· May 27, 2021

Can OAuth client configurations be exported/copied from one instance to another?

Hi all,

I'm performing a migration of some services from one instance to another, and I noticed that the technique defined within the InterSystems Server Migration Guide does not include OAuth client configurations. The recommended technique is to use the ##class(Security.System).ExportAll() and ##class(Security.System).ImportAll() methods.

Is there a way to migrate OAuth client configurations, or do those have to be re-created manually?

Product version: IRIS 2020.4
$ZV: IRIS for UNIX (Ubuntu Server LTS for x86-64 Containers) 2020.4 (Build 524U) Thu Oct 22 2020 13:05:03 EDT
Discussion (3)1
Log in or sign up to continue

Within the %SYS namespace the OAuth2 package can be leveraged.  I don't know if there is already a method within that package to accomplish a simple export and import.  However, you can absolutely program the autocreation of the OAuth configurations.  In one of my implementations I was asked to setup a framework to auto create everything via a JSON "settings" file.  To implement I simply looped the OAuth portion of the settings file and then for each OAuth config I set the following p variables:

Set tClient=##class(OAuth2.Client).Open(pApplicationName)
If '$isobject(tClient) {
Set tClient = ##class(OAuth2.Client).%New()
Set tClient.ApplicationName = pApplicationName
Set tClient.AuthenticationType ="basic"
Set tClient.ClientId=pClientID
Set tClient.ClientSecret=pClientSecret
Set tClient.ClientType="confidential"
Set tClient.Enabled=1
Set tClient.EncryptionAlgorithm=""
Set tClient.KeyAlgorithm=""
Set tClient.RedirectionEndpoint.Host=pHostName
Set tClient.SSLConfiguration=pSslConfiguration
Set tClient.ServerDefinition=pServerConfig
Set tClient.SigningAlgorithm=""
Set tSC=tClient.%Save()
If $$$ISERR(tSC) quit
Set tClient=##class(OAuth2.Client).Open(pApplicationName)
Set metadata = tClient.Metadata
Set metadata."grant_types"=$lb("authorization_code")
Set tClient.Metadata = metadata
Set tSC=tClient.%Save()