Example applications

GitHub

1. Register a github application with Authorization callback URL as http://localhost:5000/oauth/authorized/github/

2. Ensure you have github3.py package installed:

   $ cdvirtualenv src/invenio-oauthclient
   $ pip install -e .[github]
   

3. Grab the Client ID and Client Secret after registering the application and add them to your instance configuration as consumer_key and consumer_secret.

   $ export GITHUB_APP_CREDENTIALS_KEY=my_github_client_id
   $ export GITHUB_APP_CREDENTIALS_SECRET=my_github_client_secret
   

4. Create database and tables:

   $ pip install -e .[all]
   $ cd examples
   $ export FLASK_APP=github_app.py
   $ ./app-setup.py
   

You can find the database in examples/github_app.db.

5. Run the development server:

   $ flask run -p 5000 -h '0.0.0.0'
   

6. Open in a browser the page http://0.0.0.0:5000/github.

   You will be redirected to github to authorize the application.

   Click on Authorize application and you will be redirected back to http://localhost:5000/oauth/signup/github/, where you will be able to finalize the local user registration, inserting email address.

   Insert e.g. fuu@bar.it as email address and send the form.

   Now, you will be again in homepage but this time it say: hello fuu@bar.it.

   You have completed the user registration.

7. To be able to uninstall the example app:

   $ ./app-teardown.sh
   

ORCID

1. Register an orcid application with Authorization callback URL as http://localhost:5000/oauth/authorized/orcid/

2. Install oauthclient:

   cdvirtualenv src/invenio-oauthclient
   pip install -e .[orcid]
   

3. Grab the Client ID and Client Secret after registering the application and add them to your instance configuration as consumer_key and consumer_secret.

   $ export ORCID_APP_CREDENTIALS_KEY=my_orcid_client_id
   $ export ORCID_APP_CREDENTIALS_SECRET=my_orcid_client_secret
   

4. Create database and tables:

   $ pip install -e .[all]
   $ cd examples
   $ export FLASK_APP=orcid_app.py
   $ ./app-setup.py
   

You can find the database in examples/orcid_app.db.

5. Run the development server:

   $ flask -a orcid_app.py run -p 5000 -h '0.0.0.0'
   

6. Open in a browser the page http://0.0.0.0:5000/orcid.

   You will be redirected to orcid to authorize the application.

   Click on Authorize application and you will be redirected back to http://0.0.0.0:5000/oauth/authorized/orcid/, where you will be able to finalize the local user registration, inserting email address.

   Insert e.g. fuu@bar.it as email address and send the form.

   Now, you will be again in homepage but this time it say: hello fuu@bar.it.

   You have completed the user registration.

7. To be able to uninstall the example app:

   $ ./app-teardown.sh
   

CERN

1. Register a CERN application in https://sso-management.web.cern.ch/OAuth/RegisterOAuthClient.aspx with redirect_uri as https://localhost:5000/oauth/authorized/cern/ and filling all the other fields:

2. Ensure you have gunicorn package installed:

   cdvirtualenv src/invenio-oauthclient
   pip install -e gunicorn
   

3. Ensure you have openssl installed in your system (Most of the Linux distributions has it by default.).

3. Grab the client_id and secret_uri after registering the application and add them to your instance configuration as consumer_key and consumer_secret.

   $ export CERN_APP_CREDENTIALS_KEY=my_cern_client_id
   $ export CERN_APP_CREDENTIALS_SECRET=my_cern_secret_uri
   

4. Create database and tables:

   $ pip install -e .[all]
   $ cd examples
   $ export FLASK_APP=cern_app.py
   $ ./app-setup.py
   

You can find the database in examples/cern_app.db.

5. Create the key and the certificate in order to run a HTTPS server:

   $ openssl genrsa 1024 > ssl.key
   $ openssl req -new -x509 -nodes -sha1 -key ssl.key > ssl.crt
   

6. Run gunicorn server:

   $ gunicorn -b :5000 --certfile=ssl.crt --keyfile=ssl.key cern_app:app
   

7. Open in a browser the page https://localhost:5000/cern.

   You will be redirected to CERN to authorize the application.

   Click on Grant and you will be redirected back to https://localhost:5000/oauth/authorized/cern/

   Now, you will be again in homepage but this time it say: hello youremail@cern.ch.

   You have completed the user authorization.

8. To be able to uninstall the example app:

   $ ./app-teardown.sh
   

Globus

1. Register a Globus application at https://developers.globus.org/ with the Redirect URL as http://localhost:5000/oauth/authorized/globus/. See here for more documentation: https://docs.globus.org/api/auth/developer-guide/#register-app

2. Grab the Client ID and Client Secret after registering the application and add them to your instance configuration as consumer_key and consumer_secret.

   $ export GLOBUS_APP_CREDENTIALS_KEY=my_globus_client_id
   $ export GLOBUS_APP_CREDENTIALS_SECRET=my_globus_client_secret
   

3. Create database and tables:

   $ cdvirtualenv src/invenio-oauthclient
   $ pip install -e .[all]
   $ cd examples
   $ export FLASK_APP=globus_app.py
   $ ./app-setup.py
   

You can find the database in examples/globus_app.db.

4. Run the development server:

   $ flask run -p 5000 -h '0.0.0.0'
   

5. Open in a browser the page http://localhost:5000/globus.

   You will be redirected to globus to authorize the application.

   Click on Allow and you will be redirected back to http://localhost:5000/oauth/signup/globus/, where you will be able to finalize the local user registration.

6. To clean up and drop tables:

   $ ./app-teardown.sh