Challenge Overview
Project Overview
BrivoLabs
has a beta version of a node.js/coffeescript application that is called Social Access Management (SAM) API. It uses postgres database, runs on heroku, consists of both a web and a worker process, and uses a redis-based message queue to communicate between them
Competition Task Overview
The goal of this challenge is to add new features to SAM API Oauth Server.
Detailed Requirements
In this challenge you need to provide an updated architecture documents to enable the following features in SAM OAuth Server :
- Expire the tokens after a configurable time period (i.e. ~5 days) : We expect current dependency oauth node modules support this feature. We are using heroku in production, take this into account when designing the solution.
- Invalidating OAuth token during the logout flow : we already have logout flow but tokens are still valid and can be used even after logout being completed successfully.
- Enable the use of a refresh token to negotiate a new access token.
Hosted API and OAuth server
You can import the postman.json included in the attached source code to Postman REST Client in Chrome browser to make calls to API and OAuth Server.
The API and OAuth Server are hosted here http://brivolabs-sam-cs.herokuapp.com/
We also have io-docs that you can use and hosted here http://brivolabs-iodocs-cs.herokuapp.com/
Deploying API and OAuth Server
You can also deploy choose to deploy the API and OAuth server locally or to heroku. Follow the README file in the attached source code for detailed information about deployment.
Documentation Provided
Provided in challenge forums the souce code, it includes a docs folder that have all the existing architecture documents.
Final Submission Guidelines
Submission Deliverables
- Application Design Specification
- Entity Relationship Diagram(s)
- Sequence Diagrams
- Interface Diagrams
- Assembly Specifications
Submission Guidelines
For each member, the final submission should be uploaded to the Online Review Tool.