@Sachin, @Supun,
Thanks for the information, I will look into the same. Regards Karan ________________________________ From: Supun Nakandala <[email protected]> Sent: Saturday, May 19, 2018 12:07 AM To: dev Subject: Re: Gsoc 2018 - Integration of the Nextcloud with Apache Airavata Hi Karan, In my opinion, the ideal approach to use in this scenario would be OAuth based authorization. KeyCloak supports OAuth and you can register a service provider and use that to give a prompt to the user to authorize the desktop client to communicate with the NextCloud server. After the user authorizes the client, KeyCloak will issue an access token which can be used on behalf of the user. NextCloud server will have to use this token and get it validated from the KeyCloak server to ensure the token bearer is authorized to access the NextCloud server. For obtaining this access token there several grant flows in OAuth that you can use. Based on the type of the client and the level of security you can decide which grant flow to use. https://alexbilbie.com/guide-to-oauth-2-grants/ contains a good summary of OAuth grant flows. I think the implicit grant flow will be most appropriate in this scenario. [1] - https://scholarworks.iu.edu/dspace/bitstream/handle/2022/21092/airavata-security-escience16.pdf?sequence=1 On Fri, May 18, 2018 at 8:55 PM, Sachin Kariyattin <[email protected]<mailto:[email protected]>> wrote: Hi Karan, The following wiki lists the basic steps to configure keycloak with NextCloud https://github.com/sachinkariyattin/NextCloud/wiki This can get you started On Fri, May 18, 2018 at 7:57 PM, Kotabagi, Karan <[email protected]<mailto:[email protected]>> wrote: Hi All, I am working with the following Seagrid-rich client to replace the file upload mechanism with the next cloud instead of the SFTP. I have the different nextcloud API code set-up that uploads the file to the Nextcloud server that is set-up locally in Ubuntu. At present the password is hardcoded, so this should be authenticated with the help of keycloak as discussed with Suresh. I have discussed the things with Sachin and I have received some inputs to proceed with keycloak authentication and after that I can proceed to implement the same with the nextcloud API, after this is successful I need to integrate nextcloud API with the Seagrid-rich client. Further steps will also include to set-up Nextcloud in the existing file server and point the upload of the input files from the client to the same location where the existing files are saved (This needs to be further looked into with all the configurations). Any suggestions or inputs to proceed with the keycloak authentication mechanism to work instead of the password would be appreciated. Regards Karan -- Regards, Sachin Kariyattin
