WP4: Infrastructure
Space shortcuts
Page tree

Versions Compared

Old Version 18

changes.mady.by.user Dario Vischi

Saved on

compared with

New Version 19

changes.mady.by.user Dario Vischi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. InfraViewer

    RequestDescriptionResponse
    POST /loginThe end-user performs a login with his username and password.The InfraViewer verifies the user's authentication and, if successful, requests an access token from the oAuth2 server (using the 'password' grant type). The end-user is then redirected to his original page either with or without a valid session ID and access token cookie. Depending on those cookies the end-user gets access to restricted operations, depending on his session ID, or can request secured ressources, using his access token.
    GET /ressource_1The end-user requests a non-secured resource from the InfraViewer.The InfraViewer response with the requested JSON object, without requiring any authentification.
    POST /ressource_1The end-user requests a secured resource from the InfraViewer.The InfraViewer response either with the requested JSON object, given a valid access token, or with an error page.

  2. Swagger UI

    RequestDescriptionResponse
    GET /oauth/authorizeThe end-user requests an access token for the Swagger UI which then can access secured resources.If the end-user holds a valid session ID he is redirected to an authorization page from the oAuth2 server where he can grant Swagger UI to request an access token (using the 'authorization code' grant type). Otherwise, the user is redirected to a login form where he needs to authenticat himself before accessing the authorization page.
    GET /ressource_1The end-user requests a non-secured resource from the Swagger UI.The Swagger UI response with the requested JSON object, without requiring any authentication.
    POST /ressource_1The end-user requests a secured resource from the Swagger UI.POST The Swagger UI response either with the requested JSON object, given a valid access token, or with an error page.

  3. Algorithms within a Docker container
    Image Added

    end-user
    RequestDescriptionResponse
    GET /ressource_1The algorithm requests a non-secured resource from the Swagger UI.The service response with the requested JSON object, without requiring any authentication.
    POST /ressource_1The algorithm requests a secured resource from the Swagger UI.The service response either with the requested JSON object, given a valid access token, or with an error page. The algorithm's access token is injected by the Workflow Management Service during startup. Hence, only algorithms running on the cluster obtain a valid access token to manipulate data within the infrastructure.
Info

The above workflows are slightly simplified as the web-based user interfaces (UIs) and the REST interfaces, both services in terms of Flarecast, are separated. Hereby, the UIs represent clients, in terms of oAuth2, which use access tokens to access the protected REST ressources, e.g. from the property service. Note as Swagger as such represents a oAuth2-secured REST interface while Swagger UI is only a graphical interface, not holding any resources itself.

Technical Details

 

flask-login, flask-oauthlib

...