Add @Welliton309's Auth0 docs

With external links to images Close ga4gh#1565
david4096 · Mar 10, 2017 · fe8f50d · fe8f50d
1 parent d3b2900
commit fe8f50d
Showing 1 changed file with 142 additions and 0 deletions.
diff --git a/docs/configuration.rst b/docs/configuration.rst
@@ -135,6 +135,148 @@ AUTHORIZED_EMAILS
     A comma separated list of user
 
 
+Configuring Auth0 service
+=========================
+
+First login or sign up in Auth0 website: https://auth0.com/
+
+Creating Client
+===============
+
+On tab ``Client`` click in ``Create Client``. Give a name for your
+Client and choose the ``Non Interactive Clients`` client type. Click
+``Create``.
+
+.. figure:: https://cloud.githubusercontent.com/assets/645272/23128816/0c753c58-f75f-11e6-94a2-c89d6bc1b8b6.png
+   :alt: create\_client
+
+   create\_client
+
+In ``Settings`` tab copy the ``Domain``, ``Client ID`` and
+``Client Secret`` data.
+
+.. figure:: https://cloud.githubusercontent.com/assets/645272/23128957/9eb48510-f75f-11e6-9487-74684023331f.png
+   :alt: get\_client\_secret\_domain
+
+   get\_client\_secret\_domain
+
+These data will be used to set the following server configuration values
+(`reference <http://ga4gh-reference-implementation.readthedocs.io/en/latest/configuration.html#configuration-values>`__):
+- ``AUTH0_HOST`` with ``Domain``; - ``AUTH0_CLIENT_ID`` with
+``Client ID``; - ``AUTH0_CLIENT_SECRET`` with ``Client Secret``.
+
+Fill ``Allowed Callback URLs``, ``Allowed Logout URLs`` and
+``Allowed Origins (CORS)`` with the web address of server endpoint plus
+the related path.
+
+.. figure:: https://cloud.githubusercontent.com/assets/645272/22839443/9a62f994-efb0-11e6-8533-ed93db81871e.PNG
+   :alt: allow\_address
+
+   allow\_address
+
+Creating API
+============
+
+Go to ``APIs`` tab and click in ``Create API``. The ``Identifier``
+should be the URL of server endpoint (the landing page). For this
+example I am using root path and TCP port 80.
+
+.. figure:: https://cloud.githubusercontent.com/assets/645272/23130019/a375722c-f763-11e6-9325-8b2e10af1b8a.png
+   :alt: create\_api
+
+   create\_api
+
+On ``Scopes`` tab, create two scopes: ``openid`` and ``email``.
+
+.. figure:: https://cloud.githubusercontent.com/assets/645272/23130083/dd674b7c-f763-11e6-859a-ddc97a28b4fd.png
+   :alt: create\_scopes
+
+   create\_scopes
+
+On ``Non Interactive Clients`` tab, authorize the previous created
+Client. Select both scopes ``openid`` and ``email``. Click ``Update``
+then ``Continue``.
+
+.. figure:: https://cloud.githubusercontent.com/assets/645272/23130173/3a0da0c4-f764-11e6-8451-3f68ff175f7f.png
+   :alt: authorize\_client
+
+   authorize\_client
+
+Creating Database Connections
+=============================
+
+Go to ``Connections-Database`` tab and click ``Create DB Connection``. I
+disabled sign ups because I want to have control over user creation
+allowing only certain people/software to have access on server.
+
+.. figure:: https://cloud.githubusercontent.com/assets/645272/23130287/9a8584bc-f764-11e6-9e57-64e4e94413b2.png
+   :alt: create\_database
+
+   create\_database
+
+In ``Clients`` tab, activate the connection between the Client and the
+Database.
+
+.. figure:: https://cloud.githubusercontent.com/assets/645272/23130354/e5242154-f764-11e6-8664-1dfb531d92c8.png
+   :alt: client\_db
+
+   client\_db
+
+Creating Users
+==============
+
+Go to ``Users`` tab and click ``Create User``. Fill the fields.
+``Connection`` should be same one previously created. An email will be
+send requesting to verify. I recommend creating your own user for
+testing purposes.
+
+.. figure:: https://cloud.githubusercontent.com/assets/645272/23130421/18c14636-f765-11e6-88cb-bce870f4afc1.png
+   :alt: create\_user
+
+   create\_user
+
+Setting up GA4GH server with authentication
+===========================================
+
+Append the following server configuration values to ``config.py`` file
+(`reference <https://github.com/ga4gh/server/pull/1470>`__). Remember to
+update the fields correctly. Create a SECRET\_KEY. I didn’t understand
+the field ``AUTH0_AUTHORIZED_EMAILS``. I just used the same email I used
+to login into Auth0 website.
+
+::
+
+    AUTH0_ENABLED = True
+    SECRET_KEY = "super_secret"
+    AUTH0_SCOPES = "openid email"
+    AUTH0_CALLBACK_URL = "http://192.168.0.5/callback"
+    AUTH0_HOST = "USER.auth0.com"
+    AUTH0_CLIENT_ID = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+    AUTH0_CLIENT_SECRET = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+    AUTH0_AUTHORIZED_EMAILS = "name@host.com"
+
+Restart the server.
+
+Testing
+=======
+
+Finally access server landing page. It will show an error and a link to
+login. At login page, use the same email and password used to create a
+user. Note that it does not have an option to create a user (it can be
+changed).
+
+.. figure:: https://cloud.githubusercontent.com/assets/645272/22840399/886dbff4-efb4-11e6-89ed-653feeb7a340.PNG
+   :alt: login
+
+   login
+
+After login you will see the token page.
+
+.. figure:: https://cloud.githubusercontent.com/assets/645272/23130576/c2b5f6aa-f765-11e6-980b-a1978462487e.png
+   :alt: token
+
+   token
+
 ------------------------
 OpenID Connect Providers
 ------------------------