WP4: Infrastructure
Space shortcuts
Page tree

Versions Compared

Old Version 17

changes.mady.by.user Dario Vischi

Saved on

compared with

New Version 18

changes.mady.by.user Dario Vischi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

MethodDescriptionParameterExample
Verify Access TokenAllows a client to verify an access token not directly requested from the oAuth2 server.
Column
width250px
access_tokentoken to verify
Column
width410px

Request:
http://workflowmgr:8003/oauth/tokeninfo
    ?access_token=OWLwWDpL2QDWKAHN8qWC7eBwqjKjs9

Response:
{
    "id": 42,
    "scope": ["read"]
}

 

The following examples show concrete use-cases where the session login and oAuth2 mechanisms are used within the Flarecast infrastructure.

  1. InfraViewer

    RequestDescriptionResponse
    POST /loginThe end-user performs a login with his username and password.The service InfraViewer verifies the user's authentication and, if successful, requests an access token from the oAuth2 server (using the 'password' grant type 'password). The end-user is then redirected to his original page either with or without a valid session ID and access token cookie. Depending on those cookies the service can give end-user gets access to restricted operations, using the depending on his session ID, or can request secured ressources, using the user's his access token.
    GET /ressource_1The end-user requests a non-secured resource from the serviceInfraViewer.The service InfraViewer response with a normal JSON object.the requested JSON object, without requiring any authentification.
    POST /ressource_1The end-user requests a secured resource from the InfraViewer.The InfraViewer response either with the requested JSON object, given a valid access token, or with an error page.

  2. Swagger UI
    Image Added

    RequestDescriptionResponse
    GET /oauth/authorizeThe end-user requests an access token for the Swagger UI which then can access secured resources.If the end-user holds a valid session ID he is redirected to an authorization page from the oAuth2 server where he can grant Swagger UI to request an access token (using the 'authorization code' grant type). Otherwise, the user is redirected to a login form where he needs to authenticat himself before accessing the authorization page.
    GET /ressource_1The end-user requests a non-secured resource from the Swagger UI.The end-user requests a secured resource from the Swagger UI.
    POST /ressource_1The end-user requests a secured resource from the serviceSwagger UI.The serviceSwagger UI response either with the requested JSON object, given a valid access token, or with an error page.

Technical Details

flask-login, flask-oauthlib

...