Presidents change over time

• Wands belong to club, not to president
• Need to register to the club
• How does the Ministry know we're a real club?
• How does the Ministry know I'm really the president?

Delegation

• Can I delegate wand registration to the club administrator?
• Can I delegate tax affairs to my accountant?
• Can I ensure my accountant can't register wands, nor my administrator claim tax rebates?

Can we build something that people would want to use?

The team

User requests to use service

Service redirects user to IdP with authentication request

User authenticates with IdP

IdP redirects user to service with signed response

User requests to use service

Service redirects user to Identity Hub Service with authentication request

User selects IdP

Hub redirects user to selected IdP with authentication request

User authenticates with IdP

IdP redirects user back to hub with signed response

Hub redirects user back to service with signed response

• Easy to pick up
• Concise
• Not much code!

http requests and responses are maps

(defn app-routes [config]
  (handler/site
    (routes
      (GET "/hello/:name" [name :as request]
        (fail-> request
               (re/validate! :headers-contain "mock_authorization")
               (resp/get-header "mock_authorization")
               (say-hello name config))))))

how was it using clojure for the first time?

for a keen hobbyist?

reloaded workflow

(defonce candela nil)

(defn go []
  (alter-var-root #'candela
    (constantly (jetty/run-jetty (cweb/app config)))))

(defn stop []
  (.stop candela))

(defn reset []
  (stop)
  (repl/refresh :after 'user/go))

kerodon

(-> (session ring-app)
  (visit "/")
  (follow "login")
  (fill-in "User:" "username")
  (fill-in "Password:" "password")
  (press "Login")
  (follow-redirect)
  (has (missing? [:#no-such-element])
       "User shouldn't see the no-such-element"))

(-> (ida-session (combined-handler)
  (visit "http://wands.gov.uk/register")
  (helpers/sign-in)
  (follow "Delegate your authority")
  (visit "http://wands.gov.uk/persist-delegation"
         :request-method :post)
  (follow-redirect) ; to Identity Provider
  (press "Continue")
  (follow-redirect) ; back to service
  (check-response
    (should-redirect-to
      "http://wands.gov.uk/"))))

(defn combined-handler []
  (let [apps {"idp.com"       michie/handler
              "orch.gov.uk"   knox/handler
              "wands.gov.uk"  candela/handler
              "orgs.gov.uk"   al-kindi/handler
              "agents.gov.uk" wheatstone/handler}]
    (fn [req]
      (let [app (get apps (:server-name req)
                     default-handler)]
        (app req)))))

Source: http://www.horniman.ac.uk/collections/the-wayne-collection

experimenting with architecture

New York apartment block designed by Rosario Candela

Donald Michie

Al-Kindi

"the father of Arabic philosophy"

enlive

• Using static HTML prototype for templates
• Auto-reloading cgrand/enlive#6

Stubbing

• clj-http-fake (built on robert/hooke)
• with-redefs
• Joseph Wilk, Isolating External Dependencies
• didn't feel able to switch to component half-way through

Can we build something that people would want to use?

“Remember that a primary goal during the alpha is learning. We might not be ready to make the investment in creating production-ready systems. In particular, that investment might be premature if the team learns they are not solving the right problem.”