OAuth2 from custom application

Hi!
  I'm trying to implement OAuth2 according to https://docs.openclinica.com/3.1/technical-documents/rest-api-specifications/oauth-and-openclinica guide. But despite of what I'm sending I've got just OpenClinica login page in response. Does anyone know how to implement OAuth2 for custom client?

Comments

  • toskriptoskrip Posts: 265 ✭✭
    Hi,

    I did not dive into implementation of OAuth2 for OC yet however if I were you I would start examining OC Designer source code which is already published in github:


    In general the implementation depends on library you are using for OAuth (Designer is based on spring security).

    However maybe you little bit misunderstood what OAuth is. OAuth is mention to be used to delegate the authentication (whole login process). So if you have  third party application you can use OAuth to delegate authentication (show OpenClinica login page, login the user via login page) to obtain valid user session and than you can use this session to do any other authorised request to OC from custom client. To answer your question, if the user is not logged in to OC (there is no user session created within OC), it is completely normal that you get login page as a response to OAuth request.

    OAuth is not automating the login, it is just delegating login. If you want to automate login you have to do POST request to OC login page with user credentials. Something like this (Python):

    session = requests.Session()
    loginCredentials = { "j_username": user, "j_password" : password }
    r = session.post(baseUrl + "/j_spring_security_check", loginCredentials)

    best

    Tomas

  • anna_shvanna_shv Posts: 2
    Thanks for the answer, will try to login using POST.
This discussion has been closed.