mongo storage for moneypanny authentication service.
Moneypenny acts as an authentication service that offers multiple authentication strategies to a backend service and sends a JSON web token(JWT) encripted using a shared secret as a response.
Other services in the architecture should also know the shared secret allowing the token to be passed around in API calls to provide user information related to the request.
##MongoDB Collections.
###local_users A list of local users, use for a local authentication stratergy on moneypenny.
In the future a remote trusted server should be able to do a POST request with local user details and get a JWT as a response
###oauth_client_store A list of oAuth2 clients and their shared secrets (different shared secret from JWT)
###oauth_code_store A list of oAuth2 codes, this code is past via the web browser on an oAuth 2 request and is then used to request a token.
The tokens are also JWT currently and are encoded with the same key. although this should be different since they are seen by the web client.
###oauth_refresh_token
A list of refresh tokens that are used to refresh the oauth token when it expires.
###oauth_token
A list of the oAuth tokens that have been sent to the services, these tokens are also JWT, and therefor services that get access tokens from the service can decode user information from the access token, and pass the access tokens to other services.
###session_users
Users logged into sessions on the server, This list contains both SAML and Local users, and is the user encoded in the JWT.