Hi Dimuthu, This looks really good. One question, what does NextCloud use groups for? Is it just a way to share things with a group of users? One thought I had is if a user shares a file with another user in NextCloud, we’ll want that to be communicated to Airavata too, I think, otherwise only NextCloud knows about the sharing.
Thanks, Marcus On Jul 22, 2018, at 2:02 PM, DImuthu Upeksha <[email protected]<mailto:[email protected]>> wrote: Hi All, Through this mail I'm planning to provide an update about the work we have done so far in Airavata NextCloud integration We have been considering to provide the facility to integrate NextCloud as a user storage mechanism for Airavata and there is an on going GSoC project (Karan is the student assigned to it) which is directly assigned for that. Even though NextCloud's WebDAV API was fairly straight forward to integrate with Airavata for file transfer operations, user authentication and authorization was bit tricky. Airavata has a user base backed by Keycloak and Nextcloud has it's own database backed user base. So the challenge was how to integrate Airavata users and authorization model into NextCloud without changing NextCloud code. The rescue was NextCloud's app interface [1]. We can write third-party apps into NextCloud and deploy them directly into it. Airavata NextCloud app [2] utilizes backend user APIs of NextCloud and registers Airavata user stores as an alternative user store into NextCloud. Once the App is installed into NextCloud, authentication request are directed to our user backend implementation [3] enabling us to talk to Keycloak and verify the authenticity of the user. For the authorization, there is a Group backend implementation [4] and it is supposed to handle groups for each user but we might have to wait until current group based auth changes are deployed in Develop environment. For the instance, I added mock groups to compete the features of the app. @Karan I believe now you have an idea of how to proceed with the rest of your project. It would be great if you can implement the rest of the methods in group backend [4] by looking at the group-based-auth branch of Airavata. Please let me know if you come up with any issue [1] https://docs.nextcloud.com/server/12/developer_manual/app/startapp.html [2] https://github.com/DImuthuUpe/airavata-nextcloud-app [3] https://github.com/DImuthuUpe/airavata-nextcloud-app/blob/master/lib/Backends/UserBackend.php [4] https://github.com/DImuthuUpe/airavata-nextcloud-app/blob/master/lib/Backends/GroupBackend.php Thanks Dimuthu
