-
Notifications
You must be signed in to change notification settings - Fork 1
Integration of CO into the IBP web site
Plans
-
First step is for Brandon to create an iframe on this page https://www.integratedbreeding.net/crop-ontology that loads http://www.cropontology.org/
-
The iframe should actually load http://www.cropontology.org/?session=SESSb76d114f99a4xxxx with the extra session parameter. Me and Brandon will take care of details.
-
I will then make sure, based on the session token, the user information is properly loaded on the CO site. Brandon, I could probably just scrape the HTML homepage without much trouble to get this info, unless you can easily develop a simple JSON return result of the user. Anyway we can discuss details.
-
Outcome is that users will then be able to log into the IBP, go to https://www.integratedbreeding.net/crop-ontology, and find themselves being logged in the CO site as well, with the ability to comment/upload/edit ontologies using their IBP credentials.
-
We also mention they the crop specific ontologies will be available as a link from the Forum, within the permanent list of links on the top right: https://www.integratedbreeding.net/community/sorghum/forums and for each community
I have the tokenization and authorization components in place to allow for automatic remote logins of already authorized users in the IBP.
On the IBP side, you can view a "demo" iframe that now utilizes this functionality here: https://www.integratedbreeding.net/co-test
Please note that the above iframe is trying to load cropontology.org over an HTTPS connection. This is a requirement for us going forward and is something that newer browsers are enforcing with their mixed content policies. In other words, an SSL certificate will need to be set up on the cropontology.org domain name. Please let us know if this is an issue.
When loading content from cropontology.org within iframes, a GET variable called "ibput" will be passed containing a unique token specific to the user's account. If the user is not logged in on the IBP, no token value will be passed. You will then need to make a call to the API I've developed in order to retrieve the user's details.
The GET API endpoint is: https://www.integratedbreeding.net/auth
The API endpoint will accept requests only from specific IP's. The cropontology.org IP has been whitelisted.
All that needs to be done while making a request is that you will need to pass two GET variables in the format of https://www.integratedbreeding.net/auth/?key=___&token=____
The key is a unique string that has been assigned to incoming requests from the crop ontology domain. Your key is:
cropon_nc39F34j
The token value is the token value that has been passed to you from the user browsing the site in the iframe. When you submit the request to our /auth API, it will provide a response in JSON format which will either be an error message (in the case of a token mismatch, authentication error, etc.) or it will provide a successful result. Here are the values we are currently sending back with a successful request:
"status" - set to '1', indicates a successful request "userid" - An integer representing the user in our system. "username" - The user's username on our system. "email" - The user's e-mail address in our system. "name" - The user's full name in our system.
How you choose to manage the data on your end is up to you. My recommendation would be that data is stored locally in a session but otherwise refreshed from our API when necessary. That may require a bit more discussion.
Please let me know if this all makes sense and if you foresee any issues integrating this way. The system is ready to accept your requests immediately if you wish to begin testing this. If you need anything from me, have questions, or would like any kind of code sample, please let me know and I'll be happy to provide!
Have a great day,
Brandon