OAuth2 Authentication with GitHub account from IRIS Web Application |

Article

Muhammad Waseem · Dec 4, 2021 3m read

Open Exchange

#Authentication #GitHub #OAuth2 #InterSystems IRIS

In this article I will demonstrate basics of OAuth2 authentication with GitHub account with the help of online demo
https://dappsecurity.demo.community.intersystems.com/csp/user/index.csp by using SuperUser | SYS

Recommendations:

OAuth2 Overview : https://learning.intersystems.com/course/view.php?id=252
Documentations : Using an InterSystems IRIS Web Application as an OAuth2 Client
Articles : https://community.intersystems.com/post/intersystems-iris-open-authoriza...

We need below 3 steps to achieve the desire :

Step 1 : Register Application with GitHub Authentication Server
Step 2 : Configure OAuth 2.0 Client from InterSystems Management portal
Step 3 : Call API to login with GitHub account

So Let's start

Step 1 : Register Application with GitHub Authentication Server

In order to register application with GitHub authentication server we need GitHub account.
Log in to GitHub account and navigate to https://github.com/settings/developers and under OAuth Apps tab click New OAuth App button

Enter Application name, Homepage URL, Description and Authorization call back URL
Please note that Authorization call back URL must refer to OAuth2.Response.cls class ({domain}/csp/sys/oauth2/OAuth2.Response.cls)
Click Register Application

This will open detail page. Click Generate a new client secret and save Client ID and Secret Key which we will use while configuring IRIS OAuth2 client

Application is registered successfully

Step 2 : Configure OAuth 2.0 Client from InterSystems Management portal

Navigate to System > Security Management > OAuth 2.0 Client and click Create Server Description button

Click Manual button from top and enter below details and Save the server description

Navigate back to System > Security Management > OAuth 2.0 Client and click Client Configurations

In General tab fill the details. Please note that Client redirect URL is same what we entered in Authorization callback URL while registering our application at GitHub

Under Client Credentials enter Client ID and Client Secret which we generated while registering our application at GitHub and save the client configuration

Step 3 : Call API to login with GitHub account

Navigate to online demo at https://dappsecurity.demo.community.intersystems.com/csp/user/index.csp and login with SuperUser | SYS
Press Login with Github account from top menu

This will open Oauth.cls page. Make sure to logout from GitHub before trying sign in. Click Github Sign In

System will navigate to GitHub authentication server by using GetAuthorizationCodeEndpoint method of %SYS.OAuth2.Authorization class
https://docs.intersystems.com/latest/csp/documatic/%25CSP.Documatic.cls?...

Upon successful login system will redirect to OauthRe.cls page

Code is available at this repository https://github.com/mwaseem75/Data_APP_Security

Thanks