You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@airavata.apache.org by DImuthu Upeksha <di...@gmail.com> on 2018/07/22 18:02:30 UTC
App to integrate Airavata userbase into NextCloud
Hi All,
Through this mail I'm planning to provide an update about the work we have
done so far in Airavata NextCloud integration
We have been considering to provide the facility to integrate NextCloud as
a user storage mechanism for Airavata and there is an on going GSoC project
(Karan is the student assigned to it) which is directly assigned for that.
Even though NextCloud's WebDAV API was fairly straight forward to integrate
with Airavata for file transfer operations, user authentication and
authorization was bit tricky.
Airavata has a user base backed by Keycloak and Nextcloud has it's own
database backed user base. So the challenge was how to integrate Airavata
users and authorization model into NextCloud without changing NextCloud
code.
The rescue was NextCloud's app interface [1]. We can write third-party apps
into NextCloud and deploy them directly into it. Airavata NextCloud app [2]
utilizes backend user APIs of NextCloud and registers Airavata user stores
as an alternative user store into NextCloud. Once the App is installed into
NextCloud, authentication request are directed to our user backend
implementation [3] enabling us to talk to Keycloak and verify the
authenticity of the user. For the authorization, there is a Group backend
implementation [4] and it is supposed to handle groups for each user but we
might have to wait until current group based auth changes are deployed in
Develop environment. For the instance, I added mock groups to compete the
features of the app.
@Karan
I believe now you have an idea of how to proceed with the rest of your
project. It would be great if you can implement the rest of the methods in
group backend [4] by looking at the group-based-auth branch of Airavata.
Please let me know if you come up with any issue
[1] https://docs.nextcloud.com/server/12/developer_manual/app/startapp.html
[2] https://github.com/DImuthuUpe/airavata-nextcloud-app
[3] https://github.com/DImuthuUpe/airavata-nextcloud-
app/blob/master/lib/Backends/UserBackend.php
[4] https://github.com/DImuthuUpe/airavata-nextcloud-
app/blob/master/lib/Backends/GroupBackend.php
Thanks
Dimuthu
Re: App to integrate Airavata userbase into NextCloud
Posted by Sachin Kariyattin <sa...@gmail.com>.
Hi Marcus,
Sorry if this has already been discussed offline.
I had come across this problem when I was doing the POC with NextCloud. One
workaround would be to completely disable file sharing from the NextCloud
so that users are restricted to share the files through Airavata. The file
sharing can be disabled as shown here
https://docs.nextcloud.com/server/14/admin_manual/configuration_files/file_sharing_configuration.html.
It would be great if we can implement a way to communicate NextCloud file
sharing to Airavata in the future. However, this workaround can be followed
till then.
On Fri, Aug 3, 2018 at 1:44 PM Christie, Marcus Aaron <ma...@iu.edu>
wrote:
> Hi Dimuthu,
>
> This looks really good. One question, what does NextCloud use groups for?
> Is it just a way to share things with a group of users? One thought I had
> is if a user shares a file with another user in NextCloud, we’ll want that
> to be communicated to Airavata too, I think, otherwise only NextCloud knows
> about the sharing.
>
> Thanks,
>
> Marcus
>
> On Jul 22, 2018, at 2:02 PM, DImuthu Upeksha <di...@gmail.com>
> wrote:
>
> Hi All,
>
> Through this mail I'm planning to provide an update about the work we have
> done so far in Airavata NextCloud integration
>
> We have been considering to provide the facility to integrate NextCloud as
> a user storage mechanism for Airavata and there is an on going GSoC project
> (Karan is the student assigned to it) which is directly assigned for that.
> Even though NextCloud's WebDAV API was fairly straight forward to integrate
> with Airavata for file transfer operations, user authentication and
> authorization was bit tricky.
>
> Airavata has a user base backed by Keycloak and Nextcloud has it's own
> database backed user base. So the challenge was how to integrate Airavata
> users and authorization model into NextCloud without changing NextCloud
> code.
>
> The rescue was NextCloud's app interface [1]. We can write third-party
> apps into NextCloud and deploy them directly into it. Airavata NextCloud
> app [2] utilizes backend user APIs of NextCloud and registers Airavata user
> stores as an alternative user store into NextCloud. Once the App is
> installed into NextCloud, authentication request are directed to our user
> backend implementation [3] enabling us to talk to Keycloak and verify the
> authenticity of the user. For the authorization, there is a Group backend
> implementation [4] and it is supposed to handle groups for each user but we
> might have to wait until current group based auth changes are deployed in
> Develop environment. For the instance, I added mock groups to compete the
> features of the app.
