Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

examples: addition of CERN authentication app #17

Merged
merged 1 commit into from
Dec 15, 2015
Merged

examples: addition of CERN authentication app #17

merged 1 commit into from
Dec 15, 2015

Conversation

JavierDelgadoFernandez
Copy link
Contributor

  • Adds an example application using CERN authentication.

Signed-off-by: Javier Delgado javier.delgado.fernandez@cern.ch

@JavierDelgadoFernandez
Copy link
Contributor Author

I couldn't test the application completly since CERN configuration has a strong dependency in Invenio-Groups module. The current state can go to CERN authentication, grant access and return to the application but in this point is crashing because current_user doesn't have info attribute.

lnielsen
lnielsen reviewed Dec 1, 2015
View reviewed changes
examples/cern_app.py
You will be redirected to CERN to authorize the application.

Click on `Grant` and you will be redirected back to
`http://localhost:5000/oauth/signup/cern/`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are you redirect to http://localhost:5000/oauth/signup/cern/ because you don't get an email address from the CERN oauth server?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@lnielsen Sorry, it was a mistake, I am returning to https://localhost:5000/oauth/authorized/cern/

@JavierDelgadoFernandez
Copy link
Contributor Author

@lnielsen The thing is that CERN requires a HTTPS direction as return url. I was testing some other ways to provide a secure connection (Flask-SSLify and OpenSSL creating a context inside the flask app) but I was not able to make them run, (errors with WSGI, pyOpenSSL has a confirmed bug and Flask-SSLify was in the same case). I think the easiest way is this, but it is pretty ugly, you need to generate the certificate manually...

@lnielsen
Copy link
Member

lnielsen commented Dec 1, 2015

I'm not against using gunicorn for HTTPs, however, it's just for the example app, so I think its better to not put in the setup.py and just put a line in the documentation instead about pip install gunicorn.

What were the problems with using: http://werkzeug.pocoo.org/docs/0.11/serving/#ssl ?

@lnielsen lnielsen added this to the v1.0.0 milestone Dec 1, 2015
@JavierDelgadoFernandez JavierDelgadoFernandez force-pushed the cern_example_app branch 2 times, most recently from 4dc3ef1 to 8db2042 Compare December 1, 2015 13:23
@JavierDelgadoFernandez
Copy link
Contributor Author

@lnielsen I have removed gunicorn from setup.py.
In the case werkzeug ssl the development server gets stuck, there is no way to stop it except sending a KILL signal to the process. And if you enable the debug mode, you get the same issue of Flask-SSLify or pyOpenSSL, (You can't access to any page), here is the stack trace:

 * Debugger is active!
 * Debugger pin code: 254-670-152
----------------------------------------
Exception happened during processing of request from ('127.0.0.1', 58830)
Traceback (most recent call last):
  File "/usr/lib/python2.7/SocketServer.py", line 295, in _handle_request_noblock
    self.process_request(request, client_address)
  File "/usr/lib/python2.7/SocketServer.py", line 321, in process_request
    self.finish_request(request, client_address)
  File "/usr/lib/python2.7/SocketServer.py", line 334, in finish_request
    self.RequestHandlerClass(request, client_address, self)
  File "/usr/lib/python2.7/SocketServer.py", line 655, in __init__
    self.handle()
  File "/home/javier/Documents/invenio-oauthclient/env/local/lib/python2.7/site-packages/Werkzeug-0.11.2-py2.7.egg/werkzeug/serving.py", line 217, in handle
    rv = BaseHTTPRequestHandler.handle(self)
  File "/usr/lib/python2.7/BaseHTTPServer.py", line 340, in handle
    self.handle_one_request()
  File "/home/javier/Documents/invenio-oauthclient/env/local/lib/python2.7/site-packages/Werkzeug-0.11.2-py2.7.egg/werkzeug/serving.py", line 251, in handle_one_request
    elif self.parse_request():
  File "/usr/lib/python2.7/BaseHTTPServer.py", line 281, in parse_request
    "Bad HTTP/0.9 request type (%r)" % command)
  File "/usr/lib/python2.7/BaseHTTPServer.py", line 364, in send_error
    self.log_error("code %d, message %s", code, message)
  File "/home/javier/Documents/invenio-oauthclient/env/local/lib/python2.7/site-packages/Werkzeug-0.11.2-py2.7.egg/werkzeug/serving.py", line 273, in log_error
    self.log('error', *args)
  File "/home/javier/Documents/invenio-oauthclient/env/local/lib/python2.7/site-packages/Werkzeug-0.11.2-py2.7.egg/werkzeug/serving.py", line 279, in log
    _log(type, '%s - - [%s] %s\n' % (self.address_string(),
  File "/home/javier/Documents/invenio-oauthclient/env/local/lib/python2.7/site-packages/Werkzeug-0.11.2-py2.7.egg/werkzeug/serving.py", line 267, in address_string
    return self.environ['REMOTE_ADDR']
AttributeError: 'WSGIRequestHandler' object has no attribute 'environ'
----------------------------------------

@JavierDelgadoFernandez JavierDelgadoFernandez changed the title examples: addition of CERN authentication app WIP: examples: addition of CERN authentication app Dec 1, 2015
@JavierDelgadoFernandez JavierDelgadoFernandez changed the title WIP: examples: addition of CERN authentication app examples: addition of CERN authentication app Dec 9, 2015
@JavierDelgadoFernandez
Copy link
Contributor Author

@jirikuncar Ping.

@jirikuncar
Copy link
Member

@JavierDelgadoFernandez please rebase

@JavierDelgadoFernandez
Copy link
Contributor Author

@jirikuncar Done.

@JavierDelgadoFernandez
examples: addition of CERN authentication app
c394d64 
* Adds an example application using CERN authentication.

Signed-off-by: Javier Delgado <javier.delgado.fernandez@cern.ch>
@JavierDelgadoFernandez
Copy link
Contributor Author

@jirikuncar Rebased after HTTPretty issue.

@jirikuncar jirikuncar merged commit c394d64 into inveniosoftware:master Dec 15, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@JavierDelgadoFernandez JavierDelgadoFernandez

Labels
Type: enhancement
Projects
None yet
Milestone
v1.0.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@JavierDelgadoFernandez @lnielsen @jirikuncar