INTO-CPS-Association · prasadtalasila · Jun 5, 2024 · May 7, 2024 · May 22, 2024 · May 26, 2024
diff --git a/cli/README.md b/cli/README.md
@@ -84,8 +84,8 @@ This brings up the containers, without the AuthMS authentication.
 - Currently the _email_ fields for each user in
   _dtaas.toml_ are not in use, and are not necessary
   to fill in. These emails must be configured manually
-  for each user in the docker/conf.local or
-  docker/conf.server files and the _traefik-forward-auth_
+  for each user in the
+  deploy/docker/conf.server files and the _traefik-forward-auth_
   container must be restarted. This is done as follows:
 
 - Go to the _docker_ directory
@@ -94,13 +94,6 @@ This brings up the containers, without the AuthMS authentication.
 cd <DTaaS>/docker
 ```
 
-- Add two lines to the `conf.local` file
-
-```txt
-rule.onlyu4.action=allow
-rule.onlyu4.rule=PathPrefix(`/user4`)
-```
-
 - Add three lines to the `conf.server` file
 
 ```txt
@@ -109,16 +102,12 @@ rule.onlyu3.rule=PathPrefix(`/user3`)
 rule.onlyu3.whitelist = [email protected]
 ```
 
-Run the appropritate command for a server/local installation:
+Run the command for these changes to take effect:
 
 ```bash
 docker compose -f compose.server.yml --env-file .env up -d --force-recreate traefik-forward-auth
 ```
 
-```bash
-docker compose -f compose.local.yml --env-file .env up -d --force-recreate traefik-forward-auth
-```
-
 The new users are now added to the DTaaS
 instance, with authorization enabled.
 

diff --git a/deploy/config/client/env.trial.js b/deploy/config/client/env.trial.js
diff --git a/deploy/config/gateway/auth b/deploy/config/gateway/auth
diff --git a/deploy/config/gateway/fileConfig.local.yml b/deploy/config/gateway/fileConfig.local.yml
diff --git a/deploy/config/gateway/fileConfig.trial.yml b/deploy/config/gateway/fileConfig.trial.yml
diff --git a/deploy/config/gateway/fileConfig.yml b/deploy/config/gateway/fileConfig.yml
diff --git a/deploy/config/gateway/traefik.yml b/deploy/config/gateway/traefik.yml
diff --git a/docs/admin/cli.md b/docs/admin/cli.md
@@ -81,8 +81,8 @@ This brings up the containers, without the AuthMS authentication.
 - Currently the _email_ fields for each user in
   _dtaas.toml_ are not in use, and are not necessary
   to fill in. These emails must be configured manually
-  for each user in the docker/conf.local or
-  docker/conf.server files and the _traefik-forward-auth_
+  for each user in the
+  deploy/docker/conf.server files and the _traefik-forward-auth_
   container must be restarted. This is done as follows:
 
 - Go to the _docker_ directory
@@ -91,13 +91,6 @@ This brings up the containers, without the AuthMS authentication.
 cd <DTaaS>/deploy/docker
 ```
 
-- Add two lines to the `conf.local` file
-
-```txt
-rule.onlyu4.action=allow
-rule.onlyu4.rule=PathPrefix(`/user4`)
-```
-
 - Add three lines to the `conf.server` file
 
 ```txt
@@ -106,16 +99,12 @@ rule.onlyu3.rule=PathPrefix(`/user3`)
 rule.onlyu3.whitelist = [email protected]
 ```
 
-Run the appropritate command for a server/local installation:
+Run the appropritate command for a server installation:
 
 ```bash
 docker compose -f compose.server.yml --env-file .env up -d --force-recreate traefik-forward-auth
 ```
 
-```bash
-docker compose -f compose.local.yml --env-file .env up -d --force-recreate traefik-forward-auth
-```
-
 The new users are now added to the DTaaS
 instance, with authorization enabled.
 

diff --git a/docs/admin/client/auth.md b/docs/admin/client/auth.md
@@ -1,11 +1,5 @@
 # OAuth for React Client
 
-<!-- markdownlint-disable MD046 -->
-<!-- prettier-ignore -->
-!!! failure
-    Add screenshots from dtaas-digitaltwin.com demo.
-<!-- markdownlint-enable MD046 -->
-
 To enable user authorization on DTaaS React client website, you will use
 the OAuth authorization protocol, specifically the PKCE authorization flow.
 Here are the steps to get started:
@@ -40,12 +34,16 @@ Here are the steps to get started:
 - During the creation of the OAuth application on GitLab, you need to specify
   the scope. Choose openid, profile, read_user, read_repository, and api scopes.
 
+  ![Creation of Client OAuth Application](client-oauth-name.png)
+
 **5. Application ID:**
 
 - After successfully creating the OAuth application, GitLab generates
   an application ID. This is a long string of HEX values that you will need for
   your configuration files.
 
+  ![Scopes for Client OAuth Application](client-oauth-scopes.png)
+
 **6. Required Information from OAuth Application:**
 
 - You will need the following information from the OAuth application
@@ -58,26 +56,11 @@ Here are the steps to get started:
 |Callback URL|REACT_APP_REDIRECT_URI|[https://foo.com/Library](https://foo.com/Library)|
 |Scopes|REACT_APP_GITLAB_SCOPES|openid, profile, read_user, read_repository, api|
 
+  ![Summary for Client OAuth Application](client-oauth-id.png)
+
 **7. Create User Accounts:**
 
 Create user accounts in gitlab for all the usernames chosen during
 installation. The _trial_ installation script comes with two default
 usernames - _user1_ and _user2_. For all other installation scenarios,
 accounts with specific usernames need to be created on gitlab.
-
-## Development Environment
-
-There needs to be a valid callback and logout URLs for development and testing
-purposes. You can use the same oauth application id for both development, testing
-and deployment scenarios. Only the callback and logout URLs change. It is possible
-to register multiple callback URLs in one oauth application. In order to use oauth
-for development and testing on developer computer (localhost), you need to add the
-following to oauth callback URL.
-
-```txt
-DTaaS application URL: http://localhost:4000
-Callback URL: http://localhost:4000/Library
-Logout URL: http://localhost:4000
-```
-
-The port 4000 is the default port for running the client website.
diff --git a/docs/admin/client/client-oauth-id.png b/docs/admin/client/client-oauth-id.png
diff --git a/docs/admin/client/client-oauth-name.png b/docs/admin/client/client-oauth-name.png
diff --git a/docs/admin/client/client-oauth-scopes.png b/docs/admin/client/client-oauth-scopes.png