>
> @Karan
> I believe now you have an idea of how to proceed with the rest of your
> project. It would be great if you can implement the rest of the methods in
> group backend [4] by looking at the group-based-auth branch of Airavata.
> Please let me know if you come up with any issue
>
> [1]
> https://docs.nextcloud.com/server/12/developer_manual/app/startapp.html
> [2] https://github.com/DImuthuUpe/airavata-nextcloud-app
> [3]
> https://github.com/DImuthuUpe/airavata-nextcloud-app/blob/master/lib/Backends/UserBackend.php
> [4]
> https://github.com/DImuthuUpe/airavata-nextcloud-app/blob/master/lib/Backends/GroupBackend.php
>
> Thanks
> Dimuthu
>
>
>
--
*Regards,Sachin Kariyattin*
Re: App to integrate Airavata userbase into NextCloud
Posted by "Christie, Marcus Aaron" <ma...@iu.edu>.
Hi Dimuthu,
This looks really good. One question, what does NextCloud use groups for? Is it just a way to share things with a group of users? One thought I had is if a user shares a file with another user in NextCloud, we’ll want that to be communicated to Airavata too, I think, otherwise only NextCloud knows about the sharing.
Thanks,
Marcus
On Jul 22, 2018, at 2:02 PM, DImuthu Upeksha <di...@gmail.com>> wrote:
Hi All,
Through this mail I'm planning to provide an update about the work we have done so far in Airavata NextCloud integration
We have been considering to provide the facility to integrate NextCloud as a user storage mechanism for Airavata and there is an on going GSoC project (Karan is the student assigned to it) which is directly assigned for that. Even though NextCloud's WebDAV API was fairly straight forward to integrate with Airavata for file transfer operations, user authentication and authorization was bit tricky.
Airavata has a user base backed by Keycloak and Nextcloud has it's own database backed user base. So the challenge was how to integrate Airavata users and authorization model into NextCloud without changing NextCloud code.
The rescue was NextCloud's app interface [1]. We can write third-party apps into NextCloud and deploy them directly into it. Airavata NextCloud app [2] utilizes backend user APIs of NextCloud and registers Airavata user stores as an alternative user store into NextCloud. Once the App is installed into NextCloud, authentication request are directed to our user backend implementation [3] enabling us to talk to Keycloak and verify the authenticity of the user. For the authorization, there is a Group backend implementation [4] and it is supposed to handle groups for each user but we might have to wait until current group based auth changes are deployed in Develop environment. For the instance, I added mock groups to compete the features of the app.
@Karan
I believe now you have an idea of how to proceed with the rest of your project. It would be great if you can implement the rest of the methods in group backend [4] by looking at the group-based-auth branch of Airavata. Please let me know if you come up with any issue
[1] https://docs.nextcloud.com/server/12/developer_manual/app/startapp.html
[2] https://github.com/DImuthuUpe/airavata-nextcloud-app
[3] https://github.com/DImuthuUpe/airavata-nextcloud-app/blob/master/lib/Backends/UserBackend.php
[4] https://github.com/DImuthuUpe/airavata-nextcloud-app/blob/master/lib/Backends/GroupBackend.php
Thanks
Dimuthu
Re: App to integrate Airavata userbase into NextCloud
Posted by "Kotabagi, Karan" <kk...@iu.edu>.
Hi All,
I was able to utilize this app and have modified the app to add the authentication support for the WebDAV via OAuth token.
The existing integration of nextcloud with the Seagrid rich-client will now work fine utilizing this app to support the authentication.
I will continue working with the seagrid rich-client and the WebDAV adapter in airavata to upload/download the files from the nextcloud, so that the output files are written to the required directory using the WebDAV adapter in airavata.
Regards
Karan
________________________________
From: Kotabagi, Karan
Sent: Sunday, July 22, 2018 3:56 PM
To: DImuthu Upeksha
Cc: Airavata Dev
Subject: Re: App to integrate Airavata userbase into NextCloud
?Hi Dimuthu,
Thanks for the integration and advancing a way to support the authentication.
I will be using this app and test the authentication via keycloak at present and explore the things further to implement the rest of the methods in the group backend.
