%VOSWARNING% %META:TOPICPARENT{name="OAuth"}% %TOC% ---+ OAuth server ---++ General The [[OAuth]] protocol enables web services consumers to access protected resources via an API without requiring users to supply the service credentials to the consumers. It's a generic methodology for unobtrusive, wire protocol level authenticated data access over HTTP. ---++ API Virtuoso implements the OAuth Core 1.0 specification, and exposes the following API endpoints: ---+++ Request token Endpoint: http://server-cname/OAuth/request_token Parameters * oauth_consumer_key — The Consumer Key. * oauth_signature_method — The signature method the Consumer used to sign the request. * oauth_signature — The signature as defined in Signing Requests (Signing Requests). * oauth_timestamp — As defined in Nonce and Timestamp (Nonce and Timestamp). * oauth_nonce — As defined in Nonce and Timestamp (Nonce and Timestamp). * oauth_version — OPTIONAL. If present, value MUST be 1.0 . ---++++ Example Request: http://localhost:8890/OAuth/request_token?oauth_version=1.0&oauth_nonce =dad4cb071e2169cbcaa051d404ac61a3&oauth_timestamp=1201873644&oauth_cons umer_key=f756023be5ff1f20881cf8fe398069f3976b2304&oauth_signature_metho d=HMAC-SHA1&oauth_signature=z76k5fQ0msFsQzCmhO%2FJZ329ZUE%3D Note: all long lines in example texts are split, i.e., the GET request is single line. Response: oauth_token=b4e22daa117b0bebf60ab6ba6e401edc7addd78c&oauth_token_secret =4de6e3ab17553a0a385ebf6a3b4dd30f ---+++ Authorization Endpoint: http://server-cname/OAuth/authorize Parameters: * oauth_token — The Request Token obtained in the previous step. The current implementation of the Service Provider declare this parameter as REQUIRED. * oauth_callback — OPTIONAL. The Consumer MAY specify a URL the Service Provider will use to redirect the User back to the Consumer when Obtaining User Authorization (Obtaining User Authorization) is complete. ---++++ Example Request: http://localhost:8890/OAuth/authorize?oauth_token=b4e22daa117b0bebf60ab 6ba6e401edc7addd78c&oauth_callback=http%3A%2F%2Flocalhost%3A8890%2Foaut h%2Fexample%2Fclient.php%3Fkey%3Df756023be5ff1f20881cf8fe398069f3976b23 04%26secret%3Dcc249bfb732039d8ecba9e4f94fdead7%26token%3Db4e22daa117b0b ebf60ab6ba6e401edc7addd78c%26token_secret%3D4de6e3ab17553a0a385ebf6a3b4 dd30f%26endpoint%3Dhttp%253A%252F%252Flocalhost%253A8890%252FOAuth%252F authorize The User will be asked via web page to accept or decline the token. ---+++ Access token Endpoint: http://server-cname/OAuth/access_token Parameters: * oauth_consumer_key — The Consumer Key. * oauth_token — The Request Token obtained previously. * oauth_signature_method — The signature method the Consumer used to sign the request. * oauth_signature — The signature as defined in Signing Requests (Signing Requests). * oauth_timestamp — As defined in Nonce and Timestamp (Nonce and Timestamp). * oauth_nonce — As defined in Nonce and Timestamp (Nonce and Timestamp). * oauth_version — OPTIONAL. If present, value MUST be 1.0 . ---++++ Example Request: http://localhost:8890/OAuth/access_token?oauth_version=1.0&oauth_nonce= 8ad75091a66bdd741472be42149c828e&oauth_timestamp=1201873800&oauth_consu mer_key=f756023be5ff1f20881cf8fe398069f3976b2304&oauth_token=b4e22daa11 7b0bebf60ab6ba6e401edc7addd78c&oauth_signature_method=HMAC-SHA1&oauth_s ignature=tCxy0Lod4%2Bp%2FCBPV7Ph7RrsHXe4%3D Response: oauth_token=8c03b3da93480ca4728cc1194d6d03962f3bb5bb&oauth_token_secret =854fd29c00adcedff4fbeaeb96584911 In addition to the endpoints, it defines an API for PL applications to check authentication: ---+++ Authentication verification OAUTH.DBA.check_authentication (in params any, in lines any) Parameters: * params — an array of strings representing the HTTP parameters * lines — an array of HTTP request headers Result: * on success, it returns integer 1. * on failure, it signals an SQL error. ---++++Sample code A sample service (oauth.vsp): An OAuth testing page ---++++Sample request http://localhost:8890/admin/oauth.vsp?oauth_version=1.0&oauth_nonce=d57 640869b994b2d51bf9800229c4997&oauth_timestamp=1201873935&oauth_consumer _key=f756023be5ff1f20881cf8fe398069f3976b2304&oauth_token=8c03b3da93480 ca4728cc1194d6d03962f3bb5bb&oauth_signature_method=HMAC-SHA1&oauth_sign ature=X3K4lr9bJVz5YLnnyJDkykQZivY%3D ---++++Sample response An OAuth testing page ---++References * [[OAuth][OpenLink's explanation of OAuth]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtOAuthControllers][Using OAuth with ODS]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtuosoOdsUbiquity][ODS Ubiquity Commands]] * [[VirtOAuth][Virtuoso OAuth Implementation]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtuosoOdsControllers][ODS Controllers]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtODSOAuthQA][Testing Virtuoso OAuth with 3rd Party OAuth Clients]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtuosoOdsUbiquityTutorialsOAuth][OAuth Ubiquity Tutorial]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtOAuthTestTool][Virtuoso OAuth Test Tool for ODS Controllers]] * [[VirtOAuthSPARQL][Virtuoso SPARQL OAuth Tutorial]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtuosoOdsUbiquityTutorials][ODS Ubiquity Tutorials]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtOAuthExamples][OAuth Applications Authentication examples]] * [[http://oauth.net/core/1.0/][OAuth API]] * [[VirtAuthServerUI][Virtuoso Authentication Server UI]] CategoryVirtuoso CategoryODS CategoryOAuth CategoryVOS CategoryDocumentation