TODO merge with devicehub | devicehub adapted to trustchain oc1 orchestral (dpp branch)
This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
Go to file
pedro b423a53cfe automate OIDC setup for devicehub server & client 2023-09-21 18:44:43 +02:00
.github Run selenium only on reviews 2022-09-29 12:11:10 +02:00
docker automate OIDC setup for devicehub server & client 2023-09-21 18:44:43 +02:00
docs clean 2022-11-24 12:21:42 +01:00
ereuse_devicehub fix json doble quotes 2023-09-21 18:40:21 +02:00
examples automate OIDC setup for devicehub server & client 2023-09-21 18:44:43 +02:00
scripts drop pdb 2023-04-28 12:11:09 +02:00
tests fix test 2023-06-16 13:04:37 +02:00
.babelrc.json use babel to support old browsers 2022-05-09 11:07:57 +02:00
.eslintignore ESLint ignore builded JS files 2022-05-11 19:07:52 +02:00
.eslintrc.json eslint avoid class limit 2022-05-13 21:29:29 +02:00
.gitignore add basic dockerization to devicehub dpp 2023-09-21 18:44:43 +02:00
.pre-commit-config.yaml Add pip-compile pre-commit hook 2022-09-29 12:22:22 +02:00
.prettierrc.json add prettier rule 2022-04-20 11:55:15 +02:00
CHANGELOG.md update changelog 2023-06-14 10:43:52 +02:00
CONTRIBUTING.md Manage dependencies using pip-tools 2022-09-29 12:11:10 +02:00
Definition-dpp.md Update Definition-dpp.md 2023-07-19 11:34:58 +02:00
LICENSE.txt Add GPLV3 License 2019-06-09 08:48:09 +02:00
MANIFEST.in Better installation; add example_app 2018-07-07 18:51:15 +02:00
Makefile docker: publish new image and put it in d-compose 2023-09-21 18:44:43 +02:00
README.md update README 2023-09-19 09:05:59 +02:00
alembic.ini Update README 2020-05-15 20:14:00 +02:00
development-setup.md Remove duplicated setup steps 2022-04-12 12:32:20 +02:00
docker-compose.yml automate OIDC setup for devicehub server & client 2023-09-21 18:44:43 +02:00
licences.txt fixing bug of 2 users with the same device and launch one live 2021-01-08 10:46:34 +01:00
package.json Fix build-js pre-commit hook 2022-09-29 12:04:05 +02:00
pyproject.toml up target-version 2023-06-02 09:54:43 +02:00
requirements-dev.txt Move selenium to requirements-dev.txt 2022-07-15 12:03:06 +02:00
requirements-prod.txt Move sentry & blinker to requirements-prod.txt 2022-07-15 11:59:06 +02:00
requirements.in fix teal import inm did resource 2023-05-24 10:25:04 +02:00
requirements.txt fix teal import inm did resource 2023-05-24 10:25:04 +02:00
setup.cfg Enhance testing config 2018-09-16 15:56:20 +02:00
setup.py correct versions of dependencies 2023-03-27 10:22:08 +02:00
tox.ini Add pre-commit hook to run black, flake8 & isort 2022-02-10 14:05:26 +01:00

README.md

Devicehub

Devicehub is a distributed IT Asset Management System focused in reusing devices, created under the project eReuse.org

This README explains how to install and use Devicehub. The documentation explains the concepts and the API.

Devicehub is built with Teal and Flask.

Installing

The requirements are:

  1. Required
  1. Generate a clone of the repository.
    git clone git@github.com:eReuse/devicehub-teal.git
    cd devicehub-teal
  1. Create a virtual environment and install Devicehub with pip.
    python3.9 -m venv env
    source env/bin/activate
    pip3 install -U -r requirements.txt -e .
    pip3 install Authlib==1.2.1
  1. Create a PostgreSQL database called devicehub by running create-db:
  • In Linux, execute the following two commands (adapt them to your distro):

    1. sudo su - postgres.
    2. bash examples/create-db.sh devicehub dhub, and password ereuse.
  • In MacOS: bash examples/create-db.sh devicehub dhub, and password ereuse.