Regards
Karan
________________________________
From: DImuthu Upeksha <di...@gmail.com>
Sent: Sunday, July 22, 2018 2:02 PM
To: Airavata Dev
Cc: Kotabagi, Karan
Subject: App to integrate Airavata userbase into NextCloud
Hi All,
Through this mail I'm planning to provide an update about the work we have done so far in Airavata NextCloud integration
We have been considering to provide the facility to integrate NextCloud as a user storage mechanism for Airavata and there is an on going GSoC project (Karan is the student assigned to it) which is directly assigned for that. Even though NextCloud's WebDAV API was fairly straight forward to integrate with Airavata for file transfer operations, user authentication and authorization was bit tricky.
Airavata has a user base backed by Keycloak and Nextcloud has it's own database backed user base. So the challenge was how to integrate Airavata users and authorization model into NextCloud without changing NextCloud code.
The rescue was NextCloud's app interface [1]. We can write third-party apps into NextCloud and deploy them directly into it. Airavata NextCloud app [2] utilizes backend user APIs of NextCloud and registers Airavata user stores as an alternative user store into NextCloud. Once the App is installed into NextCloud, authentication request are directed to our user backend implementation [3] enabling us to talk to Keycloak and verify the authenticity of the user. For the authorization, there is a Group backend implementation [4] and it is supposed to handle groups for each user but we might have to wait until current group based auth changes are deployed in Develop environment. For the instance, I added mock groups to compete the features of the app.
@Karan
I believe now you have an idea of how to proceed with the rest of your project. It would be great if you can implement the rest of the methods in group backend [4] by looking at the group-based-auth branch of Airavata. Please let me know if you come up with any issue
[1] https://docs.nextcloud.com/server/12/developer_manual/app/startapp.html
[2] https://github.com/DImuthuUpe/airavata-nextcloud-app
[3] https://github.com/DImuthuUpe/airavata-nextcloud-app/blob/master/lib/Backends/UserBackend.php
[4] https://github.com/DImuthuUpe/airavata-nextcloud-app/blob/master/lib/Backends/GroupBackend.php
Thanks
Dimuthu
Re: App to integrate Airavata userbase into NextCloud
Posted by "Kotabagi, Karan" <kk...@iu.edu>.
?Hi Dimuthu,
Thanks for the integration and advancing a way to support the authentication.
I will be using this app and test the authentication via keycloak at present and explore the things further to implement the rest of the methods in the group backend.
Regards
Karan
________________________________
From: DImuthu Upeksha <di...@gmail.com>
Sent: Sunday, July 22, 2018 2:02 PM
To: Airavata Dev
Cc: Kotabagi, Karan
Subject: App to integrate Airavata userbase into NextCloud
Hi All,
Through this mail I'm planning to provide an update about the work we have done so far in Airavata NextCloud integration
We have been considering to provide the facility to integrate NextCloud as a user storage mechanism for Airavata and there is an on going GSoC project (Karan is the student assigned to it) which is directly assigned for that. Even though NextCloud's WebDAV API was fairly straight forward to integrate with Airavata for file transfer operations, user authentication and authorization was bit tricky.
Airavata has a user base backed by Keycloak and Nextcloud has it's own database backed user base. So the challenge was how to integrate Airavata users and authorization model into NextCloud without changing NextCloud code.
The rescue was NextCloud's app interface [1]. We can write third-party apps into NextCloud and deploy them directly into it. Airavata NextCloud app [2] utilizes backend user APIs of NextCloud and registers Airavata user stores as an alternative user store into NextCloud. Once the App is installed into NextCloud, authentication request are directed to our user backend implementation [3] enabling us to talk to Keycloak and verify the authenticity of the user. For the authorization, there is a Group backend implementation [4] and it is supposed to handle groups for each user but we might have to wait until current group based auth changes are deployed in Develop environment. For the instance, I added mock groups to compete the features of the app.
@Karan
I believe now you have an idea of how to proceed with the rest of your project. It would be great if you can implement the rest of the methods in group backend [4] by looking at the group-based-auth branch of Airavata. Please let me know if you come up with any issue
[1] https://docs.nextcloud.com/server/12/developer_manual/app/startapp.html
[2] https://github.com/DImuthuUpe/airavata-nextcloud-app
[3] https://github.com/DImuthuUpe/airavata-nextcloud-app/blob/master/lib/Backends/UserBackend.php
[4] https://github.com/DImuthuUpe/airavata-nextcloud-app/blob/master/lib/Backends/GroupBackend.php
Thanks
Dimuthu