Last modified by messines on 2021/06/08 17:32
From version 1.1
edited by messines
on 2020/07/15 17:45
Change comment: There is no comment for this version
To version 3.1
edited by messines
on 2020/07/15 18:20
Change comment: Uploaded new attachment "Screenshot 2020-07-15 at 18.20.34.png", version {1}

Summary

Details

Page properties
Content
... ... @@ -1,0 +1,59 @@
1 +== Abstract ==
2 +
3 +You had been creating an OIDC client following our guide [[https:~~/~~/wiki.ebrains.eu/bin/view/Collabs/collaboratory-community-apps/Community%20App%20Developer%20Guide/Registering%20an%20OIDC%20client/>>https://wiki.ebrains.eu/bin/view/Collabs/collaboratory-community-apps/Community%20App%20Developer%20Guide/Registering%20an%20OIDC%20client/]]
4 +
5 +The redirect_uri is set with the url of your application, in this exemple we will use postman, a platform for api developement, use your own application, for exemple when you loggin to this wiki, the redirect uri is [[https:~~/~~/wiki.ebrains.eu/*>>https://wiki.ebrains.eu/*]]
6 +
7 +The client is confidential with a secret, you obtain it throught the registering oidc client tutorial above.
8 +
9 +[[image:Screenshot 2020-07-15 at 17.47.12.png]]
10 +
11 +
12 +The whole authentication flow presented here is based on the official OAuth2 rfc describe in the section 4.1
13 +
14 +[[https:~~/~~/tools.ietf.org/html/rfc6749#section-4.1>>https://tools.ietf.org/html/rfc6749#section-4.1]]
15 +
16 +== Authentication flow ==
17 +
18 +=== Authorization Code Grant ===
19 +
20 +==== Request ====
21 +
22 +/GET on [[https:~~/~~/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/auth >>https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/auth]]
23 +
24 +with query parameters
25 +
26 +* response_type=code
27 +* client_id=community-apps-tutorial
28 +* redirect_uri=[[https:~~/~~/www.getpostman.com/oauth2/callback>>https://www.getpostman.com/oauth2/callback]]
29 +* login=true
30 +* scope=openid+group+team
31 +
32 +so
33 +
34 +[[https:~~/~~/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/auth?response_type=code&client_id=community-apps-tutorial&redirect_uri=https:~~/~~/www.getpostman.com/oauth2/callback&login=true&scope=openid+group+team>>https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/auth?response_type=code&client_id=community-apps-tutorial&redirect_uri=https://www.getpostman.com/oauth2/callback&login=true&scope=openid+group+team]]
35 +
36 +Of course replace **client_id** and **redirect_uri** with your own configuration
37 +
38 +This will redirect you to the login page of **iam **where your user must enter they username/password
39 +
40 +==== Scope ====
41 +
42 +In the request you can see a scope **parameter**
43 +
44 +* **openid : **This scope is required in oidc, it contains basic information of the user such as it username, email and full name.
45 +* **group **( optional ) **:**
46 +
47 +==== Response ====
48 +
49 +After the loggin, you got a 301 redirection and 200 success http response with a **code** inside
50 +
51 +[[https:~~/~~/www.getpostman.com/oauth2/callback?session_state=a0ff8a68-2654-43ef-977a-6c15ce343546&code=f3f04f93-hbp-482d-ac3d-demo.turtorial.7122c1d9-3f7e-4d80-9c4f-dcd244bc2ec7>>https://www.getpostman.com/oauth2/callback?session_state=a0ff8a68-2654-43ef-977a-6c15ce598886&code=f3f04f93-b98d-482d-ac3d-414cead54de0.a0ff8a68-2654-43ef-977a-6c15ce598886.7122c1d9-3f7e-4d80-9c4f-dcd244bc2ec7]]
52 +
53 +(% class="box infomessage" %)
54 +(((
55 +the code is very important for the next step here the code is //f3f04f93-hbp-482d-ac3d-demo.turtorial.7122c1d9-3f7e-4d80-9c4f-dcd244bc2ec7//
56 +)))
57 +
58 +
59 +
Screenshot 2020-07-15 at 17.47.12.png
Author
... ... @@ -1,0 +1,1 @@
1 +XWiki.messines
Size
... ... @@ -1,0 +1,1 @@
1 +184.0 KB
Content
Screenshot 2020-07-15 at 18.20.34.png
Author
... ... @@ -1,0 +1,1 @@
1 +XWiki.messines
Size
... ... @@ -1,0 +1,1 @@
1 +273.3 KB
Content