Federated Identities - zacharylongo/Tech-Journals GitHub Wiki

This Lab was broken down into 3 Portions (+ a reflection)

  • Creating a Github app

  • Setting up the Flask App

  • Setting up Github and Flask on AWS

Creating my Github app

  • First I went to "Settings" > then "Developer Settings"

  • From here, I went to the "OAuth Apps" section where there is an option to "Register a new application"

  • This should prompt you with a registration page where you fill in the name of your application, it's homepage URL, a description, and the authorization callback URL.

Secrets

  • From my newly created O-Auth application (selected in Github menu of active Oauth applications) I pressed "Generate new client secret"

  • I then copied the secret over to my xubuntuwan machine.

Flask App

  • To start I installed the following:
sudo apt update -y
sudo apt install python3-pip build-essential libffi-dev python3-dev python3-setuptools libssl-dev -y
sudo apt install python3.10-venv -y
pip3 install virtualenvwrapper```
  • I'd then create an "oauthlab" folder and a "cred.json" file:
mkdir ~/oauthlab
vi ~/oauthlab/cred.json
  • I then filled in cred.json with the following:
{
    "client_id":"{REPLACE_W_CLIENT_ID}",
    "client_secret":"{REPLACE_W_CLIENT_SECRET}",
    "authorization_base_url":"https://github.com/login/oauth/authorize",
    "token_url":"https://github.com/login/oauth/access_token"
}

  • I then put the contents of my flask app in a file located under /ouathlab/webapp.p ; using vi to run the web app. (Insert link to code here)

  • I then installed and configured my pyhton virtual environment:

python3 -m venv ~/oauthlab/venv
source ~/oauthlab/venv/bin/activate
  • Installed requirements:
pip3 install wheel
pip3 install Flask
pip3 install pyOpenSSL
pip3 install requests_oauthlib
  • Ran my webapp *
python3 ~/oauthlab/webapp.py
  • After this I navigated to https://127.0.0.1:5000/ where I was prompted to authorize. Completing the implementation after authorization.

Reflection

Overall I had very little issue with the beginning portions of this lab, but struggled when it came to the AWS requirement. As I had more pressing matters to attend to I never ended up completing this component, but from my understanding it was largely similar to the first part of the lab. In general the idea of federated identities is one that is very intriguing to me and I hope to explore it more in the future.