-
Notifications
You must be signed in to change notification settings - Fork 370
OAUTH CREDENTIAL GENERATION FOR SUNBIRD
SMY ALTAMASH edited this page Jun 17, 2019
·
9 revisions
- Portal OAUTH
- Kibana OAUTH
- Superset OAUTH
- Portal CAPTCHA
- Keycloak OAUTH
NOTE: [Skip Few Steps If Not doing it for first time]
- Login to google developer console - [ https://console.developers.google.com/ ], Read the Terms and services and accept the agreement.
- Credentials > CREATE > [Project Name: ENV portal, Organisation: select the listed organisation, Location: office location], if nothing is listed then accept the default and give any value > Create .
- Credentials > Create Credentials > oAuth Consent Screen > Public > Application Name: ENV > Application Logo: logoURL[Optional] > Authorized Domains > Parent Domain [Example: www.sunbird.org or dev.sunbird.org or qa.sunbird.org value should be sunbird.org] > Save
- Credentials > Domain Verification > Add Domain > DNS-NAME [Example: sunbird.org] > Verify Ownership > Take Me there > Validate the domain based on the DNS registrar and the certs you can update
- Credentials > Create Credentials > oAuth Client ID > Web Application > Name: App Name > Authorized Javascript origins: FQDNS Name[Example: https://www.sunbird.org] > Authorized Redirect URIs: Redirect URL[ https://DNS/google/auth/callback , http://DNS/google/auth/callback, http://localhost:3000/google/auth/callback ] > Create
- Save the Client ID and Secret in a safe place
- Update "core_vault_sunbird_google_oauth_clientId_portal" variable with client ID and "core_vault_sunbird_google_oauth_clientSecret_portal" with Client Secret and Deploy Player
NOTE: [Skip Few Steps If Not doing it for first time]
- Login to google developer console - [ https://console.developers.google.com/ ], Read the Terms and services and accept the agreement.
- Credentials > CREATE > [Project Name: ENV Kibana, Organisation: select the listed organisation, Location: office location], if nothing is listed then accept the default and give any value > Create .
- Credentials > Create Credentials > oAuth Consent Screen > Public > Application Name: ENV > Application Logo: logoURL[Optional] > Authorized Domains > Parent Domain [Example: www.sunbird.org or dev.sunbird.org or qa.sunbird.org value should be sunbird.org] > Save
- Credentials > Domain Verification > Add Domain > DNS-NAME [Example: sunbird.org] > Verify Ownership > Take Me there > Validate the domain based on the DNS registrar and the certs you can update
- Credentials > Create Credentials > oAuth Client ID > Web Application > Name: App Name > Authorized Javascript origins: FQDNS Name[Example: https://www.sunbird.org] > Authorized Redirect URIs: Redirect URL[ https://DNS/oauth2/callback ] > Create
- Save the Client ID and Secret in a safe place
- Update "core_vault_kibana_google_client_id" variable with client ID and "core_vault_kibana_google_client_secret" with Client Secret and Logger stack
NOTE: [Skip Few Steps If Not doing it for first time]
- Login to google developer console - [ https://console.developers.google.com/ ], Read the Terms and services and accept the agreement.
- Credentials > CREATE > [Project Name: ENV Superset, Organisation: select the listed organisation, Location: office location], if nothing is listed then accept the default and give any value > Create .
- Credentials > Create Credentials > oAuth Consent Screen > Public > Application Name: ENV > Application Logo: logoURL[Optional] > Authorized Domains > Parent Domain [Example: www.sunbird.org or dev.sunbird.org or qa.sunbird.org value should be sunbird.org] > Save
- Credentials > Domain Verification > Add Domain > DNS-NAME [Example: sunbird.org] > Verify Ownership > Take Me there > Validate the domain based on the DNS registrar and the certs you can update
- Credentials > Create Credentials > oAuth Client ID > Web Application > Name: App Name > Authorized Javascript origins: FQDNS Name[Example: https://www.sunbird.org] > Authorized Redirect URIs: Redirect URL[ http://DNS/oauth-authorized/google ] > Create
- Save the Client ID and Secret in a safe place
NOTE: [Skip Few Steps If Not doing it for first time]
- Login to google developer console - [ https://www.google.com/recaptcha/admin ], Read the Terms and services and accept the agreement.
- Label: https://DNS > reCAPTCHA Type: reCAPTCHA v2[Invisible reCAPTCHA badge], Domains: DNS[without http or https] > Accept the reCAPTCHA Terms of Service > Send alerts to owners [NO] > SUBMIT
- Save the Site key and Secret Key
- Update the variable "core_vault_sunbird_google_captcha_site_key_portal" with site key and deploy portal.