You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Gergely Csucs6:13 PM
Depending on what base URL you have, you will have to create the community app on https://wiki.ebrains.eu/bin/view/Apps/ (anything what's not localhost) or https://wiki-int.ebrains.eu/bin/view/Apps/ (if you want localhost - I nagged them for weeks, and it started working ~50 minutes ago)
Specify the same URL what you used for the OIDC registration, and give it a name
wiki.ebrains.euwiki.ebrains.eu Apps - HBP Wiki
Apps
wiki-int.ebrains.euwiki-int.ebrains.eu Apps - HBP Wiki
Apps
Added to your saved items 6:15
Then you can use the app in a collab (create a new page, give it a name, pick community app as type, and pick the actual app on the next page)
Added to your saved items
Dmitri🏡 6:22 PM
i’ll be damned - it does do something
image.png
image.png
Added to your saved items
Gergely Csucs6:22 PM
And when you click on it, it will open your page in an iframe. You will get some clb- url parameters specifying in which collab the user is, its drive id, perhaps others. Store them somewhere. Localstorage or session should work, cookies won't work in Safari. The IAM stuff accepts "application state", that can keep these things too.
6:24
I need to eat something before I continue 6:25
This is so f developer friendly :face_with_symbols_on_mouth:
Added to your saved items
Gergely Csucs6:27 PM
Then redirect user to IAM, the page you just shown, as described in "Authorization Code Request", and that's where you need the id, a redirect link, and that's where you can also pass this "state" if you want. https://github.com/Tevemadar/WebAlign/blob/master/index.html does something like that, just it stores the stuff in cookies, but it also passes along clb-collab-id as "state". index.html
<title>Redirecting to IAM...</title>
Show more
Tevemadar/WebAlign | Added by [GitHub](https://hbpcuration.slack.com/services/B01U44CCM0X)
Added to your saved items
Gergely Csucs6:38 PM
And where you redirect to, is where the tricky things happen, the "Access Token Request" part. You get a code URL parameter, and here you have to use it, your client id, your client secret, and the same redirect link you were using in the previous step, to make a request to https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/token - and then you get a JSON back with the actual token you can use for accessing bucket and stuff. So this is not an actual redirection, the user should not see this part (as your client secret is inside), the "redirect_uri" is needed only to prove that it's you using the "code". https://github.com/Tevemadar/WebAlign/blob/master/startpage.php shows this from line 11, but it's really just a POST request, and the result is a JSON. startpage.php
Tevemadar/WebAlign | Added by [GitHub](https://hbpcuration.slack.com/services/B01U44CCM0X)
Added to your saved items
[6:39](https://hbpcuration.slack.com/archives/G01CNUF2BJP/p1655138358586719)
I never did the "Access user info" part.
Message nesys_sw_dev
The text was updated successfully, but these errors were encountered:
Added to your saved items
5:52
https://wiki.ebrains.eu/bin/view/Collabs/the-collaboratory/Documentation%20IAM/FAQ/O[…]your%20OIDC%20client%20and%20fetching%20collab%20user%20info/
wiki.ebrains.euwiki.ebrains.eu
2. Authenticating with your OIDC client and fetching collab user info - HBP Wiki
2. Authenticating with your OIDC client and fetching collab user info
5:53
this is where I’m now. What do I do next?
5:54
@Gergely Csucs I remember you had a working code for… LZ?
Added to your saved items
Gergely Csucs 6:13 PM
Depending on what base URL you have, you will have to create the community app on https://wiki.ebrains.eu/bin/view/Apps/ (anything what's not localhost) or https://wiki-int.ebrains.eu/bin/view/Apps/ (if you want localhost - I nagged them for weeks, and it started working ~50 minutes ago)
Specify the same URL what you used for the OIDC registration, and give it a name
wiki.ebrains.euwiki.ebrains.eu
Apps - HBP Wiki
Apps
wiki-int.ebrains.euwiki-int.ebrains.eu
Apps - HBP Wiki
Apps
Added to your saved items
6:15
Then you can use the app in a collab (create a new page, give it a name, pick community app as type, and pick the actual app on the next page)
Added to your saved items
Dmitri🏡 6:22 PM
i’ll be damned - it does do something
image.png
image.png
Added to your saved items
Gergely Csucs 6:22 PM
And when you click on it, it will open your page in an iframe. You will get some clb- url parameters specifying in which collab the user is, its drive id, perhaps others. Store them somewhere. Localstorage or session should work, cookies won't work in Safari. The IAM stuff accepts "application state", that can keep these things too.
Dmitri🏡 6:23 PM
ohhhh
6:23
this is seriously f up
6:24
But THANK YOU 🙂 Gergely
🎉
1
6:24
I need to eat something before I continue
6:25
This is so f developer friendly :face_with_symbols_on_mouth:
Added to your saved items
Gergely Csucs 6:27 PM
<title>Redirecting to IAM...</title> Show more Tevemadar/WebAlign | Added by [GitHub](https://hbpcuration.slack.com/services/B01U44CCM0X) Added to your saved itemsThen redirect user to IAM, the page you just shown, as described in "Authorization Code Request", and that's where you need the id, a redirect link, and that's where you can also pass this "state" if you want.
https://github.com/Tevemadar/WebAlign/blob/master/index.html does something like that, just it stores the stuff in cookies, but it also passes along clb-collab-id as "state".
index.html
Gergely Csucs 6:38 PM
Tevemadar/WebAlign | Added by [GitHub](https://hbpcuration.slack.com/services/B01U44CCM0X) Added to your saved items [6:39](https://hbpcuration.slack.com/archives/G01CNUF2BJP/p1655138358586719) I never did the "Access user info" part. Message nesys_sw_devAnd where you redirect to, is where the tricky things happen, the "Access Token Request" part. You get a code URL parameter, and here you have to use it, your client id, your client secret, and the same redirect link you were using in the previous step, to make a request to https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/token - and then you get a JSON back with the actual token you can use for accessing bucket and stuff. So this is not an actual redirection, the user should not see this part (as your client secret is inside), the "redirect_uri" is needed only to prove that it's you using the "code".
https://github.com/Tevemadar/WebAlign/blob/master/startpage.php shows this from line 11, but it's really just a POST request, and the result is a JSON.
startpage.php
The text was updated successfully, but these errors were encountered: