aXZlLWlkZW50aXR5Iiwib2ZmbGluZV9hY2Nlc3MiXSwiYW1yIjpbInB3ZCJdfQ.wNrLERbVYKtJj98zmC_B1Xsdvjsj7TL42uiY4Ua1f-v-VtVKve54W9QX9vVQu2Dk7aFXQlopqzI7csopG65mkWUoxxswhSLiL8ZRSU4jkoCRK548bCzQWxmXkN0WnXmVpUWOeOC44FxvxyGCxedq6dpa3mtWde-G0kXHMlXakRCmukOxio0Dagy8WuL0KMq1XERaNBSag87e9VXz9yKrhz4ZjgQm4Kl7t67sh_o1ZoXs85NrfM2dMtI4hJ9eYS2NnnsO5ieeyhB9MkdtQNp2lzj5YRjoCKVJ6ONCnoPDgBOXTdF4Z2nAwTWnOggkQK-ACSWctGw1nahAvmqAXpOsRQ",
"expires_in": 3600,
"token_type": "Bearer",
"refresh_token": "0C6AA3BAE449F389066B95E13BFFCAD7A8EE4D1A87E5BA31718E4BD3E82F97D2",
"scope": "openid openactive-openbooking offline_access openactive-identity"
}
GET https://localhost:5003/.well-known/openid-configuration/jwks
"application/json""gzip, deflate, br""localhost:5003"Response status code: 200.
{
"keys": [
{
"kty": "RSA",
"use": "sig",
"kid": "B04F7B91DE3B9478C61833FB24AA5CDB",
"e": "AQAB",
"n": "yZO68vCGrvfBQ5R1z0DVCRAADOWeF3aLlhOaz1Je1SnmohmmlO-1F1hkRM_4MJtR5aECMxMz-MUW1nBCPmUrH0h_rrdCdDdlk8vTHki0ixK-gO73W2ZscOCZ6L2fZ2Oqz0_I840cnSCv55zpiOk9oGJL9TEsLAWYAIyQheaqZO3BkqImuBFmaLVTckvaZeONjHDQa01rxEjRQByir6oYSZPJy54XuRQJaPuCVNeOW8r0R9rKUQf9nl7tnVvhCsU3q1-UPrs8ZW_kaYXuYQJJMk392jX6XNm6czehIYM-O8Z5eGFdR3WW7IAWYEmqTCxrCRuuKU-EEcKOwksx8gBPgQ",
"alg": "RS256"
}
]
}
id_token claims:
{
"nbf": 1744892761,
"exp": 1744893061,
"iss": "https://localhost:5003",
"aud": "42474b35-db76-47c3-b853-32471ab8af95",
"iat": 1744892761,
"at_hash": "0Xrx7oit-wXW3MlYX3OpwQ",
"sid": "6F5C894D040D9A81D830A1F1C545653A",
"sub": "100",
"auth_time": 1744892759,
"idp": "local",
"https://openactive.io/sellerName": "Acme Fitness Ltd",
"https://openactive.io/sellerId": "https://localhost:5001/api/identifiers/sellers/1",
"https://openactive.io/sellerUrl": "https://www.example.com",
"https://openactive.io/sellerLogo": "https://placekitten.com/640/360",
"amr": [
"pwd"
]
}
POST https://localhost:5003/connect/token
"Basic NDI0NzRiMzUtZGI3Ni00N2MzLWI4NTMtMzI0NzFhYjhhZjk1OmRWbWo2SjU0V2plQ3ZRanAwaW9qQmJjYzNQamhLa2FGWlE5Q1JlRXBIMXI=""application/json""application/x-www-form-urlencoded""103""gzip, deflate, br""localhost:5003""grant_type=refresh_token&refresh_token=0C6AA3BAE449F389066B95E13BFFCAD7A8EE4D1A87E5BA31718E4BD3E82F97D2"
Response status code: 200.
