Last modified by messines on 2021/06/08 17:32
From version 4.1
edited by messines
on 2020/07/15 18:29
Change comment: Uploaded new attachment "Screenshot 2020-07-15 at 18.28.28.png", version {1}
To version 11.1
edited by messines
on 2020/07/15 18:41
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -6,7 +6,7 @@
6 6  
7 7  The client is confidential with a secret, you obtain it throught the registering oidc client tutorial above.
8 8  
9 -[[image:Screenshot 2020-07-15 at 17.47.12.png]]
9 +[[image:Screenshot 2020-07-15 at 17.47.12.png||height="517" width="758"]]
10 10  
11 11  
12 12  The whole authentication flow presented here is based on the official OAuth2 rfc describe in the section 4.1
... ... @@ -13,10 +13,14 @@
13 13  
14 14  [[https:~~/~~/tools.ietf.org/html/rfc6749#section-4.1>>https://tools.ietf.org/html/rfc6749#section-4.1]]
15 15  
16 +[[image:Screenshot 2020-07-15 at 18.32.14.png||height="410" width="474"]]
17 +
16 16  == Authentication flow ==
17 17  
18 18  === Authorization Code Grant ===
19 19  
22 +The first step of the authentication protocol is to fetch an **authorization code **for your client and your user
23 +
20 20  ==== Request ====
21 21  
22 22  /GET on [[https:~~/~~/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/auth >>https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/auth]]
... ... @@ -96,3 +96,53 @@
96 96  )))
97 97  
98 98  You get a response containing the access token and others
103 +
104 +== Access user info ==
105 +
106 +==== Request ====
107 +
108 +Now that your application got the access token of your user, it's really easy to fetch user info
109 +
110 +(% class="box infomessage" %)
111 +(((
112 +/GET https:/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/userinfo
113 +)))
114 +
115 +and just provide the access token as **Authentication** header
116 +
117 +[[image:Screenshot 2020-07-15 at 18.28.28.png||height="161" width="566"]]
118 +
119 +
120 +==== Response ====
121 +
122 +As response you will have a json with all the information on the logged user, for my user
123 +
124 +(% class="box" %)
125 +(((
126 +{
127 + "sub": "fa2db206-3eb4-403c-894a-810ebaba98e1",
128 + "unit": [
129 + "/collab-devs",
130 + "/collab-team",
131 + "/all/institutions/switzerland/epfl",
132 + "/all/projects/hbp/consortium/SGA2/SP05",
133 + "/all/projects/hbp/consortium/SGA3/WP6/T6_11"
134 + ],
135 + "roles": {
136 + "jupyterhub": [
137 + "feature:authenticate"
138 + ],
139 + "xwiki": [
140 + "feature:authenticate"
141 + ],
142 + "team": [
143 + "collab-collaboratory-community-apps-editor"
144 + ],
145 + "group": [
146 + "group-collaboratory-developers",
147 + "unit-all-projects-hbp-consortium-sga2-sp05-administrator"
148 + ]
149 + },
150 + "mitreid-sub": "305862"
151 +}
152 +)))
Screenshot 2020-07-15 at 18.32.14.png
Author
... ... @@ -1,0 +1,1 @@
1 +XWiki.messines
Size
... ... @@ -1,0 +1,1 @@
1 +161.8 KB
Content