< Return to Summary | File Generated: Thu Apr 17 2025 12:20:54 GMT+0000 (Coordinated Universal Time)
Booking Flow:
Opportunity Type:
Feature: Authentication / Booking Partner OpenID Authentication for Multiple Seller Systems (Implemented)
Test: Authorization persists when not requesting offline access
When authorisation is requested without offline access and a user has already given permission, consent must not be required.
npm start -- --runInBand test/features/authentication/booking-partner-openid-authentication-for-multiple-sellers/implemented/authorization-persisted-test.js
The OpenActive Reference Implementation test result for this test can be used as a reference to help with debugging.
✅ 9 passed with 0 failures, 0 warnings and 0 suggestions
The test suite is using the credentials configured by bookingPartnersForSpecificTests.authorizationPersisted.authentication.clientCredentials for this test:
clientid_801secretGET https://localhost:5003/.well-known/openid-configuration
"application/json""gzip, deflate, br""localhost:5003"Response status code: 200.
{
"issuer": "https://localhost:5003",
"jwks_uri": "https://localhost:5003/.well-known/openid-configuration/jwks",
"authorization_endpoint": "https://localhost:5003/connect/authorize",
"token_endpoint": "https://localhost:5003/connect/token",
"userinfo_endpoint": "https://localhost:5003/connect/userinfo",
"end_session_endpoint": "https://localhost:5003/connect/endsession",
"check_session_iframe": "https://localhost:5003/connect/checksession",
"revocation_endpoint": "https://localhost:5003/connect/revocation",
"introspection_endpoint": "https://localhost:5003/connect/introspect",
"device_authorization_endpoint": "https://localhost:5003/connect/deviceauthorization",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true,
"backchannel_logout_supported": true,
"backchannel_logout_session_supported": true,
"scopes_supported": [
"openid",
"openactive-identity",
"openactive-openbooking",
"openactive-ordersfeed",
"offline_access"
],
"claims_supported": [
"sub",
"https://openactive.io/sellerId",
"https://openactive.io/sellerName",
"https://openactive.io/sellerUrl",
"https://openactive.io/sellerLogo",
"https://openactive.io/bookingServiceName",
"https://openactive.io/bookingServiceUrl",
"name",
"https://openactive.io/clientId"
],
"grant_types_supported": [
"authorization_code",
"client_credentials",
"refresh_token",
"implicit",
"urn:ietf:params:oauth:grant-type:device_code"
],
"response_types_supported": [
"code",
"token",
"id_token",
"id_token token",
"code id_token",
"code token",
"code id_token token"
],
"response_modes_supported": [
"form_post",
"query",
"fragment"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"subject_types_supported": [
"public"
],
"code_challenge_methods_supported": [
"plain",
"S256"
],
"request_parameter_supported": true,
"registration_endpoint": "https://localhost:5003/connect/register"
}
POST http://localhost:3000/browser-automation-for-auth
"application/json, text/plain, */*""application/json;charset=utf-8"349"localhost:3000"{
"headless": true,
"offlineAccess": true,
"username": "test1",
"password": "test1",
"authorizationUrl": "https://localhost:5003/connect/authorize?client_id=clientid_801&scope=openid%20openactive-identity&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fcb&code_challenge=9ZCa5Kouawdf-K8xAHoDdk5qCKJR7bW-Vq0nogWlNJ8&code_challenge_method=S256"
}
"https://localhost:5003/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dclientid_801%26scope%3Dopenid%2520openactive-identity%26response_type%3Dcode%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A3000%252Fcb%26code_challenge%3D9ZCa5Kouawdf-K8xAHoDdk5qCKJR7bW-Vq0nogWlNJ8%26code_challenge_method%3DS256"
"https://localhost:5003/consent?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dclientid_801%26scope%3Dopenid%2520openactive-identity%26response_type%3Dcode%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A3000%252Fcb%26code_challenge%3D9ZCa5Kouawdf-K8xAHoDdk5qCKJR7bW-Vq0nogWlNJ8%26code_challenge_method%3DS256"
"/cb?code=D8FF11ECCB4640D774C42915FEA1A0A5373CC0DBF5848774330FB18ED8AFBB1A&scope=openid%20openactive-identity&session_state=PPXwtq0qNFAks1GC5eGE7DBTqcwZiQuPZomDeWDSjIY.841C66CFE49E83ADDE6FBCADB2F33063"
POST https://localhost:5003/connect/token
"Basic Y2xpZW50aWRfODAxOnNlY3JldA==""application/json""application/x-www-form-urlencoded""205""gzip, deflate, br""localhost:5003""grant_type=authorization_code&code=D8FF11ECCB4640D774C42915FEA1A0A5373CC0DBF5848774330FB18ED8AFBB1A&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fcb&code_verifier=2Y_UlWH1S3r2GNRF4qDw1GaB6dUdnITRAyCMRB1qutY"
Response status code: 200.
