31 Dec 2018: Thank you to our knowledgeable and friendly forums users for another great year. We are aware of the uptick in spam accounts and are doing our best to ban these at first sight. Thank you for your patience!

OAuth2 from custom application

  I'm trying to implement OAuth2 according to https://docs.openclinica.com/3.1/technical-documents/rest-api-specifications/oauth-and-openclinica guide. But despite of what I'm sending I've got just OpenClinica login page in response. Does anyone know how to implement OAuth2 for custom client?


  • toskriptoskrip Posts: 265 ✭✭

    I did not dive into implementation of OAuth2 for OC yet however if I were you I would start examining OC Designer source code which is already published in github:

    In general the implementation depends on library you are using for OAuth (Designer is based on spring security).

    However maybe you little bit misunderstood what OAuth is. OAuth is mention to be used to delegate the authentication (whole login process). So if you have  third party application you can use OAuth to delegate authentication (show OpenClinica login page, login the user via login page) to obtain valid user session and than you can use this session to do any other authorised request to OC from custom client. To answer your question, if the user is not logged in to OC (there is no user session created within OC), it is completely normal that you get login page as a response to OAuth request.

    OAuth is not automating the login, it is just delegating login. If you want to automate login you have to do POST request to OC login page with user credentials. Something like this (Python):

    session = requests.Session()
    loginCredentials = { "j_username": user, "j_password" : password }
    r = session.post(baseUrl + "/j_spring_security_check", loginCredentials)



  • anna_shvanna_shv Posts: 2
    Thanks for the answer, will try to login using POST.
This discussion has been closed.