Update eqn adaptions

README.md

@@ -4,7 +4,7 @@
 [![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg)](/CONTRIBUTING.md)
 [![Contributor Covenant](https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg)](CODE_OF_CONDUCT.md) 
 
-This is a **hands-on** AppSec fundamentals workshop where we explore protecting API's and Web apps. We look at authentication (authn), authorization (authz) and friends.
+This is a **hands-on** AppSec fundamentals workshop where we explore protecting API's and Web apps. We look at authentication (authn), authorization (authz) and friends. This version of the workshop is the **Codespaces** edition. Using you browser we run all exercises in a _all inclusive_ virtual environment.
 
 In the workshop participant will get to know key technologies such as OAuth2, OpenID Connect (OIDC) and Microsoft Entra ID. Our journey will take us from the rfc specifications, to manual request, to coding, to using frameworks, to debugging and to testing. After the workshop participants should have a pretty good understanding of the mechanics behind the scenes as well as relevant security/privacy concerns.
 
@@ -30,7 +30,7 @@ In the workshop participant will get to know key technologies such as OAuth2, Op
 * Exploring The **Implicit grant** for Native, Mobile, SPA
 * Exploring **PKCE** for Native, Mobile, SPA
 * Exploring Web **API's** protection
-* Exploring Web **API chaining** scenarios
+* Exploring Web **API chaining** scenarios (OBO)
 
 
 ## Exercise index
@@ -62,7 +62,3 @@ To enable a good flow and outcome of the workshop it is vital to come prepared.
 ## Non Equinor adaptions
 
 The workshop makes a few assumptions about the availability of various infrastructure components we use in Equinor. These are marked with ⚡️ and may need to be adopted to your context.
-
-### Section 1
-
-### Section 2

Support/workshop_preparations.md

@@ -11,7 +11,7 @@ Prior to joining the workshop the preconditions below should be met. This means
 
 ## Important pre-requisites
 
-- You need the [Azure Application Developer](https://docs.omnia.equinor.com/governance/iam/App-General-Info/) role (Apply using Acccess@IT) ⚡️
-- You need access to the [Equinor](https://github.com/equinor) organization on [github.com](https://github.com)</br>Verify access by opening the SSO end-point [https://github.com/orgs/equinor/sso](https://github.com/orgs/equinor/sso) ⚡️
+- ⚡️ You need the [Azure Application Developer](https://docs.omnia.equinor.com/governance/iam/App-General-Info/) role (Apply using Acccess@IT)
+- ⚡️ You need access to the [Equinor](https://github.com/equinor) organization on [github.com](https://github.com)</br>Verify access by opening the SSO end-point [https://github.com/orgs/equinor/sso](https://github.com/orgs/equinor/sso)
 
 

admin/readme.md

@@ -10,10 +10,10 @@ Tasks to do before/after workshop. Current set-up is assuming a virtual workshop
   * Coordinate with instructors/assistants
   * Reserve slots in calendar
   * If needed, reserve physical meeting rooms
-  * Create a sign-up document, open the sign-up document for **write** for everyone with and Eqn Account
+  * ⚡️ Create a sign-up document, open the sign-up document for **write** for everyone with and Eqn Account 
   * Add reminders in instructors calendars on relevant check-points (2 week, 1 week, 1 week after etc...)
 * 2-3 weeks prior
-  * Announce / Invite on Slack
+  * ⚡️ Announce / Invite on Slack
     * Title
     * Abstract
     * Teams are encouraged to send a group
@@ -30,17 +30,17 @@ Tasks to do before/after workshop. Current set-up is assuming a virtual workshop
   * Collect feedback as part of last day
 * 1 week after
   * Evaluate, update, repeat
-  * Remove permission from sign-up document. Should only be available to the AppSec team after the WS for statistics
+  * ⚡️ Remove permission from sign-up document. Should only be available to the AppSec team after the WS for statistics
   * Review and summarize info gathered in workshop retrospective
   * Do a workshop retrospective amongst instructors
   * Decide on changes, create issues/tasks on board for updates
   * Delete groups output of exercises from course Slack channel?
 * 2 weeks after
-  * Run scripts to identify EQ AAD Objects and Course Repos
+  * ⚡️ Run scripts to identify EQ AAD Objects and Course Repos
   * Send reminder about cleaning up
-  * Remind about #appsec
+  * ⚡️ Remind about #appsec
 
-### Invitation proposal
+### Invitation proposal ⚡️
 
 ```text
 
@@ -76,7 +76,7 @@ Instructor A, Instructor B
 
 ```
 
-### Welcome email
+### Welcome email ⚡️
 
 ```text
 

src/readme.md

@@ -12,7 +12,7 @@ This files contains the common configuration for all scripts.
 
 ### `aa-get-redirect-uri.sh`
 
-The script will return the dynamic redirect uri for the Codespace. This will be used bu the .env file for the client as well as in the app registration for the client.
+The script will return the dynamic redirect uri for the Codespace. This will be used by the .env file for the client as well as in the app registration for the client.
 
 ### `aa-save-env-files-to-github-user-secret.sh`
 

src/templates/client.env.template

@@ -5,7 +5,7 @@ export TOKEN_CACHE_FILE="${HOME}/.tcache/cache.json"
 
 export TENANT_ID=''
 export CLIENT_ID=''
-export CLIENT_SECRET=""
+export CLIENT_SECRET=''
 export REDIRECT_URI=$(aa-get-redirect-uri.sh)
 
 export EPISODES_API_URI=""

src/templates/episodes.env.template

@@ -1,11 +1,11 @@
 export NODE_ENV=development
-export TENANT_ID=""
+export TENANT_ID=''
 export PORT=3100
 export HOST=127.0.0.1
-export CLIENT_ID=""
-export CLIENT_SECRET=""
+export CLIENT_ID=''
+export CLIENT_SECRET=''
 
-export EPISODES_API_URI=""
+export EPISODES_API_URI=''
 
 export QUOTES_API_URL="http://127.0.0.1:3200"
 export QUOTES_API_URI=""

src/templates/quote.env.template

@@ -1,6 +1,6 @@
 export NODE_ENV=development
-export TENANT_ID=""
+export TENANT_ID=''
 export PORT=3200
 export HOST=127.0.0.1
-export EPISODES_API_URI=""
-export QUOTES_API_URI=""
+export EPISODES_API_URI=''
+export QUOTES_API_URI=''