{
"id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkIwNEY3QjkxREUzQjk0NzhDNjE4MzNGQjI0QUE1Q0RCIiwidHlwIjoiSldUIn0.eyJuYmYiOjE3NDQ4OTI0NTcsImV4cCI6MTc0NDg5Mjc1NywiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMyIsImF1ZCI6ImNsaWVudGlkXzgwMSIsImlhdCI6MTc0NDg5MjQ1NywiYXRfaGFzaCI6ImlzMmZyaXNCQ2xkX25hOHRNSmFhakEiLCJzaWQiOiI4RTlERThCNjM5QjAxMzdFQTlFOTYwODEwQjc0RURCNiIsInN1YiI6IjEwMCIsImF1dGhfdGltZSI6MTc0NDg5MjQ1NSwiaWRwIjoibG9jYWwiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyTmFtZSI6IkFjbWUgRml0bmVzcyBMdGQiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVySWQiOiJodHRwczovL2xvY2FsaG9zdDo1MDAxL2FwaS9pZGVudGlmaWVycy9zZWxsZXJzLzEiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyVXJsIjoiaHR0cHM6Ly93d3cuZXhhbXBsZS5jb20iLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyTG9nbyI6Imh0dHBzOi8vcGxhY2VraXR0ZW4uY29tLzY0MC8zNjAiLCJhbXIiOlsicHdkIl19.EunXxyIVmQYKf7dWWAPLJ9eqnH7TVZ7KC9ZLw-2rfD65Ub7SLmMhSUfcPzuhZFrHsyCe1Hpwe_E3kZU_cVI2XQJluGX4ZEm4Mc_MvA_YExiOxQz7HLreLBFUAjspkqIUxY9K4DbGmBAe5XOsDKw4h4bearQRqaFPlkSzcZhYpvTga4gUMX-QInzPn5Gwa0pCzPmCfznhkRnqALJR81EO8RkBCF9-BREjNGaZ4D_L3eYBukSCShsBCw_igRcQuAcGfUQymciUto4Ln8KM9wm5YNIsorv0lxO98bHHLk2WimJMf0kOlA1KRs03NPOYd0iFj_K-_cIF-vwdON9Ry-DFqQ",
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkIwNEY3QjkxREUzQjk0NzhDNjE4MzNGQjI0QUE1Q0RCIiwidHlwIjoiYXQrand0In0.eyJuYmYiOjE3NDQ4OTI0NTcsImV4cCI6MTc0NDg5NjA1NywiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMyIsImNsaWVudF9pZCI6ImNsaWVudGlkXzgwMSIsImh0dHBzOi8vb3BlbmFjdGl2ZS5pby9jbGllbnRJZCI6ImNsaWVudGlkXzgwMSIsInN1YiI6IjEwMCIsImF1dGhfdGltZSI6MTc0NDg5MjQ1NSwiaWRwIjoibG9jYWwiLCJqdGkiOiIzREI4RDI2Qzc0RUJCRkY4MERFMzFEMUJFMzAzMzYyOCIsInNpZCI6IjhFOURFOEI2MzlCMDEzN0VBOUU5NjA4MTBCNzRFREI2IiwiaWF0IjoxNzQ0ODkyNDU3LCJzY29wZSI6WyJvcGVuaWQiLCJvcGVuYWN0aXZlLWlkZW50aXR5Il0sImFtciI6WyJwd2QiXX0.Vl1rrWZs_U-Q4dfWy00tiq_CSs9wgtuNzXfok4o5tZWGT83HpCjFDBGTinJ0pJePN2a824mPqIjHA5HRn0efVoIsB7g0jv-6cGDbrWke1v6Tt4MN6yM98X1G-1OubR-IP2BYUsubx8N6hvFZ9NPJhfQ71PmLyxvlL5pZ6G7AkHZo6Rhr8wQYoDBw0xIz8LDC8r6QZPSgiediix9LfjmODE2BwLOCfEgIeEbs_ADXp1Zfi9YY-2_cIlGduPfvcUSt_b2_PHs2E6jCzMogapWKpE33XljNnbFERk-p_iAdmHEpne-tCzL3-fvTgIazr1ANW5Fhgbr_ZTJ_qETELqASRA",
"expires_in": 3600,
"token_type": "Bearer",
"scope": "openid openactive-identity"
}
GET https://localhost:5003/.well-known/openid-configuration/jwks
"application/json""gzip, deflate, br""localhost:5003"Response status code: 200.
