Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Sign-In Service Client Configuration and Documentation #184

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add Sign-In Service Client Configuration and Documentation #184

wants to merge 1 commit into from

Conversation

anjolovic
Copy link

@anjolovic anjolovic commented Jan 2, 2025
edited
Loading

Description

This PR focuses on improving the developer setup experience and providing clear instructions for both client configuration and load testing preparation.

Changes

  • Updated README.md with correct client configuration steps
  • Added detailed SignIn::ClientConfig creation example
  • Fixed typo in database seeding instruction
  • Documented environment variable requirements
  • Added load testing preparation guidance

Configuration Details

# Client Configuration
client = SignIn::ClientConfig.create!(
  client_id: 'sample_client_api',
  authentication: 'api',
  pkce: true,
  redirect_uri: 'http://localhost:4567/auth/callback',
  access_token_duration: 300,    # 5 minutes
  refresh_token_duration: 1800,  # 30 minutes
  access_token_audience: 'va.gov',
  service_levels: ['ial2'],
  access_token_attributes: ['first_name', 'last_name', 'email'],
  credential_service_providers: ['idme', 'logingov']
)

Environment Configuration

# .env.local
SIS_CLIENT_ID='sample_client_api'
SIS_BASE_URL='http://localhost:3000'
SIS_AUTH_TYPE='api'

Testing Instructions

  1. Start vets-api server:

    cd vets-api
rails s

  2. Start the client:

    cd sign-in-service-client
bin/setup
bin/server

  3. Visit http://localhost:4567 and verify:

    • Sign-in button works
    • Both ID.me and Login.gov options are available
    • Authentication flow completes successfully
    • Profile page displays user information

Load Testing Preparation

This configuration provides a foundation for load testing with:

  • Defined token lifetimes
  • IAL2 service level support
  • Both ID.me and Login.gov providers
  • API authentication mode with PKCE

Checklist

  • Updated documentation
  • Added client configuration
  • Tested authentication flow
  • Verified environment variables
  • Prepared load testing foundation
  • Added test coverage

Related Issues

Closes #[issue_number]

@anjolovic
docs(readme): add client configuration instructions
698ecdd 
- Fix typo in database seeding instruction
- Add detailed section on creating new client configuration
- Include complete example of SignIn::ClientConfig creation
- Document all required configuration fields and values
- Ensure consistency between vets-api and client env settings

This update helps developers properly configure the sign-in service
client with vets-api, reducing setup issues and improving the
developer experience.
@anjolovic anjolovic requested a review from a team as a code owner January 2, 2025 17:33
@anjolovic anjolovic requested a review from bosawt January 2, 2025 17:35
bosawt
bosawt requested changes Jan 3, 2025
View reviewed changes
Copy link

@bosawt bosawt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typo fix 👍

For the client configuration change, I think we should update/add the necessary seed in vets-api db/seeds/development.rb for load testing, and then potentially have this documentation in the load testing repository. I want to keep this application as simple as possible and not reveal the configuration more than necessary in this specific document (basically I want to keep this application as 'here's an example of a web OAuth client, here's an example of an api OAuth client', not 'here are all the possibilities you have access to with a Sign in Service client')

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bosawt bosawt bosawt requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@anjolovic @bosawt