This document describes the design artefacts for the Authentication part of the overall ODA Canvas design.
The authentication use cases are documented in the use case library as follows:
- UC001-Bootstrap-role-for-component
- UC002-Expose-APIs-for-Component
- UC003-Discover-dependent-APIs-for-Component
- UC007-Authentication-external
- UC008-Authentication-internal
For each use case, a set of BDD features describes the behaviour required of the Canvas, using scenarios. The goal is for a set of business-friendly pseudo-code that describes the behaviour of the Canvas, and that directly maps to tests that will test that feature. Some features are option - the test report will indicate which features have passed, but will not fail the test for a canvas if an optional feature is not implemented.
| Use case | BDD Feature | Mandatory / Optional | Description | Status |
|---|---|---|---|---|
| UC001 | F001 | Mandatory | Secure User and Role Information Communication | Not started Issue #79 |
| UC001 | F002 | Mandatory | Support Standard Defined Role for Canvas Admin | Not started Issue #85 |
| UC001 | F003 | Mandatory | Grouping Permission Specification Sets into Business Roles in Identity Management Solution | Not started Issue #82 |
| UC001 | F004 | Mandatory | Component Exposes Permission Specification Set Towards Canvas | Not started Issue #81 |
| UC002 | F001 | Mandatory | Create an API resource | Complete |
| UC002 | F002 | Mandatory | Publish API Resource URL | Complete |
| UC002 | F003 | Mandatory | Verify API implementation is ready | Complete |
| UC002 | F004 | Mandatory | Upgrade component with additional API | Complete |
| UC002 | F005 | Mandatory | Upgrade component with removed API | Complete |
| UC002 | F006 | Optional | Component-Specified Rate Limiting and Throttling of API Requests | Not started Issue #80 |
| UC007 | F001 | Mandatory | Logging and Monitoring of Authentication Activity | Not started Issue #84 |