{
"keys": [
{
"kty": "RSA",
"use": "sig",
"kid": "B04F7B91DE3B9478C61833FB24AA5CDB",
"e": "AQAB",
"n": "yZO68vCGrvfBQ5R1z0DVCRAADOWeF3aLlhOaz1Je1SnmohmmlO-1F1hkRM_4MJtR5aECMxMz-MUW1nBCPmUrH0h_rrdCdDdlk8vTHki0ixK-gO73W2ZscOCZ6L2fZ2Oqz0_I840cnSCv55zpiOk9oGJL9TEsLAWYAIyQheaqZO3BkqImuBFmaLVTckvaZeONjHDQa01rxEjRQByir6oYSZPJy54XuRQJaPuCVNeOW8r0R9rKUQf9nl7tnVvhCsU3q1-UPrs8ZW_kaYXuYQJJMk392jX6XNm6czehIYM-O8Z5eGFdR3WW7IAWYEmqTCxrCRuuKU-EEcKOwksx8gBPgQ",
"alg": "RS256"
}
]
}
id_token claims:
{
"nbf": 1744892457,
"exp": 1744892757,
"iss": "https://localhost:5003",
"aud": "clientid_801",
"iat": 1744892457,
"at_hash": "is2frisBCld_na8tMJaajA",
"sid": "8E9DE8B639B0137EA9E960810B74EDB6",
"sub": "100",
"auth_time": 1744892455,
"idp": "local",
"https://openactive.io/sellerName": "Acme Fitness Ltd",
"https://openactive.io/sellerId": "https://localhost:5001/api/identifiers/sellers/1",
"https://openactive.io/sellerUrl": "https://www.example.com",
"https://openactive.io/sellerLogo": "https://placekitten.com/640/360",
"amr": [
"pwd"
]
}
POST http://localhost:3000/browser-automation-for-auth
"application/json, text/plain, */*""application/json;charset=utf-8"349"localhost:3000"{
"headless": true,
"offlineAccess": true,
"username": "test1",
"password": "test1",
"authorizationUrl": "https://localhost:5003/connect/authorize?client_id=clientid_801&scope=openid%20openactive-identity&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fcb&code_challenge=0TFniT7C1pORm1ma3uVl-QKFs6RZIz4gXEmcgUn6Fjo&code_challenge_method=S256"
}
"https://localhost:5003/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dclientid_801%26scope%3Dopenid%2520openactive-identity%26response_type%3Dcode%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A3000%252Fcb%26code_challenge%3D0TFniT7C1pORm1ma3uVl-QKFs6RZIz4gXEmcgUn6Fjo%26code_challenge_method%3DS256"
"/cb?code=A1CE8C09B2FC61E9DB941014BEA8289D18FAFB3AB0946E12FDBE6D7DF233281D&scope=openid%20openactive-identity&session_state=VuRp_XjKttpwoQPl3nfuF9Tf2jLEE-lEcygK94hgnFE.880169A4B6B3E37633E102AB560C061C"
POST https://localhost:5003/connect/token
"Basic Y2xpZW50aWRfODAxOnNlY3JldA==""application/json""application/x-www-form-urlencoded""205""gzip, deflate, br""localhost:5003""grant_type=authorization_code&code=A1CE8C09B2FC61E9DB941014BEA8289D18FAFB3AB0946E12FDBE6D7DF233281D&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fcb&code_verifier=-IXu0CY24XxZpyu94GcdB0UOhGKJLJoH255GcWQovEw"
Response status code: 200.
