Add tools and OAuth documentation

docs/services/bbb/Getting started.md

@@ -21,7 +21,7 @@ Add `FEATURE_VIDEOCONFERENCE_ENABLED=true` in **client** and **server** and
 
 Add the right permission to the role. Permissions they need are `START_MEETING, JOIN_MEETING`.
 
-Add "videoconference" to School features (table school) in MongoDB.
+Add "videoconference" to School features (table schools) in MongoDB.
 
 Make sure that the fields below exists in the videoconference ltitool object (MongoDB).
 
@@ -53,7 +53,7 @@ BBB has built in features to allow for such constellations. It has a waiting roo
 
 These features are currently deactivated in dBildungscloud, but can be activated. In a POC we could confirm that it works as imagined, it just needs to be properly implemented now.
 
-So for future developments we needs the following changes:
+The following changes are necessary:
 
 **Client:**
 - Add an option on room creation, that allows external experts, but puts them in a waiting room

docs/services/oauth/_category_.json

@@ -0,0 +1,8 @@
+{
+  "label": "OAuth",
+  "position": 8,
+  "link": {
+    "type": "generated-index",
+    "description": "Learn about the OAuth strategy."
+  }
+}

docs/services/oauth/concept.md

@@ -0,0 +1,20 @@
+# OAuth
+
+## Login Process in SVS
+
+![OAuth Flow](./img/oauth_flow.drawio.svg)
+
+The following steps illustrated above:
+
+1. The client initiates the flow by click on the "Login via XYZ" button and directing the user to the authorization endpoint.
+2. The identity provider authenticates the user and establishes whether the resource owner grants or denies the client's access request.
+3. Assuming the resource owner grants access, the identity provider redirects the user back to the SVS-Client using the redirect_uri provided in the authentication endpoint request earlier. The redirect includes an authorization code provided by the identity provider.
+4. The client then requests an access token with the given authentication code from the SVS-Server which
+5. The client requests the signing key from the identity provider to validate the token signature. The SVS-Server validates the signature of the ID tokens according to the specified algorithm.
+6. The provisioning for the specific external system is executed to either create or update user data.
+7. A JWT is generated for the user
+8. The JWT is stored in the client for later request against the SVS-Server-API
+
+## Module Design
+
+![OAuth Module Design](./img/Oauth_Module_Design.drawio.svg)

docs/services/provining/_category_ .json

@@ -1,6 +1,6 @@
 {
   "label": "provining",
-  "position": 8,
+  "position": 9,
   "link": {
     "type": "generated-index",
     "description": "Learn about the provining service."

docs/services/schulcloud-client/_category_.json

@@ -1,6 +1,6 @@
 {
   "label": "Schulcloud Client",
-  "position": 9,
+  "position": 10,
   "link": {
     "type": "generated-index",
     "description": "Learn about the schulcloud-client repo."

docs/services/schulcloud-server/_category_.json

@@ -1,6 +1,6 @@
 {
   "label": "Schulcloud Server",
-  "position": 10,
+  "position": 11,
   "link": {
     "type": "generated-index",
     "description": "Learn about the schulcloud-server repo."

docs/services/tldraw-server/_category_.json

@@ -1,6 +1,6 @@
 {
   "label": "Tldraw Server",
-  "position": 11,
+  "position": 12,
   "link": {
     "type": "generated-index",
     "description": "Learn about the tldraw-server repo."

docs/services/tools/_category_.json

@@ -0,0 +1,8 @@
+{
+  "label": "Tools",
+  "position": 13,
+  "link": {
+    "type": "generated-index",
+    "description": "Learn about tools."
+  }
+}

docs/services/tools/concept.md

@@ -0,0 +1,32 @@
+# Concept of CTL
+
+## Configuration Validation Update
+
+### Change Matrix
+
+| Change | SCHOOL affected | CONTEXT affected |
+|--------|:---------------:|:----------------:|
+| Change SCOPE of Parameter | ✅ | ✅ |
+| New REQUIRED Parameter in SCHOOL | ✅ | ✅ |
+| New REQUIRED Parameter in CONTEXT | ❌ | ✅ |
+| New OPTIONAL Parameter in SCHOOL | ❌ | ❌ |
+| New Optional Parameter in CONTEXT | ❌ | ❌ |
+| Parameter NAME changed in SCHOOL | ✅ | ✅ |
+| Parameter NAME changed in CONTEXT | ❌ | ✅ |
+| Parameter REGEX changed/added in SCHOOL | ✅ | ✅ |
+| Parameter REGEX changed/added in CONTEXT | ❌ | ✅ |
+| Parameter made OPTIONAL in SCHOOL | ✅ | ❌ |
+| Parameter made OPTIONAL in CONTEXT | ❌ | ✅ |
+| Parameter made REQUIRED in SCHOOL | ✅ | ✅ |
+| Parameter made REQUIRED in CONTEXT | ❌ | ✅ |
+| Parameter TYPE changed in SCHOOL | ✅ | ✅ |
+| Parameter TYPE changed in CONTEXT | ❌ | ✅ |
+
+### Validation Flow
+
+![Validation Flow](./img/Validation_Flow.drawio.svg)
+
+### OAuth Flow
+
+![Tools OAuth Flow](./img/Tools_OAuth_Flow.drawio.svg)
+

docs/services/tsp-sync/_category_.json

@@ -1,6 +1,6 @@
 {
   "label": "TSP Synchronisation",
-  "position": 12,
+  "position": 14,
   "link": {
     "type": "generated-index",
     "description": "Learn about the Synchronisation of Userdata from the 'Thüringer Schulportal'"