docs(tent): reformat readme (#4297)

JanssenProject · Mar 24, 2023 · f908484 · f908484
1 parent 92a81b9
commit f908484
Showing 1 changed file with 45 additions and 56 deletions.
diff --git a/demos/jans-tent/README.md b/demos/jans-tent/README.md
@@ -1,86 +1,75 @@
 # Jans Tent
 
-This client aims to be a reliable client build with BDD / TDD metologies to be used in auth testing.
-
-Flask based auth/identity app based on test-first, made to encourage and learn BDD and TDD.
-
-## Contributing
-
-### Code of Conduct
-
-[Janssen code of conduct](https://docs.jans.io/head/CODE_OF_CONDUCT/) ensures that Janssen community is a welcoming place for everyone.
-
-### Contribution Guidelines
-
-[Contribution guide](https://docs.jans.io/head/CONTRIBUTING/) will give you all necessary information and `howto` to get started. Janssen community welcomes all types of contributions. Be it an interesting comment on an open issue or implementing a feature.  Welcome aboard! ✈️
-
-## Authorization code flow / Protected Ressources
-
-![auth code flow](docs/images/authorize_code_flow.png)
-
-``` websequencediagrams.com
-actor User
-User->Browser: Clicks login
-Browser->App:
-App->OP: authorization code request
-OP->Browser: Redirect to login prompt
-User->Browser: Authenticate and Conset
-Browser->OP:Post Ahthenticate and consent
-User->OP: Authenticate and consent
-OP->App: Returns authorization code
-App->OP: Request access/id token
-OP->OP: Validates authorization code
-OP->App: Returns ID Token / Access Token
-App->App: Create a new session\n with same state
-App->Browser: Set session cookies, \nRedirects to protected resource
-Browser->App: Request protected ressource
-App->App: Restore previous token from DB
-App->App: Validate session / token
-App->App: Return protected-content\nOr unauthorized error
-```
+A reliable OpenID client to be used in auth testing.
 
 ## Installation
 
-* Install dependencies
-
-```bash
-pip3 install -r requirements.txt
-```
-
-* Create client on Auth server, i.e.:
+**Note**: *If you are using Mac, **or** want to use different python versions, use **Pyenv**.*
+
+1. Navigate tho the project root folder `jans/demos/jans-tent`
+2. Create virtual environment
+  ```bash
+  python3 -m venv venv
+  ```
+3. Activate the virtual virtual environment
+  ```bash
+   source venv/bin/activate 
+  ```
+4. Install dependencies
+  ```bash
+  pip install -r requirements.txt
+  ```
+
+## Setup
+
+### 1. Create client on Auth server, i.e.:
   * response_type `code`
   * redirect_uri `https://localhost:9090/oidc_callback`
   * Grants `authorization_code`
   * client authn at token endpoint `client_secret_post`
   * scopes `openid` `profile` `email`
   Please notice: You may also use the `register` endpoint, still to be documented.
 
-* Edit configuration file `clientapp/config.py` according to your needs. I.e:
+### 2. Edit configuration file `clientapp/config.py` according to your needs. I.e:
   * Input client_id and secret from above step
   * Set OpenID configuration endpoint URL (`SERVER_META_URL`)
 
-* Generate test RP server self signed certs
+### 3. Generate test RP server self signed certs
+
+Generate `key.pem` and `cert.pem` at `jans-tent` project root folder (`jans/demos/jans-tent`). i.e: 
+```bash
+openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365 -nodes
+```
 
-Generate `key.pem` and `cert.pem` at `jans-tent` project root, i.e:
-`openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365 -nodes`
+### 4. Import your Auth Server certificate and add it to `CERT_PATH`, `SSL_CERT_FILE`, `REQUESTS_CA_BUNDLE`.
 
-* Import your Auth Server certificate and add it to `CERT_PATH`, `SSL_CERT_FILE`, `REQUESTS_CA_BUNDLE`.
+(remember to be inside your virtual environment)
 
-Example:
+Replace `OP_HOSTNAME` with the op hostname being used.
 ```bash
+echo | openssl s_client -servername OP_HOSTNAME \
+ -connect OP_HOSTNAME:443 | sed -ne \
+ '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' \
+ > op_web_cert.cer
 export CERT_PATH=$(python3 -m certifi)
 export SSL_CERT_FILE=${CERT_PATH}
 export REQUESTS_CA_BUNDLE=${CERT_PATH}
-mv issuer.cer $(python3 -m certifi)
+mv op_web_cert.cer $(python3 -m certifi)
 ```
 
-* Run server
+## Using the server
+
+### Start the server
 
+(remember to be inside your virtual environment)
 ```bash
-python3 main.py
+python main.py
 ```
 
-* navigate to `https://localhost:9090/protected-content`
+### Start the flow
+
+Navigate to `https://localhost:9090` and click the link to start.
+
 
 ## Extra Features
 
@@ -91,7 +80,7 @@ Sending a `POST` request to `/register` endpoint containing a `JSON` with the OP
 ```json
 {
     "op_url": "https://oidc-provider.jans.io",
-    "client_url": "https://my-client.mydomain.com"
+    "client_url": "https://localhost:9090"
 }
 ```