{
"id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkIwNEY3QjkxREUzQjk0NzhDNjE4MzNGQjI0QUE1Q0RCIiwidHlwIjoiSldUIn0.eyJuYmYiOjE3NDQ4OTI0NTgsImV4cCI6MTc0NDg5Mjc1OCwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMyIsImF1ZCI6ImNsaWVudGlkXzgwMSIsImlhdCI6MTc0NDg5MjQ1OCwiYXRfaGFzaCI6Im4tUHpHNkhsR1VfNVlSU0gtUXZ4bHciLCJzaWQiOiJGM0Y5ODY0RjdEQjUyMkM4OTM2OTJFODdBN0JCQTA3MSIsInN1YiI6IjEwMCIsImF1dGhfdGltZSI6MTc0NDg5MjQ1OCwiaWRwIjoibG9jYWwiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyTmFtZSI6IkFjbWUgRml0bmVzcyBMdGQiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVySWQiOiJodHRwczovL2xvY2FsaG9zdDo1MDAxL2FwaS9pZGVudGlmaWVycy9zZWxsZXJzLzEiLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyVXJsIjoiaHR0cHM6Ly93d3cuZXhhbXBsZS5jb20iLCJodHRwczovL29wZW5hY3RpdmUuaW8vc2VsbGVyTG9nbyI6Imh0dHBzOi8vcGxhY2VraXR0ZW4uY29tLzY0MC8zNjAiLCJhbXIiOlsicHdkIl19.rM0T48--EK8jaHjBTLJ-CxjAVSZevO82mEYhZbaaAZqIm4P4zV32T5yaO7OqTOYzI2VNVKg2Lv96JMIMVD7i9h3GSXLDaCZQ6T2KGt0mvmVn5DWIJFLgT3U4U_R8qFvjEkXmXltftbuydxiHKo6AjJ5hGz1C17GA3OJkld38UPSfy9C3T_wzegz6oB87k-1nMWrF-ii_O8mwMDKFO18lVEQ0N4QrEM3rAduRVqFo7peJioFaEubPYF6ovzNqDna5Hi9YWhJe5Ymgo27RI75Jdh5jzQX5aG1_E2iflyvWgmJRyGj3mMYHuvlcjgtEByQRvCDwcWI8YCLQ9hqo9PvdFQ",
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkIwNEY3QjkxREUzQjk0NzhDNjE4MzNGQjI0QUE1Q0RCIiwidHlwIjoiYXQrand0In0.eyJuYmYiOjE3NDQ4OTI0NTgsImV4cCI6MTc0NDg5NjA1OCwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMyIsImNsaWVudF9pZCI6ImNsaWVudGlkXzgwMSIsImh0dHBzOi8vb3BlbmFjdGl2ZS5pby9jbGllbnRJZCI6ImNsaWVudGlkXzgwMSIsInN1YiI6IjEwMCIsImF1dGhfdGltZSI6MTc0NDg5MjQ1OCwiaWRwIjoibG9jYWwiLCJqdGkiOiJENDJBOEY4QjZBQjZFNEZDMzIyMDM0MTk5ODQ2QUMwQyIsInNpZCI6IkYzRjk4NjRGN0RCNTIyQzg5MzY5MkU4N0E3QkJBMDcxIiwiaWF0IjoxNzQ0ODkyNDU4LCJzY29wZSI6WyJvcGVuaWQiLCJvcGVuYWN0aXZlLWlkZW50aXR5Il0sImFtciI6WyJwd2QiXX0.SZDAMxSmXwXbjV2n0UpfazyVDME4kWKWQY7MZcS7wRseG1ev7fnBve4KtPoMH99gfhcXpbcNJ1l57mn_eW2P9pqNfaLhWv6_W_CqlXfCmzZ1PZtW_qC-mb0rzpRWIPFonC2RLKZulzI7qUwk4uglL1DGcS-GkSRQGsJkhrsU-BR7fL3iS5yuns_zNLBacd_Rdg9j-g_1JOYAhPr0HRAlZw5ciKpghk_DcNRMlqrm77LZKWB1OmsHn7V2xYgRx4ovKdFWFJMWoYFtudHb_C_wU2_CGjtSIWb5cLkvp7354U4fzWNZMmEc71WZBBQ3oI5nlFb84wlClfVAKwos-M4Q_g",
"expires_in": 3600,
"token_type": "Bearer",
"scope": "openid openactive-identity"
}
id_token claims:
{
"nbf": 1744892458,
"exp": 1744892758,
"iss": "https://localhost:5003",
"aud": "clientid_801",
"iat": 1744892458,
"at_hash": "n-PzG6HlGU_5YRSH-Qvxlw",
"sid": "F3F9864F7DB522C893692E87A7BBA071",
"sub": "100",
"auth_time": 1744892458,
"idp": "local",
"https://openactive.io/sellerName": "Acme Fitness Ltd",
"https://openactive.io/sellerId": "https://localhost:5001/api/identifiers/sellers/1",
"https://openactive.io/sellerUrl": "https://www.example.com",
"https://openactive.io/sellerLogo": "https://placekitten.com/640/360",
"amr": [
"pwd"
]
}
https://openactive.io/sellerId claim in id_tokenid_token as defined in specificationhttps://openactive.io/sellerId claim in id_tokenid_token as defined in specification