Copy of [BE] 10-10CG - OAuth2.0: Update Form1010cg::Service to new OAuth 2.0 Authorization Flow in Staging

[coope93]

Blocked until End of August - pending Mulesoft deploy to staging

Background

Now that the OAuth2.0 has been implemented in the Dev environment, and manual testing has validated the flow in Postman, we need to validate the vets-api code. Additional code changes may be needed once additional validation can be done with the Mulesoft team.

Resources

• Exploration ticket
• Initial Development ticket
• Helpful info for OAuth 2.0 Client Credential flow with Okta is here

Tasks

• [ ] Confirm Stating environment is ready for end-to-end testing with Mulesoft
  • This is on hold until after 8/20, as per Ramakrishna Ravirala.
  • SI (DEV/QA) or DTC-I team (Stage/Prod) will create the application through AnyPoint Exchange for the API which is requested access by the consumer (va.gov)
  • DTC-I team will provide us the auth server URL, Client Id, and Client Secret in an encrypted email.
• [ ] Add the credentials above to AWS Parameter Store with a Platform support ticket
• [ ] Merge https://github.com/department-of-veterans-affairs/vsp-infra-application-manifests/pull/2996 once the value are in AWS Parameter Store
• [ ] Coordinate with Mulesoft team to complete end-to-end testing
• [ ] Determine if additional code changes are needed to ensure successful testing
• [ ] Validate results with PM for signoff
  • [ ] Signoff is documented within the comments of this ticket

Acceptance Criteria

• End-to-end Staging testing of OAuth2.0 is completed successfully to the satisfaction of CG stakeholders and VA.gov team, and we are ready to begin coordination of production launch

[hdjustice]

@coope93 - Do we still need this ticket? looks like you were making a copy

[coope93]

@hdjustice I don't think we need this since we have a ticket for it 👍