Reduce user friction from VS book permission issues in SSO

[jon-betts]

See also:

• https://vitalsource.slack.com/archives/C01208U1A2F/p1657544989757309 - Discussion about this

Our initial scope was to use only existing APIs to achieve single sign on. As a result of deficiencies in the Vitalsource SSO process the SSO redirect will fail if you do not have permissions to view the book. This is true even if view the book in the book viewer you should have been redirected to would resolve this.

In order to reduce user friction to the minimum we would like to:

• Reduce or avoid this error if possible
• Potentially work with Vitalsource to fix this automatically
  • e.g. can't the SSO process be fixed to prevent this from happening?
• Potentially provide users a way to fix it
  • e.g. by logging in, or buying a license
• If we do have to have an error on our side, ensure our wording and presentation is clear and easy to understand for users

Implementation notes

This is mostly going to be a starting point for discussion with Vitalsource about potential fixes (if any).

Book licenses:

• Even "free" books need a license
• This happens automatically when a user opens a book in Vitalsource
• Does happen when you follow the SSO link, which causes a confusing error

Questions

• How likely is this actually to happen? Is this even worth dealing with?
• Can Vitalsource fix this completely on their end?

Current experience

• In most cases users won't have ever thought about (or know about) licenses
• This concept might not make any sense to them

[darylhedley]

Based upon this ticket and it's resolution, this is now redundant: https://github.com/hypothesis/lms/issues/4463