Update the documentation

readme.md

@@ -3,15 +3,16 @@
 
 [![Build Status](https://travis-ci.org/financialforcedev/orizuru-auth.svg?branch=master)](https://travis-ci.org/financialforcedev/orizuru-auth)
 
-Orizuru authentication is [Express](http://expressjs.com/)-compatible authentication
-middleware for [Node.js](http://nodejs.org/). It is aimed at users of the [Orizuru](https://www.npmjs.com/package/@financialforcedev/orizuru) framework, but can also be used standalone. It is aimed at users of the Salesforce Identity Provider, although it can be used with other Identity Providers.
+Orizuru authentication is an [Express](http://expressjs.com/)-compatible authentication middleware for [Node.js](http://nodejs.org/). 
 
-In a Salesforce context, using the middlewares in combination will establish the following.
+It is aimed at users of the [Orizuru](https://www.npmjs.com/package/@financialforcedev/orizuru) framework, but can also be used standalone. The authentication process has been tested with Salesforce and Google as Identity Providers, although it should be possible to use it with others.
 
-1. The caller has a current valid Salesforce access token.
-2. The Salesforce user for the token presented is linked by PermissionSet to the ConnectedApp corresponding to the OpenID Connect ClientID (Consumer Key).
+In a Salesforce context, using the `Token Validator` and `Grant Checker` middleware in combination will establish the following.
 
-*It is extremely important to treat your signing key as sensitive material, please ensure that this is stored in a secure location.*
+1. The caller has a valid Salesforce access token.
+2. The Salesforce user for the token is linked by a permission set to the ConnectedApp corresponding to the OpenID Connect Client ID (Consumer Key).
+
+*It is extremely important to treat your signing secret as sensitive material, please ensure that this is stored in a secure location.*
 
 ## Install
 
@@ -27,7 +28,7 @@ Orizuru Auth provides a function to initialise the [OAuth 2.0 Web Server Authent
 
 For the examples, the initial configuration has been provided in the `examples` directory of this repository. This can be copied to another directory to be worked with.
 
-Two configuration files should be provided: the `default.json` file which contains any insensitive data (this is included with the source); and the `local.json` configuration file which contains sensitive data. Create a `local.json` file within the `config` directory with the following contents, where each of the values has been substituted for your Salesforce connected app details. 
+Two configuration files should be provided: the `default.json` file which contains any insensitive data (this is included with the source); and the `local.json` configuration file which contains sensitive data. Create a `local.json` file, within the `config` directory with the following contents, where each of the values has been substituted for your Salesforce connected app details. 
 
 ```json
 {
@@ -50,7 +51,7 @@ Two configuration files should be provided: the `default.json` file which contai
 
 Once completed, the server can be started via `npm start` or in VS Code via the launch configuration. 
 
-Changes to the imports are omitted from further examples; asumming VS Code is being used, the examples directory contains the default configuration for automatically optimising imports.
+Changes to the imports are omitted from further examples; assuming VS Code is being used, the examples directory contains the default configuration for automatically optimising imports.
 
 The first example illustrates how the authentication URL generator can be used with [Orizuru](https://github.com/financialforcedev/orizuru) and [Orizuru Transport RabbitMQ](https://github.com/financialforcedev/orizuru-transport-rabbitmq). A HTTPS server is used with a generated self-signed certificate. 
 
@@ -211,7 +212,7 @@ server.addRoute({
 
 #### Grant Checker
 
-The grant checker is designed to be used in tandem with the token Validator. It uses the `user` object on the request's `orizuru` object and attempts to obtain an OpenID Connect access token using a JWT Bearer grant request. In order for this to work the Identity Provider must have a previously established authorisation for the user requested. With the Salesforce identity provider this is achieved using a Connected App with a Certificate for the JWT signing key uploaded into it.
+The grant checker is designed to be used in tandem with the token Validator. It uses the `user` object on the request's `orizuru` object and attempts to obtain an OpenID Connect access token using a JWT Bearer grant request. In order for this to work the Identity Provider must have a previously established authorisation for the user requested. With the Salesforce identity provider this is achieved by using a Connected App with an uploaded certificate.
 
 If this completes successfully it sets the `orizuru` object `grantChecked` property to be true, otherwise the user will be refused access.
 

src/index.ts

@@ -118,15 +118,15 @@ declare global {
 				 *
 				 * A map of provider name to Environment.
 				 *
-				 * This is referenced by each of the middlewares, allowing instances to be created for
+				 * This is referenced by each of the middleware, allowing instances to be created for
 				 * different OpenID providers.
 				 */
 				authProvider: {
 					[index: string]: Environment;
 				};
 
 				/**
-				 * OpenID connected app information required for the authentication middlewares.
+				 * OpenID connected app information required for the authentication middleware.
 				 */
 				openid: {
 					[index: string]: OpenIdOptions;