{"id":23859214,"url":"https://github.com/openconext/openconext-voot","last_synced_at":"2025-06-26T10:04:38.553Z","repository":{"id":26833352,"uuid":"30292657","full_name":"OpenConext/OpenConext-voot","owner":"OpenConext","description":"Retrieve user's groups via the VOOT protocol protected by OAuth","archived":false,"fork":false,"pushed_at":"2024-12-17T08:01:16.000Z","size":527,"stargazers_count":2,"open_issues_count":0,"forks_count":2,"subscribers_count":12,"default_branch":"main","last_synced_at":"2025-04-08T17:54:29.303Z","etag":null,"topics":["groups","java","oauth","openconext","voot"],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OpenConext.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-02-04T10:04:04.000Z","updated_at":"2024-12-17T08:01:07.000Z","dependencies_parsed_at":"2023-11-27T14:28:14.347Z","dependency_job_id":"ed2fd4f6-2132-4dca-97c6-33a020dc78b6","html_url":"https://github.com/OpenConext/OpenConext-voot","commit_stats":null,"previous_names":[],"tags_count":29,"template":false,"template_full_name":null,"purl":"pkg:github/OpenConext/OpenConext-voot","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FOpenConext-voot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FOpenConext-voot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FOpenConext-voot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FOpenConext-voot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OpenConext","download_url":"https://codeload.github.com/OpenConext/OpenConext-voot/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FOpenConext-voot/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":262044446,"owners_count":23249749,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["groups","java","oauth","openconext","voot"],"created_at":"2025-01-03T03:32:55.147Z","updated_at":"2025-06-26T10:04:38.533Z","avatar_url":"https://github.com/OpenConext.png","language":"Java","readme":"# Voot\n\n[![Build Status](https://travis-ci.org/OpenConext/OpenConext-voot.svg)](https://travis-ci.org/OpenConext/OpenConext-voot)\n[![codecov.io](https://codecov.io/github/OpenConext/OpenConext-voot/coverage.svg)](https://codecov.io/github/OpenConext/OpenConext-voot)\n\nThis application acts as Oauth2 Resource Server which provides a HTTP+Json-based API where Oauth2 clients can query information about\nthe 'groups' a user may belong to. Such clients may then use that information for their own internal authorization\npurposes. The way this information is shared adheres to the [Voot protocol](http://openvoot.org/).\n\nThe info below is geared towards developers that need to work on this codebase, not to those that may want to use this API.\n\n### [Create test databases](#create-databases)\n\nConnect to your local mysql database: `mysql -uroot`\n\nExecute the following:\n\n```sql\nCREATE DATABASE grouper_local DEFAULT CHARACTER SET latin1;\ngrant all on grouper_local.* to 'root'@'localhost';\n```\n\n# Getting started\nThis project uses Spring Boot and Maven and JDK21. Install JDK21 and point your `JAVA_HOME` to this directory:\n\n`export JAVA_HOME=/Library/Java/JavaVirtualMachines/openjdk-21.jdk/Contents/Home/`\n\nTo run locally, type:\n\n`mvn spring-boot:run`\n\nWhen developing, it's convenient to just execute the applications main-method, which is in [VootServiceApplication](src/main/java/vootservice/VootServiceApplication).\n\nThis application exposes a REST-like API that is secured using oAuth2.\nTo be able to check the tokens that this application is presented with by its clients, it needs to connect to the oAuth server.\nThe oAuth server requires this application to authenticate itself. This is setup by a couple of\nproperties mentioned in the [application.properties](src/main/resources/application.properties) file that start with 'oidcng.checkToken'.\n\n\n# Deployment\nThe application contains an embedded Tomcat, so it isn't deployed as a .war-file. Instead, the application is\nstarted like any other Java programme (eg. java -jar myjarfile).\n\nWithin the OpenConext platform, this application will be fronted by Apache webserver. Apache will use Shibboleth to\nsecure the application with SAML2.\n\n## Configuration\nOn its classpath, the application has an [application.properties](src/main/resources/application.properties) file that\ncontains configuration defaults that are convenient when developing.\n\nWhen the application actually gets deployed to a meaningful platform, it is pre-provisioned with ansible and the application.properties depends on\nenvironment specific properties in the group_vars\n\nFor details, see the [Spring Boot manual](http://docs.spring.io/spring-boot/docs/1.2.1.RELEASE/reference/htmlsingle/).\n\n# Implementation\n\nThis application exposes a [VOOT2-compatible](http://openvoot.org/protocol/) HTTP/Json API.\n\nTo answer queries, this application talks to other webservices downstream. Those are:\n\n- Any client compatible with [VOOT2](http://openvoot.org/protocol/)\n- Any client compatible with [OpenSocial](http://opensocial.github.io/spec/trunk/Social-API-Server.xml#Groups-Service-GetGroups)\n- Grouper 1.6 (the persistent store behind OpenConext Teams)\n\n# Testing\n\nTo test the VOOT endpoint the authz-playground can be used. The implementation exposes two endpoints secured by Authorization Code:\n\n```\nhttps://voot.example.org/me/groups\nhttps://voot.example.org/me/groups/${fully qualified group name}\n```\n\nSome endpoints are implemented for internal use. They are secured by Client Credentials:\n\n```\nhttps://voot.example.org/internal/external-groups/${fully qualified person urn}\nhttps://voot.example.org/internal/groups/${fully qualified person urn}/${fully qualified group name}\nhttps://voot.example.org/internal/groups/${fully qualified person urn}\nhttps://voot.example.org/internal/all-groups\n```\n\nThe first internal endpoint is used by OpenConext Teams to fetch all external teams.\n\nAn additional endpoint (requiring Client Credentials) is implemented to retrieve all members of a group:\n\n```\nhttps://voot.example.org/members/${fully qualified group name}\nhttps://voot.example.org/members/${fully qualified person urn}/${fully qualified group name}\n```\n\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenconext%2Fopenconext-voot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenconext%2Fopenconext-voot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenconext%2Fopenconext-voot/lists"}