The module has come out pretty well so far. Token persistence has been accomplished using spring-jdbc. I am working on documentation and refactoring the UI to match the backend client structure.
Even though GSoC is up, I will stick around OAuth2, FHIR and OpenMRS for a long time š I am really excited to keep contributing to the community.
GSoC 2015 has been a great learning experience for me and I have definitely become a better web developerĀ over the past few months.
The video demonstration and docs will be uploaded very soon. So keep following the project
Only a few days are left beforeĀ GSoC final pencil’s down date.
I have made some major changes to the OAuth Client to make it’s persistence easier in the database. Currently I am modifying the omod layer to reflect the changes introduced during the database migrations.
The Demo Server is complete with token, client and user persistance andĀ I am migrating parts of code to the OAuth2 module and customizing it for OpenMRS.
I will be done with the programming part by Wednesday and will work on documentation and user guide for the remaining period š
Looking forward to these last few days of the amazing GSoC journey
The project is on track and we will have a fully functional OAuth2 server in OpenMRS by the end of GSoC
I am finishing up persisting UserDetails, ClientDetails, Tokens and Authorization Codes in the database. They have been implemented in the demo OAuth server andĀ I amĀ migrating them to theĀ OAuth2 module.
I will try to finish up this part by the weekend and devote the remaining time on documentation and creatingĀ notes for developers and implementers on how to use the module.
I am excited and looking forwardĀ to aĀ productive week š
Development wasĀ on track last week and I did not face any major blockers. Yaay!! Hardly there are weeks when developers do not encounter life-threatening bugs.
I have set up Authorization code grant type and Client credentials grant type as well. Now I am focusing on the major task of Token Persistence and setting up tests for spring security.
I have tested the JdbcTokenStore that comes with the Spring Security OAuth API. It works fine. But, I will be writing a new Token Store that uses the hibernate session factory
My college re-opens this week. I will be coding in the evenings of IST timezone from now.
This week I completed the configurations for Resource Owner Password Credentials grant type.
I was sick for most of the week and hence development activity was not too much.
As discussed on the 6 July Design Forum, I haveĀ put up a demo video to show how theĀ OAuth2 module will provide OAuth2 support toĀ other modules (FHIR module)
For this week I plan to complete the remaining Grant Types and provide a Custom Token Store
I have finally managed to set up the authorization server completely inside the OAuth2 module.
The token endpoint being used by the module is : /ws/oauth.token and it is completely functional. Here is a screen shot of a sample access token obtained by a client using the OAuth2 module :
see the browser URL on the RHS of the screen
From here, it should be easy to persist tokens and authorization code in the mysql database.
I am currently working on a video demo to show the OAuth2 module issuing tokens. It could not be posted last Monday due to a lot of bugs that popped up while integrating the Authorization Server. It will be up for sure thisĀ Monday š
I am now proceeding with the tasks mentioned in the step 2 of previous blog post
Good news is that spring-security is working well with the OAuth2 module.
I can intercept any OpenMRS URI and apply spring security filters to handle user authentication and authorization š
I am proceeding on adding spring security oauth project. I am working on a demo video to demonstrate the how spring-security-oauth will work with the OAuth module. I’ll be posting it sson
The tasks for this week are :
Step 1 : integrate the mid term demo inside OAuth2 module
progress :
Spring security works fine, tested to intercept all requests to FHIR module
set up wireframe and using OAuth2 InMemoryDataStores
TeamViewer session
Target
June 12, 2015 mid-night
Step 2 : provide custom implementation for the following
UserDetailsService and UserDetails (spring-security-core)
map to existing users table to verify user credentials
ClientDetailsUserService and ClientDetails (spring-security-oauth)
map to read data from oauth_clients table
TokenStore
custom implementation of JdbcTokenStore class to persist tokens in mysql database
Step 3 : Authorization code and Implicit grant type
confirm_access i.e /authorize endpoint
configure in <authorization_server> to show custom jsp page
Step 4 : custom form-login
Need to show OpenMRS login page to client or a similar looking page
Possible Challenge : linking spring security login with normal login
Requirement : symmetric relation
normal login should register a new spring security login
spring security login should register a normal login
Need to know how normal login works. Any extension point? preferably do not modify code of core
I was able to fix the URI template issue. Turns out, all I needed to do was append a ‘.form’ at the end of every URL I send a request to.
We had to submit our mid-term presentation this week. Here is the mid-term presentation for the OAuth2 module
Here is the Talk post :Ā https://talk.openmrs.org/t/gsoc-2015-oauth2-support-for-web-services-apis-midterm-presentation/2284
There are some alternatives to spring-security-oauth project that I am considering mainly because of the compatibility issues Ā associated with it. OpenMRS 1.10Ā uses Spring 3.0.5.RELEASE while the spring-security-oauth project requires at leastĀ Spring 3.1.1.RELEASE.
I will be testing the module with Apache OLTU and OAuth Apis. Hopefully something works out. If not, I would be happy to code the OAuth2 api from scratch for the module.
I will start migrating the prototype to the final repo on Harsha’s GithubĀ profile.
I have been using some really amazing tools for developing the prototype. Ā If youĀ looking for some cool, free and easy to use project management tools, I’dĀ recommend Axosoft and Trello. You need just 5 minutes to get started with these.
To give you a feel for the UX, here’s what Axosoft’s dashboard looks like :
Axosoft project used for developing the OAuth2 prototype
And Drumrol…… Here’s a Trello board :
Trello Board used for developing the OAuth2 prototype
This week I also translated a bunch of words in Hindi for the OpenMRS iOS client. It was fun trying to figure out Hindi typing on an ASCII keyboard.
Here’s the talk post where you can findĀ the translated resources.
I will pick up where I left off last week. The 2 major tasks this week were to complete client registrations and implement the springĀ security oauth2 project. I am through with the registration part. Some work is required to be done for smooth integration of the springĀ security oauth project. One major blocker is that Ā using URI template and @PathVariableĀ are not functioning properly. If this fails, I will pass all the information as query parameters and use @RequestParams instead. It would be interesting though to find out what exactly fixes this. I am trying out the suggestions on talk š
Mid term evaluations begin next week. I plan to get the part till Authorization Code Grant Type up and running. If time permits, I would love to demonstrate the prototype’s functionality with the FHIR module. š
So this week I am focusing on integrating the spring security oauth project š
Initially I faced bugs introducing @transactional annotattions in the project.
Tests, Service Later and Dao complete for client registrations.
Prototype will be done and ready for testing in the next 3 days
I will be studying UI Framework and some Groovy to make the moduleĀ comply with the new UI. Here’s a talk post reagarding that :Ā https://talk.openmrs.org/t/openmrs-2-x-ui-support-for-oauth-module/2165
Spring security oauth project looks likeĀ good to incorporate in the project. IĀ have studied the documentation and will be adding the API to the OAuth module today. If if does not work out (most likely cause is version incompatibility in openmrs-core 1.10 spring and Spring framework used by the project), I will stillĀ use a similar architectureĀ as the apring security oauth project so that in future we could support it.
I attended the developer’s forum this week to understand the challenges that would be faced when upgrading the module to work with OpenMRS 2.x. It was good to understand that not much is required to change to Hibernate 4 ,Spring 4.x and Java8 (unless using advanced language features like generics).
This week I plan to complete the prototype and make a video demonstration. It is not a big task if the spring oauth project is seamlessly incorporated, Fingers crossed š