Date post: | 09-May-2015 |
Category: |
Technology |
Upload: | andreas-akre-solberg |
View: | 1,075 times |
Download: | 0 times |
VOOT
Andreas Åkre SolbergUNINETT
Stockholm, April 2014
Consumer Service Provider
Resource
Resource
ResourceCRUD
Typical protocol stack
HTTP
OAuth
SCIM
Resources as JSONSCIM CRUD operations
REST
User
Group
……
Resource types
{ "schemas": [ "urn:scim:schemas:core:1.0” ], "id": "2819c223-413861904646", "userName": "[email protected]", "displayName": "Babs Jensen", "preferredLanguage": "en_US", "locale": "en_US", "timezone": "America/Los_Angeles"}
{ "schemas": [ "urn:scim:schemas:core:1.0" ], "id": "e9e30dba-f08f-4109", "displayName": "Tour Guides"}Resource
instances
Resource types
Schemas
User Group
SCIMCoreUser
SCIMCore
Group
SCIMCore
Enterprise User
Attributes
Multi-valuedSingle-valued
Simple Complex
StringBoolean
DecimalInteger
DateTimeBinary
SCIM Extension model
› Extension Schemas› New Resource types
VOOTas of April 2014
Built on top of SCIM 2.0.› Minor SCIM adjustments (needs to be sorted out)
› Schemas for groups› New resource types› Pre-defined group types
Todo
› Use case and best practice› Architecture, federation and more
Work in progress
User Group
is member of**
SCIMToo simple group membership model
VOOTis extending SCIM
User Role Group GroupType
Only one role object for each combination of user and group
TranslatableString{
"id": "e01eafb1-5f1c-4992-fcd5-ab0160c7ad24", "description": { "en": "Second year mathematics at the university", "nb": "Andre årets mattekurs ved universitet" }}
{"id": "e01eafb1-5f1c-4992-fcd5-ab0160c7ad24",
"description": "Andre årets mattekurs ved universitet"}
HTTP Content negotiation
?translate=1
{"""""id":""""""""e01eafb1-5f1c-4992-fcd5-ab0160c7ad24","""""sourceID":""voot:sources:uninett:fs","""""displayName_":"{"""""""""en":""Course"M.201"Mathematics"at"University"of"Oslo","""""""""nb":""Fag"M.201"Matematikk"ved"Universitetet"i"Oslo"""""},"""""description":"{"""""""""en":""Second"year"mathematics"at"the"university","""""""""nb":""Andre"årets"mattekurs"ved"universitet"""""},"""""groupType":""voot:groupTypes:edu:courses","""""notBefore":""2006-08-01T12:00:00Z","""""groupActive":""true,"""""public":"""true,"""""may":"{"""""""""listMembers":"true,"""""""""manageMembers":"false""""}}
Groups
› sourceID› id, name and description› groupType (reference)› permissions (for current user)› active?› public?› time limitation (notBefore, notAfter)
{"""""basic":""admin","""""displayName_":"{"""""""""en":""Teacher","""""""""nb":""Lærer"""""},"""""notBefore":"""""2014B01B01T12:00:00Z","""""notAfter":""""""2014B08B01T12:00:00Z","""""roleActive":"""true,"""""course_role":"""teacher"}
Roles
› basic role abstraction (member, admin and owner)› displayName› groupType (reference)› active?› time limitation (notBefore, notAfter)
› Refers to both user and group
If a user is member of a group, there exists one and only one role object for that relation.
› Embedded in group list› Embedded in user list› Standalone
{"""""id":""voot:groupTypes:edu:courses","""""displayName":"{"""""""""en":""Course","""""""""nb":""Fag"""""},"""""sourceID":""voot:sources:uninett:fs","""""groupSchemas":"""""["""""""""voot:groupschemaX"""""],"""""roleSchemas":""["""""""""voot:roleschemaX"""""]}
GroupTypes › Predefined listVOOT spec contains a set of well defined group types for higher education.
› Dynamic supportClients does not need to understand group types in advance, but may want to sort groups according to type regardless.
› SchemasRefers to schemas for with extended attributes for both groups and roles.
GroupTypes
Harmonization / standardisation needed
Institutionwith schema that maps
eduPerson affiliation
Ad-Hoc
OrgUnit
Cohort Study Course
GroupTypes
Information about course is obtained from group and role resource.
Course
{"""""id":""""""""e01eafb1-5f1c-4992-fcd5-ab0160c7ad24","""""displayName_":"{"""""""""en":"“Mathematics"101”""""}"""""groupType":""voot:groupTypes:edu:courses","""""notBefore":""2006-08-01T12:00:00Z","""""groupActive":""true,"""""public":"""true,"""""may":"{"""""""""listMembers":"true,"""""""""manageMembers":"false""""}}
{"""""basic":""admin","""""displayName_":"{"""""""""en":""Teacher","""""""""nb":""Lærer"""""},"""""notBefore":"""""2014-01-01T12:00:00Z","""""notAfter":""""""2014-08-01T12:00:00Z","""""roleActive":"""true,"""""course_role":"""teacher"}
{BASE}/me
VOOT ProtocolInformation about me
{BASE}/me/GroupsThe groups that I am member of
Responds with a list (ResourceList) of group resources, where the role for the current user is embedded in the vootRole property.
{BASE}/Roles/{GROUPID}/{USERID}The role for a given combination of user and group.
{BASE}/Groups/{GROUPID}/membersList of members of a group
Responds with a list (ResourceList) of role resources, where the user object is embedded.
{BASE}/Groups?search={SEARCH-TERM}Querying for public groups
Next…Continue work with specificationInvolve with SCIM 2.0 standardisationImplementation to get understandingInterop between federationsFurther work on architecture, cross-federation