OAuth2 Authentication with GitHub account from IRIS Web Application
In this article I will demonstrate basics of OAuth2 authentication with GitHub account with the help of online demo
https://dappsecurity.demo.community.intersystems.com/csp/user/index.csp by using SuperUser | SYS
Recommendations:
- OAuth2 Overview : https://learning.intersystems.com/course/view.php?id=252
- Documentations : Using an InterSystems IRIS Web Application as an OAuth2 Client
- Articles : https://community.intersystems.com/post/intersystems-iris-open-authoriza...
We need below 3 steps to achieve the desire :
- Step 1 : Register Application with GitHub Authentication Server
- Step 2 : Configure OAuth 2.0 Client from InterSystems Management portal
- Step 3 : Call API to login with GitHub account
So Let's start
Step 1 : Register Application with GitHub Authentication Server
In order to register application with GitHub authentication server we need GitHub account.
Log in to GitHub account and navigate to https://github.com/settings/developers and under OAuth Apps tab click New OAuth App button
Enter Application name, Homepage URL, Description and Authorization call back URL
Please note that Authorization call back URL must refer to OAuth2.Response.cls class ({domain}/csp/sys/oauth2/OAuth2.Response.cls)
Click Register Application
This will open detail page. Click Generate a new client secret and save Client ID and Secret Key which we will use while configuring IRIS OAuth2 client
Application is registered successfully
Step 2 : Configure OAuth 2.0 Client from InterSystems Management portal
Navigate to System > Security Management > OAuth 2.0 Client and click Create Server Description button
Click Manual button from top and enter below details and Save the server description
Navigate back to System > Security Management > OAuth 2.0 Client and click Client Configurations
In General tab fill the details. Please note that Client redirect URL is same what we entered in Authorization callback URL while registering our application at GitHub
Under Client Credentials enter Client ID and Client Secret which we generated while registering our application at GitHub and save the client configuration
Step 3 : Call API to login with GitHub account
Navigate to online demo at https://dappsecurity.demo.community.intersystems.com/csp/user/index.csp and login with SuperUser | SYS
Press Login with Github account from top menu
This will open Oauth.cls page. Make sure to logout from GitHub before trying sign in. Click Github Sign In
System will navigate to GitHub authentication server by using GetAuthorizationCodeEndpoint method of %SYS.OAuth2.Authorization class
https://docs.intersystems.com/latest/csp/documatic/%25CSP.Documatic.cls?...
Upon successful login system will redirect to OauthRe.cls page
Code is available at this repository https://github.com/mwaseem75/Data_APP_Security
Thanks