Skip to content

Commit

Permalink
explaining CORS
Browse files Browse the repository at this point in the history
  • Loading branch information
@costero-e
costero-e committed Mar 28, 2024
1 parent 13a21c9 commit c0c6764
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 1 deletion.
22 changes: 22 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,13 @@ To give the right permissions for AAI you will need to set the permissions of th
```bash
docker exec beacon-permissions bash permissions/permissions-ui/start.sh
```
Note: To make the permissions ui run, create an .env file inside permissions/permissions-uiweb folder and add the next variables with the exact same names:
```bash
SECRET_KEY="your_permissions_ui_secret_key"
OIDC_RP_CLIENT_ID='your_client_id'
OIDC_RP_CLIENT_SECRET='your_client_secret'
```

Please, bear in mind that the name of the user has to be the same that you used when creating the user in LS or in IDP, whatever the AAI method you are working with.
To give a user a certain type of response for their queries, please modify this file [response_type.yml](https://github.com/EGA-archive/beacon2-ri-api/blob/master/beacon/request/response_type.yml) adding the maximum type of response you want to allow every user.

Expand All @@ -33,6 +40,21 @@ KEYCLOAK_CLIENT_SECRET='your_keycloak_client_secret'
```
When you have your access token, pass it in a header with **Authorization: Bearer** in your POST request to get your answers. This token works coming from either from LS AAI or from keycloak (idp container).

### Handling CORS

To avoid CORS using beacon and the frontend or a third-party authorization site like Keycloak, you will have to include all these URLs inside [__main.py__](beacon/__main__.py), including them in the CORS middleware and CORS routes lists:
```bash
middlewares=[web.normalize_path_middleware(), middlewares.error_middleware, cors_middleware(origins=["your_URL"...
```
```bash
for route in list(beacon.router.routes()):
cors.add(route, {
"your_URL":
aiohttp_cors.ResourceOptions(allow_credentials=True,
expose_headers="*",
allow_methods=("POST", "PATCH", "GET", "OPTIONS"),
allow_headers=DEFAULT_ALLOW_HEADERS),
```
### Beacon security system
![Beacon security](https://github.com/EGA-archive/beacon2-ri-api/blob/develop/deploy/beacon_security.png?raw=true)
Expand Down
2 changes: 1 addition & 1 deletion permissions/permissions-ui/.gitignore
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
.env
web/.env

0 comments on commit c0c6764

Please sign in to comment.