Deploying ndg_oauth with mod_wsgi

Instructions for deploying an example client, authorisation server and resource server (with PySAML2 SP). Platform is Ubuntu 11.10

mod_wsgi

Ubuntu provides a package for this but it is built against Python 2.6 whereas the default system Python is 2.7. Download and install against the 2.7 version to be safe.

1. Install pre-requisites:

   apt-get install
   

2. Download and build

   wget http://modwsgi.googlecode.com/files/mod_wsgi-3.4.tar.gz
   tar zxvf mod_wsgi-3.4.tar.gz
   cd mod_wsgi-3.4
   ./configure
   
   == Python environment ==
    1. Prerequisites
   {{{
   apt-get install python-setuptools python-virtualenv
   }}}
    1. Make virtualenv in some suitable location e.g.
   {{{
   sudo virtualenv /usr/local/contrail_faas
   }}}
    1. Make a requirements text file
   {{{
   cat > /usr/local/contrail_faas/requirements.txt << EOF
   ndg_oauth_client
   ndg_oauth_server
   argparse
   Beaker
   decorator
   Genshi
   httplib2
   ndg-httpsclient
   Paste
   PasteDeploy
   PasteScript
   pyasn1
   pyOpenSSL
   pysaml2
   python-memcached
   repoze.who
   repoze.who.deprecatedplugins
   WebOb
   wsgiref
   zope.interface
   EOF
   }}}
    1. Activate environment and install packages 
   {{{
   . /usr/local/contrail_faas/bin/activate
   pip install -r requirements.txt
   }}}
   
   == Create WSGI scripts ==
    1. Scripts dir
   {{{
   mkdir /var/www/wsgi-scripts/
   }}}
    1. Client script
   {{{
   cat /var/www/wsgi-scripts//oauth-client.wsgi << EOF
   ALLDIRS = [
       '/usr/local/contrail_faas/lib/python2.7/site-packages',
       '/usr/local/contrail_faas/oauth_client'
   ]
   
   import sys 
   import site 
   
   # Remember original sys.path.
   prev_sys_path = list(sys.path) 
   
   # Add each new site-packages directory.
   for directory in ALLDIRS:
     site.addsitedir(directory)
   
   # Reorder sys.path so new directories at the front.
   new_sys_path = [] 
   for item in list(sys.path): 
       if item not in prev_sys_path: 
           new_sys_path.append(item) 
           sys.path.remove(item) 
   sys.path[:0] = new_sys_path 
   
   from paste.deploy import loadapp
   from logging.config import fileConfig
   config_filepath = '/usr/local/contrail_faas/oauth_client/bearer_tok_client_app.ini'
   fileConfig(config_filepath)
   application = loadapp('config:%s' % config_filepath)
   EOF
   }}}
    1. Server script
   {{{
   cat /var/www/wsgi-scripts/oauth-server.wsgi 
   ALLDIRS = [
       '/usr/local/contrail_faas/lib/python2.7/site-packages',
       '/usr/local/contrail_faas/oauth_server'
   ]
   
   import sys 
   import site 
   
   # Remember original sys.path.
   prev_sys_path = list(sys.path) 
   
   # Add each new site-packages directory.
   for directory in ALLDIRS:
     site.addsitedir(directory)
   
   # Reorder sys.path so new directories at the front.
   new_sys_path = [] 
   for item in list(sys.path): 
       if item not in prev_sys_path: 
           new_sys_path.append(item) 
           sys.path.remove(item) 
   sys.path[:0] = new_sys_path 
   
   from paste.deploy import loadapp
   from logging.config import fileConfig
   config_filepath = '/usr/local/contrail_faas/oauth_server/bearer_tok_server_app.ini'
   fileConfig(config_filepath)
   application = loadapp('config:%s' % config_filepath)
   
   }}}