From ddb9e951285a7f27693652f8f2491551297280f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rune=20T=C3=B8mmer=C3=A5s=20Larsen?= Date: Tue, 17 Dec 2024 08:29:27 +0100 Subject: [PATCH] Feature/refsdocsmore (#1947) * updates * Text updates --- .../referenceimplementations/_index.md | 20 ++++++----- .../referenceimplementations/_index.nb.md | 21 +++++++++--- .../smartcloud/_index.md | 34 +++++++++++++++++++ .../smartcloud/_index.nb.md | 34 +++++++++++++++++++ .../systemadmin/_index.md | 16 +++++++++ .../systemadmin/_index.nb.md | 16 +++++++++ .../systemuserapi/_index.md | 17 ++++++++++ .../systemuserapi/_index.nb.md | 13 +++++++ 8 files changed, 157 insertions(+), 14 deletions(-) create mode 100644 content/authentication/reference/referenceimplementations/smartcloud/_index.md create mode 100644 content/authentication/reference/referenceimplementations/smartcloud/_index.nb.md create mode 100644 content/authentication/reference/referenceimplementations/systemadmin/_index.md create mode 100644 content/authentication/reference/referenceimplementations/systemadmin/_index.nb.md create mode 100644 content/authentication/reference/referenceimplementations/systemuserapi/_index.md create mode 100644 content/authentication/reference/referenceimplementations/systemuserapi/_index.nb.md diff --git a/content/authentication/reference/referenceimplementations/_index.md b/content/authentication/reference/referenceimplementations/_index.md index df68437cfb..9a7a022e66 100644 --- a/content/authentication/reference/referenceimplementations/_index.md +++ b/content/authentication/reference/referenceimplementations/_index.md @@ -1,22 +1,24 @@ --- -title: Altinn Authentication - Reference implementations -linktitle: Reference documentation -description: Here you find reference implementations using Altinn Authentication functionality +title: Altinn Authentication - Reference Implementations +linktitle: Reference Documentation +description: Find reference implementations using Altinn Authentication functionality. weight: 5 --- - - ## Systemuser API -Shows of a serivce owner can create a +Demonstrates token validation to authenticate a system user token from Maskinporten and the call to Altinn PDP to authorize access. +[Read more](systemuserapi) -## SmartCloud +## SmartCloud -Smartcloud is a reference implementatoin how a system vendor can use Altinn Systemuser API +SmartCloud is a reference implementation showing how a system vendor can use the Altinn Systemuser API. +[Read more](smartcloud) ## Systemregister Admin -Shows how \ No newline at end of file +Illustrates how a system vendor can register and update a system in the system register. + +[Read more](systemadmin) diff --git a/content/authentication/reference/referenceimplementations/_index.nb.md b/content/authentication/reference/referenceimplementations/_index.nb.md index b2309b46ba..32b90efd5d 100644 --- a/content/authentication/reference/referenceimplementations/_index.nb.md +++ b/content/authentication/reference/referenceimplementations/_index.nb.md @@ -1,13 +1,24 @@ --- -title: Altinn Authentication - Reference documentation -linktitle: Reference documentation -description: Here you find various reference documentation for Altinn Authentication. Including our Architecture. +title: Altinn Autentisering - Referanseimplementasjoner +linktitle: Referansedokumentasjon +description: Finn referanseimplementasjoner som bruker Altinn Autentiseringsfunksjonalitet. weight: 5 --- +## Systembruker API -## Architecture +Demonstrerer tokenvalidering for å autentisere en systembrukertoken fra Maskinporten og kallet til Altinn PDP for å autorisere tilgang. -See details about the Archtecture for Altinn Authentication +[Les mer](systemuserapi) +## SmartCloud +SmartCloud er en referanseimplementasjon som viser hvordan en systemleverandør kan bruke Altinn Systembruker API. + +[Les mer](smartcloud) + +## Systemregister Admin + +Illustrerer hvordan en systemleverandør kan registrere og oppdatere et system i systemregisteret. + +[Les mer](systemadmin) diff --git a/content/authentication/reference/referenceimplementations/smartcloud/_index.md b/content/authentication/reference/referenceimplementations/smartcloud/_index.md new file mode 100644 index 0000000000..226204f222 --- /dev/null +++ b/content/authentication/reference/referenceimplementations/smartcloud/_index.md @@ -0,0 +1,34 @@ +--- +title: SmartCloud - Altinn Reference Implementation +linktitle: SmartCloud +description: Reference implementation for integrating System User functionality into end-user systems. +weight: 5 +--- + +SmartCloud demonstrates how system vendors can integrate System User functionality into their products, including: + +- Creating a system user token from Maskinporten +- Using system user tokens to call public APIs +- Registering requests for creating system users +- Checking the status of system user requests +- Listing all system users for a system + +## Creating a System User Request + +End users can sign up as users for SmartCloud. Depending on the SmartCloud version, different rights will be requested. + +The request is sent from the [Redirect controller](https://github.com/TheTechArch/altinn-systemuser/blob/main/src/SystemUserClientSystem/SuperSystem/SuperSystem.Server/Controllers/RedirectController.cs#L35). The rights requested vary based on the product. + +SmartCloud authenticates with Maskinporten and requests a token with the scope **altinn:authentication/systemuser.request.write**. + +## Creating a Maskinporten System User Token + +SmartCloud includes code to generate a Maskinporten token for system users using the "logged in" organization number. + +## Calling APIs with System User Token + +With the generated system user token, SmartCloud can call various APIs. + +- The [LogisticController](https://github.com/TheTechArch/altinn-systemuser/blob/main/src/SystemUserClientSystem/SuperSystem/SuperSystem.Server/Controllers/LogisticController.cs) calls the Logistics API, requiring read access for the resource. + +The project can be studied [here](https://github.com/TheTechArch/altinn-systemuser/tree/main/src/SystemUserClientSystem/SuperSystem). diff --git a/content/authentication/reference/referenceimplementations/smartcloud/_index.nb.md b/content/authentication/reference/referenceimplementations/smartcloud/_index.nb.md new file mode 100644 index 0000000000..89ef7fc0b9 --- /dev/null +++ b/content/authentication/reference/referenceimplementations/smartcloud/_index.nb.md @@ -0,0 +1,34 @@ +--- +title: SmartCloud - Altinn Referanseimplementering +linktitle: SmartCloud +description: Referanseimplementering for integrering av Systembruker-funksjonalitet i sluttbrukersystemer. +weight: 5 +--- + +SmartCloud demonstrerer hvordan systemleverandører kan integrere Systembruker-funksjonalitet i sine produkter, inkludert: + +- Opprette en systembrukertoken fra Maskinporten +- Bruke systembrukertoken for å kalle offentlige API-er +- Registrere forespørsler om å opprette systembrukere +- Sjekke statusen for systembrukerforespørsler +- Liste opp alle systembrukere for et system + +## Opprette en Systembrukerforespørsel + +Sluttbrukere kan registrere seg som brukere for SmartCloud. Avhengig av SmartCloud-versjonen vil forskjellige rettigheter bli forespurt. + +Forespørselen sendes fra [Redirect controller](https://github.com/TheTechArch/altinn-systemuser/blob/main/src/SystemUserClientSystem/SuperSystem/SuperSystem.Server/Controllers/RedirectController.cs#L35). Rettighetene som forespørres varierer basert på produktet. + +SmartCloud autentiserer med Maskinporten og ber om en token med omfanget **altinn:authentication/systemuser.request.write**. + +## Opprette en Maskinporten Systembrukertoken + +SmartCloud inkluderer kode for å generere en Maskinporten-token for systembrukere ved bruk av det "innloggede" organisasjonsnummeret. + +## Kalle API-er med Systembrukertoken + +Med den genererte systembrukertoken kan SmartCloud kalle ulike API-er. + +- [LogisticController](https://github.com/TheTechArch/altinn-systemuser/blob/main/src/SystemUserClientSystem/SuperSystem/SuperSystem.Server/Controllers/LogisticController.cs) kaller Logistics API, som krever leseadgang for ressursen. + +Prosjektet kan studeres [her](https://github.com/TheTechArch/altinn-systemuser/tree/main/src/SystemUserClientSystem/SuperSystem). diff --git a/content/authentication/reference/referenceimplementations/systemadmin/_index.md b/content/authentication/reference/referenceimplementations/systemadmin/_index.md new file mode 100644 index 0000000000..8c056780ee --- /dev/null +++ b/content/authentication/reference/referenceimplementations/systemadmin/_index.md @@ -0,0 +1,16 @@ +--- +title: System Admin - Reference Implementations +linktitle: Reference Documentation +description: Reference implementations using Altinn Authentication functionality +weight: 5 +--- + +The System Admin application demonstrates how a system vendor can register and update a