wiki:Howtos/ndgOAuthWithModWSGI

Version 1 (modified by pjkersha, 5 years ago) (diff)

--

Deploying ndg_oauth with mod_wsgi

Instructions for deploying an example client, authorisation server and resource server (with PySAML2 SP). Platform is Ubuntu 11.10

mod_wsgi

Ubuntu provides a package for this but it is built against Python 2.6 whereas the default system Python is 2.7. Download and install against the 2.7 version to be safe.

  1. Install pre-requisites:
    apt-get install
    
  2. Download and build
    wget http://modwsgi.googlecode.com/files/mod_wsgi-3.4.tar.gz
    tar zxvf mod_wsgi-3.4.tar.gz
    cd mod_wsgi-3.4
    ./configure
    
    == Python environment ==
     1. Prerequisites
    {{{
    apt-get install python-setuptools python-virtualenv
    }}}
     1. Make virtualenv in some suitable location e.g.
    {{{
    sudo virtualenv /usr/local/contrail_faas
    }}}
     1. Make a requirements text file
    {{{
    cat > /usr/local/contrail_faas/requirements.txt << EOF
    ndg_oauth_client
    ndg_oauth_server
    argparse
    Beaker
    decorator
    Genshi
    httplib2
    ndg-httpsclient
    Paste
    PasteDeploy
    PasteScript
    pyasn1
    pyOpenSSL
    pysaml2
    python-memcached
    repoze.who
    repoze.who.deprecatedplugins
    WebOb
    wsgiref
    zope.interface
    EOF
    }}}
     1. Activate environment and install packages 
    {{{
    . /usr/local/contrail_faas/bin/activate
    pip install -r requirements.txt
    }}}
    
    == Create WSGI scripts ==
     1. Scripts dir
    {{{
    mkdir /var/www/wsgi-scripts/
    }}}
     1. Client script
    {{{
    cat /var/www/wsgi-scripts//oauth-client.wsgi << EOF
    ALLDIRS = [
        '/usr/local/contrail_faas/lib/python2.7/site-packages',
        '/usr/local/contrail_faas/oauth_client'
    ]
    
    import sys 
    import site 
    
    # Remember original sys.path.
    prev_sys_path = list(sys.path) 
    
    # Add each new site-packages directory.
    for directory in ALLDIRS:
      site.addsitedir(directory)
    
    # Reorder sys.path so new directories at the front.
    new_sys_path = [] 
    for item in list(sys.path): 
        if item not in prev_sys_path: 
            new_sys_path.append(item) 
            sys.path.remove(item) 
    sys.path[:0] = new_sys_path 
    
    from paste.deploy import loadapp
    from logging.config import fileConfig
    config_filepath = '/usr/local/contrail_faas/oauth_client/bearer_tok_client_app.ini'
    fileConfig(config_filepath)
    application = loadapp('config:%s' % config_filepath)
    EOF
    }}}
     1. Server script
    {{{
    cat /var/www/wsgi-scripts/oauth-server.wsgi 
    ALLDIRS = [
        '/usr/local/contrail_faas/lib/python2.7/site-packages',
        '/usr/local/contrail_faas/oauth_server'
    ]
    
    import sys 
    import site 
    
    # Remember original sys.path.
    prev_sys_path = list(sys.path) 
    
    # Add each new site-packages directory.
    for directory in ALLDIRS:
      site.addsitedir(directory)
    
    # Reorder sys.path so new directories at the front.
    new_sys_path = [] 
    for item in list(sys.path): 
        if item not in prev_sys_path: 
            new_sys_path.append(item) 
            sys.path.remove(item) 
    sys.path[:0] = new_sys_path 
    
    from paste.deploy import loadapp
    from logging.config import fileConfig
    config_filepath = '/usr/local/contrail_faas/oauth_server/bearer_tok_server_app.ini'
    fileConfig(config_filepath)
    application = loadapp('config:%s' % config_filepath)
    
    }}}