No description, website, or topics provided.
Scala HTML Java Shell
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
app
conf
docs
it
project
test/uk/gov/hmrc/mobiletokenproxy
.gitignore
.travis.yml
LICENSE
README.md
build.sbt
start-docker.sh

README.md

mobile-token-proxy

Build Status Download

The service acts as a proxy to the API Gateway /oauth/token service and is also responsible for generating the API Gateway authentication HTTP request.

Endpoints

Path Supported Methods Description
/oauth/authorize GET Request to build an authentication request to the API Gateway. More...
/oauth/token POST Request for an access-token to make API Gateway service calls. More...
/oauth/taxcalctoken GET Request for tax-calc token to make API Gateway service calls. More...

Using the service locally.

To test the token service locally then below the services must be running.

API_GATEWAY_PROXY, AUTH, AUTH_LOGIN_STUB, USER_DETAILS, MOBILE_TOKEN_PROXY.

Once the services are running then follow steps below in order to test the /authorize and /oauth/token services.

  1. Open a new browser and enter the below URL into the address bar.
/oauth/authorize
  1. Once the service redirects to the below URL, override the port 9025 with 9949. Please note since CoAFE is not running, the request will fail. This makes no difference and please override the port and then press return.
http://localhost:9025/gg/sign-in?continue=http%3A%2F%2Flocalhost%3A8236%2Foauth%2Fgrantscope%3Fredirect_uri%3Durn%253Aietf%253Awg%253Aoauth%253A2.0%253Aoob%253Aauto%26auth_id%3D26201d52-cf29-4f74-98c5-53126a6a8b60%26scope%3Dread%253Apersonal-income%2Bread%253Acustomer-profile%2Bread%253Amessages%2Bread%253Asubmission-tracker%2Bread%253Aweb-session
  1. The auth-login-stub will now be displayed. Input the fields PID, NINO and set CL to 200.

  2. Once the grant-page is returned obtain the access-code from the title within the page.

  3. Make a call to the mobile-token-proxy /oauth/token service supplying the authorizationCode as the access-code.

http://localhost:8239/oauth/token

The form POST to the above URL will look like below. Please note the authorizationCode is extracted from the access-code in step 4 above.

{"authorizationCode":"a4059838-c9d4-4a2f-9539-2c8b4fa60395"}
  1. The service will return a response like below.
{
    "accessToken": "a4059838-c9d4-4a2f-9539-2c8b4fa60395",
    "refreshToken": "a4059838-c9d4-4a2f-9539-2c8b4fa60395",
    "expires_in": 14400
}
  1. Subsequent calls should supply the refreshToken.
{"refreshToken":"a4059838-c9d4-4a2f-9539-2c8b4fa60395"}

License

This code is open source software licensed under the Apache 2.0 License.