{
"id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkIwNEY3QjkxREUzQjk0NzhDNjE4MzNGQjI0QUE1Q0RCIiwidHlwIjoiSldUIn0.eyJuYmYiOjE3NDQ4OTI3NjEsImV4cCI6MTc0NDg5MzA2MSwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMyIsImF1ZCI6IjQyNDc0YjM1LWRiNzYtNDdjMy1iODUzLTMyNDcxYWI4YWY5NSIsImlhdCI6MTc0NDg5Mjc2MSwiYXRfaGFzaCI6IlZIdlNBeWoxNUg1b2FuWHhHa1RtTkEiLCJzdWIiOiIxMDAiLCJhdXRoX3RpbWUiOjE3NDQ4OTI3NTksImlkcCI6ImxvY2FsIiwiaHR0cHM6Ly9vcGVuYWN0aXZlLmlvL3NlbGxlck5hbWUiOiJBY21lIEZpdG5lc3MgTHRkIiwiaHR0cHM6Ly9vcGVuYWN0aXZlLmlvL3NlbGxlcklkIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMS9hcGkvaWRlbnRpZmllcnMvc2VsbGVycy8xIiwiaHR0cHM6Ly9vcGVuYWN0aXZlLmlvL3NlbGxlclVybCI6Imh0dHBzOi8vd3d3LmV4YW1wbGUuY29tIiwiaHR0cHM6Ly9vcGVuYWN0aXZlLmlvL3NlbGxlckxvZ28iOiJodHRwczovL3BsYWNla2l0dGVuLmNvbS82NDAvMzYwIiwiYW1yIjpbInB3ZCJdfQ.t2TXe8lvlHKcdqnFLkPn4KXaCOICUiXh7fA_5Yijy_8y9aodwAi5GrEifUHJ8Ec6sJ8e43hdjv7hO1SNkW3jnVdr4dRNweJLj_qsXxhK7hlbWyag5gXDOJzYEUaOc7LVp_p-vwygBSJi0kvGyCNKP4alCSfzdg5ICcrfzkgaZvNBQePq1zV4b2fJ60TI4RiTM5tvrxVls0ilOd47IIvGjug_wM4eseXIJ-0Z8Is94yhEcyFRo-dG-8Xf6ifj1IZpCHUYHMFbXmP-wqFxDvaaVc3HPn46DDoZXW_Vt2uHSuc10e6cI6sQbHemXwUy22QQe_IyEBz024rRue54sKQ0gQ",
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkIwNEY3QjkxREUzQjk0NzhDNjE4MzNGQjI0QUE1Q0RCIiwidHlwIjoiYXQrand0In0.eyJuYmYiOjE3NDQ4OTI3NjEsImV4cCI6MTc0NDg5NjM2MSwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMyIsImF1ZCI6Im9wZW5ib29raW5nIiwiY2xpZW50X2lkIjoiNDI0NzRiMzUtZGI3Ni00N2MzLWI4NTMtMzI0NzFhYjhhZjk1IiwiaHR0cHM6Ly9vcGVuYWN0aXZlLmlvL2NsaWVudElkIjoiNDI0NzRiMzUtZGI3Ni00N2MzLWI4NTMtMzI0NzFhYjhhZjk1Iiwic3ViIjoiMTAwIiwiYXV0aF90aW1lIjoxNzQ0ODkyNzU5LCJpZHAiOiJsb2NhbCIsImh0dHBzOi8vb3BlbmFjdGl2ZS5pby9zZWxsZXJJZCI6Imh0dHBzOi8vbG9jYWxob3N0OjUwMDEvYXBpL2lkZW50aWZpZXJzL3NlbGxlcnMvMSIsImp0aSI6IjY4NUUwNDU1QzMzOTg1RURBQzdBMzczRjMxM0Q3RDdGIiwiaWF0IjoxNzQ0ODkyNzYxLCJzY29wZSI6WyJvcGVuaWQiLCJvcGVuYWN0aXZlLW9wZW5ib29raW5nIiwib3BlbmFjdGl2ZS1pZGVudGl0eSIsIm9mZmxpbmVfYWNjZXNzIl0sImFtciI6WyJwd2QiXX0.fqPGUDs30EsswVaoRJRHPRuvDy7QIMaF_G2sIwg_mNGJaDzqUALb2I_Sd3serkps9QSc78PjwwiqGyandE-ADOzL-phi0D2zHg3fdwZQtv62zmpbH8MKvvO2WLX3U0fOwy9_rOkv6N9HPTZv-5SriugxWgc-FeISXbm8SlqDyVlRXg-C2048WFdQAAP3yIxeKmewm1JDYVYKymBoX0GiR6iUUPT8vPiG-d8rJhqECI2JQdOI72x8SNGW1GIfFnSlZmKz_32fqqtz3H-YpM_nwVj3fwgYGMHlzR2R_ZS4kVSFqRXqeGG0bcGlXXfOHzTVBmzxBKYTeXW743CZaZ55LA",
"expires_in": 3600,
"token_type": "Bearer",
"refresh_token": "50CBA7BD1ED5F0A6BC113DFF0A2C1852AC4512FBF2307374460A51DCF83B85FF",
"scope": "openid openactive-openbooking openactive-identity offline_access"
}
https://openactive.io/sellerId claim in id_tokenid_token as defined in specification