Configure project using environment file (you can use provided example as quickstart):

$ cp examples/env.example .env
  1. Running alembic from oidc module.y
    alembic -x inventory=dbtest upgrade head
  1. Running alembic from oidc module.y
    cd ereuse_devicehub/modules/oidc
    alembic -x inventory=dbtest upgrade head
  1. Running alembic from dpp module.
    cd ereuse_devicehub/modules/dpp/
    alembic -x inventory=dbtest upgrade head
  1. Add a suitable app.py file.
      cp examples/app.py .
  1. Generate a minimal data structure.
      flask initdata
  1. Add a new server to the 'api resolver' to be able to integrate it into the federation. The domain name for this new server has to be unique. When installing two instances their domain name must differ: e.g. dpp.mydomain1.cxm, dpp.mydomain2.cxm. If your domain is dpp.mydomain.cxm:
    	flask dlt_insert_members http://dpp.mydomain.cxm
modify the .env file as indicated in point 3.
Add the corresponding 'DH' in ID_FEDERATED.
example: ID_FEDERATED='DH10'
  1. Do a rsync api resolve.
  	  flask dlt_rsync_members
  1. Register a new user in devicehub.
  	  flask adduser email@cxm.cxm password
  1. Register a new user to the DLT.
  	  flask dlt_register_user email@cxm.cxm password Operator
  1. Finally, run the app:
$ flask run --debugger

The error bdist_wheel can happen when you work with a virtual environment. To fix it, install in the virtual environment wheel package. pip3 install wheel

Testing

  1. git clone this project.
  2. Create a database for testing executing create-db.sh like the normal installation but changing the first parameter from devicehub to dh_test: create-db.sh dh_test dhub and password ereuse.
  3. Execute at the root folder of the project python3 setup.py test.

Upgrade a deployment

For upgrade an instance of devicehub you need to do:

$ cd $PATH_TO_DEVIHUBTEAL
$ source venv/bin/activate
$ git pull
$ alembic -x inventory=dbtest upgrade head

If all migrations pass successfully, then it is necessary restart the devicehub. Normaly you can use a little script for restart or run.

# systemctl stop gunicorn_devicehub.socket
# systemctl stop gunicorn_devicehub.service
# systemctl start gunicorn_devicehub.service

OpenId Connect:

We want to interconnect two devicehub instances already installed. One has a set of devices (OIDC client), the other has a set of users (OIDC identity server). Let's assume their domains are: dpp.mydomain1.cxm, dpp.mydomain2.cxm 20. In order to connect the two devicehub instances, it is necessary: * 20.1. Register a user in the devicehub instance acting as OIDC identity server. * 20.2. Fill in the openid connect form. * 20.3. Add in the OIDC client inventory the data of client_id, client_secret.

For 20.1. This can be achieved on the terminal on the devicehub instance acting as OIDC identity server. flask adduser email@cxm.cxm password

* 20.2. This is an example of how to fill in the form.

In the web interface of the OIDC identity service, click on the profile of the just added user, select "My Profile" and click on "OpenID Connect":
Then we can go to the "OpenID Connect" panel and fill out the form:

The important thing about this form is:
  * "Client URL" The URL of the OIDC Client instance, as registered in point 12. dpp.mydomain1.cxm in our example.
  * "Allowed Scope" has to have these three words:
  ```
    openid profile rols
  ```
* "Redirect URIs" it has to be the URL that was put in "Client URL" plus "/allow_code"
  * "Allowed Grant Types" has to be "authorization_code"
  * "Allowed Response Types" has to be "code"
  * "Token Endpoint Auth Method" has to be "Client Secret Basic"

After clicking on "Submit" the "OpenID Connect" tab of the user profile should now include details for "client_id" and "client_secret".

* 20.3. In the OIDC client inventory run: (in our example: url_domain is dpp.mydomain2.cxm, client_id and client_secret as resulting from the previous step)
```
  flask add_client_oidc url_domain client_id client_secret
```
After this step, both servers must be connected. Opening one DPP page on dpp.mydomain1.cxm (OIDC Client) the user can choose to authenticate using dpp.mydomain2.cxm (OIDC Server).

Generating the docs

  1. git clone this project.
  2. Install plantuml. In Debian 9 is # apt install plantuml.
  3. Execute pip3 install -e .[docs] in the project root folder.
  4. Go to <project root folder>/docs and execute make html. Repeat this step to generate new docs.

To auto-generate the docs do pip3 install -e .[docs-auto], then execute, in the root folder of the project sphinx-autobuild docs docs/_build/html.