CD2H gitForager

EMBL-EBI-TSI/aap-client-java

Name: aap-client-java

Owner: EMBL-EBI Technology & Science Integration

Description: Common functionality for consumers of the AAP services

Created: 2017-01-06 14:31:43.0

Updated: 2018-04-10 09:50:02.0

Pushed: 2018-04-10 09:50:00.0

Homepage: null

Size: 231

Language: Java

GitHub Committers

User	Most Recent Commit	# Commits

Other Committers

User	Email	Most Recent Commit	# Commits

README

Java client for the EBI AAP services

This is a library with common functionality to interact with the EBI's Authentication, Authorization and Profile service. It currently (Jan 2017) covers the authentication classes to secure rest API using spring.

Getting Started

Choose which aspect of the client you'd like to use:

security helps protect your API's endpoint via a token produced by the AAP
service helps making calls to the AAP API

Include the jar as dependency to your project (for example service with gradle):

sitories {
maven { url "https://oss.sonatype.org/content/repositories/snapshots" }


ndencies {
compile( group: 'uk.ac.ebi.tsc.aap.client', name: 'service', version: '1.0.2-SNAPSHOT')

Use the provided classes to secure your API: more to come on this section soon!

Configure which AAP environment to talk to

By default, the client uses our 'explore' environment, which we use as a sandbox for other parties integrating with us. To switch to another environment (for example, production https://api.aai.ebi.ac.uk), add the following properties (for ex, in your main application.properties):

If you use the security module:

url=https://api.aai.ebi.ac.uk

If you use the service module:

certificate=https://api.aai.ebi.ac.uk/meta/public.der

If you happen to use both, you can re-use the URL property in the definition of the certificate property so they're always in sync:

url=https://api.aai.ebi.ac.uk
certificate=${aap.url}/meta/public.der

If you would rather not read the public key dynamically on startup, you can instead download it (https://api.aai.ebi.ac.uk/meta/public.der for production), bundle it with your resources and update jwt.certificate to path/to/the/public/certificate.der.

Prerequisites

We are using this library with a few spring-boot applications, and anything with spring-security/spring-web should be easy to infer.

For building the components, you'll need to have setup a GPG signing key (for example by following the instructions of the good folks of github), and define a signatory in gradle (typically in ~/.gradle/gradle.properties):

ing.keyId=1A2B3C4D
ing.password=changeme
ing.secretKeyRingFile=path/to/secring.gpg

Note the long SHA does not seem to work (at least on windows), so use $ gpg --list-secret-keys instead, and what you need in keyId is what's in sec after the /.

It is also necessary to have defined the following variables (even if you are not using the uploadArchive task):

hUsername=someone
hPassword=secret

Installing

Download Gradle (if you haven't already got it…)
Checkout the source code

To come next: getting a JWT from the AAP, and using it to check which domain a given user is part of.

Running the tests

le test

Deployment

Package this library along with your application, as best relevant to your chosen dependency management system.

Built With

Spring Boot - The framework used
Gradle - Dependency Management
Jenkins - Continuous Delivery

Versioning

We use SemVer for versioning.

This work is supported by the National Institutes of Health's National Center for Advancing Translational Sciences, Grant Number U24TR002306. This work is solely the responsibility of the creators and does not necessarily represent the official views of the National Institutes of Health.