Developer:OAuth

From myExperiment
Jump to: navigation, search

OAuth provides a secure way of making REST requests to APIs. This page details how to set up a client application to make secure calls to the myExperiment API using OAuth.

Setting up a OAuth Client Application

  • oauth4myexp.tar is a tar file that contains a PHP client application that can be modified to build a bespoke client application using the myExperiment API. After downloading this tar file untar it into a web folder on a web server that supports PHP.
    • instructions.htm within the tar file gives comprehensive details of what the various applications are for and how to use them.
  • Once the file is untarred the URL of the client application can be determine. This is required to register the client application. It will be something like the following:
 http://<yourserver>/<yourfilepath>/oauth4myexp/
  • To register the client application log into the appropriate myExperiment server, (e.g. http://www.myexperiment.org). Once logged into myExperiment go to the OAuth page (e.g. http://www.myexperiment.org/oauth/) and click on Register Client Application The screen will look something like that displayed below.


Myexp oauth1.png


  • Enter the appropriate details for the Name, Main Application URL and Callback URL, (Support URL is not required). Name can be anything you choose Main Application URL and Callback URL must be the URL where you are hosting your client application. Because of the way the PHP client application is designed these two fields can be the same. Finally choose the API calls that the client application will be able to use from the Permissions section. After clicking Register the following page will be displayed.


Myexp oauth2.png


  • From this page copy and paste the Consumer Key and Consumer Key values into the appropriate textfile field in the Config Generator provided with the PHP client application. The URL for this will be something like:
  http://<yourserver>/<yourfilepath>/oauth4myexp/config_generator.php


Myexp oauth3.png


  • Once the Consumer Key and Consumer Key values have been entered and the correct server selected click on Get Access Token. This will redirect back to the myExperiment website so that an access token can be authorised for the client application. If no user is logged in the page will redirect to the myExperiment website login page first.


Myexp oauth4.png


  • On this page check the Authorize Access checkbox and click Save Changes. This will redirect back to the Config Generator page.


Myexp oauth5.png


  • On the Config Generator page as base64 encoded config will be displayed this needs to be copied and pasted in to Config.php in the inc folder of PHP client application. After doing this load up the PHP client application, i.e. http://<yourserver>/<yourfilepath>/oauth4myexp/. If this has succeeded the name of the server where the client application was registered should be displayed in the Connected to Server field. The PHP client application can now be used to make API calls using OAuth.
  • http://<yourserver>/<yourfilepath>/oauth4myexp/template.php is also provided to allow developers to build upon to create their own bespoke client application. Please read the details in instructions.htm, which comes with the PHP client application, for further details.