OAuth2 code for Sequencing.com's API and App Chains
This repo contains code for implementing OAuth2 authentication for your app so that your app can securely access Sequencing.com's API and app chains.
Want to see it in action? A demo of the OAuth2 code is available here: https://oauth-demo.sequencing.com/
OAuth2 code is available in the following languages:
- Swift (code)
- Objective-C (code)
- Objective-C (CocoaPods plugin)
- Android (code)
- Android (Maven plugin)
- Python (Django)
- Java (Servlet)
- Java (Spring)
- App chains
- Authentication flow
The code in this repo can be used to quickly implement oAuth2 authentication for Sequencing.com's API. By adding oAuth2 authentication to your app, you'll then be able to use Sequencing.com's API to ehance your app with Real-Time Personalization.
The code has also been deployed and can be accessed online as an OAuth2 demo.
- A end-user validates using thier Sequencing.com login and, if successfull, the demo will provide a list of genetic data files from the user's account at Sequencing.com.
- The demo will display a list of sample files if a user doesn't yet have access to his or her genetic data. These sample files are real genetic data files and are available for free for apps that use Sequencing.com's API.
To code Real-Time Personalization technology into apps, developers may register for a free account at Sequencing.com. App development with RTP is always free.
To implement oAuth2 authentication for your app:
Register for a free account
Add Sequencing.com's oAuth2 code from this repo to your app
Generate an oAuth2 secret for your app by selecting a +RTP API Plan and insert the secret into the OAuth2 code
Once OAuth2 authentication is implemented, select one or more app chains that will provide information you can use to personalize your app.
Search and find app chains -> https://sequencing.com/app-chains/
Each app chain is composed of
- an API request to Sequencing.com
- this request is secured using oAuth2
- analysis of the app user's genes
- each app chain analyzes a specific trait or condition
- there are thousands of app chains to choose from
- all analysis occurs in real-time at Sequencing.com
- an API response to your app
- the information provided by the response allows your app to tailor itself to the app user based on the user's genes.
- the documentation for each app chain provides a list of all possible API responses. The response for most app chains are simply 'Yes' or 'No'.
- App Chain: It is very important for this person's health to apply sunscreen with SPF +30 whenever it is sunny or even partly sunny.
- Possible responses: Yes, No, Insufficient Data, Error
While there are already app chains to personalize most apps, if you need something but don't see an app chain for it, tell us! (ie email us: firstname.lastname@example.org).
Sequencing.com uses standard OAuth approach which enables applications to obtain limited access to user accounts on an HTTP service from 3rd party applications without exposing the user's password. OAuth acts as an intermediary on behalf of the end user, providing the service with an access token that authorizes specific account information to be shared.
![Authentication sequence diagram] (https://github.com/SequencingDOTcom/oAuth2-code-and-demo/blob/master/screenshots/oauth_activity.png)
Step 1: Authorization Code Link
First, the user is given an authorization code link that looks like the following:
Here is an explanation of the link components:
- https://sequencing.com/oauth2/authorize: the API authorization endpoint
- client_id=CLIENT_ID: the application's client ID (how the API identifies the application)
- redirect_uri=REDIRECT_URL: where the service redirects the user-agent after an authorization code is granted
- response_type=code: specifies that your application is requesting an authorization code grant
- scope=CODES: specifies the level of access that the application is requesting
Step 2: User Authorizes Application
When the user clicks the link, they must first log in to the service, to authenticate their identity (unless they are already logged in). Then they will be prompted by the service to authorize or deny the application access to their account. Here is an example authorize application prompt
Step 3: Application Receives Authorization Code
If the user clicks "Authorize Application", the service redirects the user-agent to the application redirect URI, which was specified during the client registration, along with an authorization code. The redirect would look something like this (assuming the application is "php-oauth-demo.sequencing.com"):
Step 4: Application Requests Access Token
The application requests an access token from the API, by passing the authorization code along with authentication details, including the client secret, to the API token endpoint. Here is an example POST request to Sequencing.com token endpoint:
Following POST parameters have to be sent
- code=AUTHORIZATION_CODE (where AUTHORIZATION_CODE is a code acquired in a "code" parameter in the result of redirect from sequencing.com)
- redirect_uri=REDIRECT_URL (where REDIRECT_URL is the same URL as the one used in step 1)
Step 5: Application Receives Access Token
If the authorization is valid, the API will send a JSON response containing the access token to the application.
We encourage you to passionately fork us. If interested in updating the master branch, please send us a pull request. If the changes contribute positively, we'll let it ride.