system in the Altinn System Register. + +To add and update systems, the scope **altinn:authentication/systemregister.write** is required. + +The application uses a Maskinporten token exchanged for an Altinn token. + +The call is made from the [System Register Service](https://github.com/TheTechArch/altinn-systemuser/blob/main/src/SystemAdmin/Services/SystemRegister.cs) in this application. + +See the .NET project [here](https://github.com/TheTechArch/altinn-systemuser/tree/main/src/SystemAdmin). diff --git a/content/authentication/reference/referenceimplementations/systemadmin/_index.nb.md b/content/authentication/reference/referenceimplementations/systemadmin/_index.nb.md new file mode 100644 index 0000000000..4a6d3999bd --- /dev/null +++ b/content/authentication/reference/referenceimplementations/systemadmin/_index.nb.md @@ -0,0 +1,16 @@ +--- +title: Systemadmin - Referanseimplementasjoner +linktitle: Referansedokumentasjon +description: Referanseimplementasjoner som bruker Altinn Autentisering-funksjonalitet +weight: 5 +--- + +Systemadmin-applikasjonen demonstrerer hvordan en systemleverandør kan registrere og oppdatere et system i Altinn Systemregister. + +For å legge til og oppdatere systemer, kreves omfanget **altinn:authentication/systemregister.write**. + +Applikasjonen bruker en Maskinporten-token som byttes mot en Altinn-token. + +Kallet gjøres fra [Systemregistertjenesten](https://github.com/TheTechArch/altinn-systemuser/blob/main/src/SystemAdmin/Services/SystemRegister.cs) i denne applikasjonen. + +Se .NET-prosjektet [her](https://github.com/TheTechArch/altinn-systemuser/tree/main/src/SystemAdmin). diff --git a/content/authentication/reference/referenceimplementations/systemuserapi/_index.md b/content/authentication/reference/referenceimplementations/systemuserapi/_index.md new file mode 100644 index 0000000000..0f7b8c42a1 --- /dev/null +++ b/content/authentication/reference/referenceimplementations/systemuserapi/_index.md @@ -0,0 +1,17 @@ +--- +title: Reference Implementation System User API +linktitle: SystemUser API +description: Reference implementations using Altinn Authentication functionality +weight: 5 +--- + +The SystemUser API reference implementation demonstrates how a service owner can use Altinn Authorization to authorize access to various resources in the resource registry. + +- [LogisticsAPI](https://github.com/TheTechArch/altinn-systemuser/blob/main/src/SystemUserApi/SystemUserApi/Controllers/LogisticsController.cs) checks for read access to the resource **ttd_systembruker-logistikk-demo** +- [SalaryAPI](https://github.com/TheTechArch/altinn-systemuser/blob/main/src/SystemUserApi/SystemUserApi/Controllers/SalaryController.cs) checks for read access to the resource **ttd_systembruker-salary** + +The SystemUser API uses Altinn PDP to authorize access for the system user. It retrieves information about the system user from the authenticated identity and uses that information to call Altinn authorization. + + + +The project can be studied [here](https://github.com/TheTechArch/altinn-systemuser/tree/main/src/SystemUserApi/SystemUserApi). diff --git a/content/authentication/reference/referenceimplementations/systemuserapi/_index.nb.md b/content/authentication/reference/referenceimplementations/systemuserapi/_index.nb.md new file mode 100644 index 0000000000..c53b896f8f --- /dev/null +++ b/content/authentication/reference/referenceimplementations/systemuserapi/_index.nb.md @@ -0,0 +1,13 @@ +--- +title: Referanseimplementasjon Systembruker API +linktitle: Systembruker API +description: Referanseimplementasjoner som bruker Altinn Autentisering-funksjonalitet +weight: 5 +--- + +Referanseimplementasjonen for Systembruker API demonstrerer hvordan en tjenesteeier kan bruke Altinn Autorisasjon for å autorisere tilgang til ulike ressurser i ressursregisteret. + +- [LogistikkAPI](https://github.com/TheTechArch/altinn-systemuser/blob/main/src/SystemUserApi/SystemUserApi/Controllers/LogisticsController.cs) sjekker for lesetilgang til ressursen **ttd_systembruker-logistikk-demo** +- [LønnAPI](https://github.com/TheTechArch/altinn-systemuser/blob/main/src/SystemUserApi/SystemUserApi/Controllers/SalaryController.cs) sjekker for lesetilgang til ressursen **ttd_systembruker-salary** + +Systembruker API bruker Altinn PDP for å autorisere tilgang for systembrukeren. Den henter informasjon om systembrukeren fra den autentiserte identiteten og bruker den informasjonen til å kalle Altinn autorisasjon.