From d5d369777a541e8a81b92565196069855842601f Mon Sep 17 00:00:00 2001
From: Michiel de Jong <michiel@pondersource.com>
Date: Fri, 2 Feb 2024 11:15:54 +0100
Subject: [PATCH] pick=webdav-folder

---
 README.md             | 2 +-
 phase-2/poc/auth.js   | 7 ++++---
 phase-2/poc/client.js | 4 ++--
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 260dcf3..57e1fe2 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,7 @@ generated `ticket` which acts as a transaction identifier and a `redirect_uri` p
 * The client knows how to contact the auth server to exchange this refresh token for an access token
 * The client now needs to discover access instructions. The client directly asks the resource server for this
 ### How is this different?
-* the client sends 'a-webdav-folder' as the scope, and gets back a URL for a structured scope
+* the client sends 'pick=webdav-folder' instead of 'scope=...', and gets back a URL for a structured scope
 * this scope was chosen by the user at the resource server's scope selection interface, the auth server doesn't understand it, except for the `humanReadable` field which it can display.
 * the client can deference the scope to discover the protocol version, resource URL, etc.
 
diff --git a/phase-2/poc/auth.js b/phase-2/poc/auth.js
index 86ff106..1346ecb 100644
--- a/phase-2/poc/auth.js
+++ b/phase-2/poc/auth.js
@@ -8,7 +8,8 @@ const screen1part1 = `
 Here are some services you may want to share resources from, connected to your account:
 <ul>
   <li><a href="http://localhost:3003/scope?redirect_uri=` + encodeURIComponent(`http://localhost:3002/callback`) + `&state=`;
-const screen1part2 = `">Research Drive</a></li>  
+const screen1part2 = `&pick=`;
+const screen1part3 = `">Research Drive</a></li>
   <li><a href="">iRods</a></li>
   <li><a href="">Microsoft Outlook Calendar</a></li>
 </ul>
@@ -60,7 +61,7 @@ http.createServer((req, res) => {
         const url_parts = url.parse(req.url, true);
         const query = url_parts.query;
         console.log('new transaction', query);
-        if (query.scope == 'a-webdav-folder') {
+        if (query.pick == 'webdav-folder') {
             console.log(`need to pick ${query.scope}!`);
             if (query.state && query.redirect_uri) {
                 const clientTicket = query.state;
@@ -70,7 +71,7 @@ http.createServer((req, res) => {
                     clientTicket
                 };
                 console.log(tickets);
-                res.end(screen1part1 + resourceTicket + screen1part2);
+                res.end(screen1part1 + resourceTicket + screen1part2 + query.pick + screen1part3);
             }
         } else {
             console.log(`need to dereference ${query.scope}`);
diff --git a/phase-2/poc/client.js b/phase-2/poc/client.js
index 2c0b0b4..4d053dd 100644
--- a/phase-2/poc/client.js
+++ b/phase-2/poc/client.js
@@ -10,11 +10,11 @@ const screen1part1 = `
     `response_type=code&` +
     `client_id=ahxoh2ohTu&` +
     `redirect_uri=` + encodeURIComponent(`http://localhost:3001/callback1`) + `&` +
-    `scope=a-webdav-folder&state=`;
+    `pick=webdav-folder&state=`;
     
 const screen1part2 = `">here</a> to discover SRAM-based services to connect with your VM.</li>
     <li>Click <a href="">here</a> to discover Danish services to connect with your VM.</li>
-    <li>Or go directly to <a href="http://localhost:3003/scope?redirect_uri=` + encodeURIComponent(`http://localhost:3001/callback2`) + `&state=`;
+    <li>Or go directly to <a href="http://localhost:3003/scope?redirect_uri=` + encodeURIComponent(`http://localhost:3001/callback2`) + `&pick=webdav-folder&state=`;
 const screen1part3 = `">Research Drive</a></li>
     <li>etc&hellip;</li>
 </ul>