This PR fleshes out an authentication/authorization mechanism using OpenID Connect Authorization Code Flow.
Further it begins to flesh out a deployment process by adding an administration command: poetry run scope-console. Using
this command an administrator can customize authentication providers, administrator user setup, and file upload limits. A
local OpenID Connect provider (KeyCloak) is used for local development using docker.
Closes #322, #253
To explore the API:
cd SCope/
docker-compose up -d && sleep 20 # The Keycloak server takes a while to start up
cd server/
./run-dev-env.sh
Query the /auth/loginurl endpoint and copy the response URL into a browser
When prompted username is "scope" and password is "scope"
From the redirect URL, copy the code parameter into the code field in the body of the /auth/authorize endpoint (The state field should already be filled properly if you're using Postman).
If you're using Postman to explore the API, the access token is automatically used by the other endpoints so you no longer need to worry about it.
This PR fleshes out an authentication/authorization mechanism using OpenID Connect Authorization Code Flow.
Further it begins to flesh out a deployment process by adding an administration command:
poetry run scope-console
. Using this command an administrator can customize authentication providers, administrator user setup, and file upload limits. A local OpenID Connect provider (KeyCloak) is used for local development using docker.Closes #322, #253
To explore the API:
Then open a browser and point it to http://localhost:8000/api/v1/docs, or open Postman and import the project.
In order to get an access token:
/auth/loginurl
endpoint and copy the response URL into a browsercode
field in the body of the/auth/authorize
endpoint (Thestate
field should already be filled properly if you're using Postman).