{"id":41591492,"url":"https://github.com/opensciencegrid/open-science-pool-registry","last_synced_at":"2026-01-24T09:31:45.681Z","repository":{"id":39796451,"uuid":"312171182","full_name":"opensciencegrid/open-science-pool-registry","owner":"opensciencegrid","description":"Token registry for the Open Science pool","archived":false,"fork":false,"pushed_at":"2025-02-07T23:05:01.000Z","size":7950,"stargazers_count":0,"open_issues_count":0,"forks_count":10,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-02-08T00:18:28.349Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/opensciencegrid.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-11-12T04:53:18.000Z","updated_at":"2024-11-01T21:46:55.000Z","dependencies_parsed_at":"2024-01-29T21:41:57.642Z","dependency_job_id":"1a7f6091-d2c1-448f-b806-69b5658243e7","html_url":"https://github.com/opensciencegrid/open-science-pool-registry","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/opensciencegrid/open-science-pool-registry","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opensciencegrid%2Fopen-science-pool-registry","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opensciencegrid%2Fopen-science-pool-registry/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opensciencegrid%2Fopen-science-pool-registry/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opensciencegrid%2Fopen-science-pool-registry/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/opensciencegrid","download_url":"https://codeload.github.com/opensciencegrid/open-science-pool-registry/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opensciencegrid%2Fopen-science-pool-registry/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28723233,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-24T08:27:05.734Z","status":"ssl_error","status_checked_at":"2026-01-24T08:27:01.197Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-01-24T09:31:45.035Z","updated_at":"2026-01-24T09:31:45.667Z","avatar_url":"https://github.com/opensciencegrid.png","language":"Python","readme":"# registration\n\nThis is the web application for Open Science Pool token registration\n\n## Structure\n\nThe web app is a [Flask](https://flask.palletsprojects.com/) app.\nThe core app is created in an \n[\"application factory\"](https://flask.palletsprojects.com/en/1.1.x/patterns/appfactories/)\nin `registry/app.py`,\nand it hooks together \n[blueprints](https://flask.palletsprojects.com/en/1.1.x/tutorial/views/)\nfound in some of the subdirectories of `registry/`.\n\nBlueprints:\n- `index` - landing page, \"about\" page, etc.\n- `account` - handles user accounts. We don't quite have registration because we use CILogon, but this is where you can go to see (for example) your contact email.\n- `signup` - handles forms for users to register themselves and their resources.\n- `connect` - provides instructions for users to install and connect their resources.\n- `token` - handles the server side of the token workflow when connecting a new data source.\n\nEach blueprint has its own `static` and `templates` directories, and there\nare also \"global\" `static` and `templates` directories that sit next to\n`app.py`. These directories are for:\n- `static` - for static assets like `.css` files, images, etc.\n- `templates` - for [Jinja HTML templates](https://flask.palletsprojects.com/en/1.1.x/templating/).\n\n### `register.py`\n\nThis repository also includes `register.py`, the client-side script for\ngetting a token for a new data source.\nIt's stored here because it talks to the `token` blueprint, and therefore\nneeds to stay in sync with it.\n\n## Development\n\nTo run the registration server locally, build and run the testing container image:\n\n1.  Build the container image:\n\n        docker build -t os-registry-test -f Dockerfile.testing .\n\n1.  Copy example configuration required by the registry server:\n\n        cp examples/config.py examples/humans.ini .\n\n1.  Start the local registry:\n\n        docker run --rm --name my-registry -it -v ${PWD}:/srv -p 8443:443 os-registry-test\n\n1.  Access the local registry in your browser by accessing \u003chttps://localhost:8443\u003e\n\n1.  For a login shell to the registry, run the following:\n\n        docker exec -it my-registry /bin/bash\n\n    Helpful log files can be found in `/var/log/httpd/` and `/var/log/condor/registration.log`.\n\nNote that changes to files copied into the container image (e.g. `COPY` lines in `Dockerfile.testing`) will require\na rebuild of the container image.\n\n## Installation\n\nClone the repository to wherever you would like to serve the application from\n(e.g., `/var/www/registration`).\n\nExample/template Apache configuration:\n```\n\u003cVirtualHost *:443\u003e\n  ServerName htpheno-cm.chtc.wisc.edu\n  ServerAdmin htcondor-inf@cs.wisc.edu\n\n  # This is the OIDC callback path\n  \u003cLocation \"/callback\"\u003e\n    \u003cRequireAny\u003e\n      Require valid-user\n    \u003c/RequireAny\u003e\n    AuthType openid-connect\n  \u003c/Location\u003e\n\n  ## Logging\n  ErrorLog \"/var/log/httpd/local_default_ssl_error_ssl.log\"\n  LogLevel info\n  ServerSignature Off\n  CustomLog \"/var/log/httpd/local_default_ssl_access_ssl.log\" combined \n\n  ## SSL directives\n  SSLEngine on\n  SSLCertificateFile      \"/var/www/hostcert.pem\"\n  SSLCertificateKeyFile   \"/var/www/hostkey.pem\"\n  SSLCertificateChainFile \"/var/www/hostcert.pem\"\n\n  ## WSGI configuration\n  WSGIDaemonProcess Registration display-name=Registration group=condor processes=2 threads=25 user=condor\n  WSGIProcessGroup Registration\n  WSGIScriptAlias / \"/var/www/registration/wsgi.py\"\n\n  ## OIDC configuration\n  OIDCProviderMetadataURL https://cilogon.org/.well-known/openid-configuration\n  OIDCClientID cilogon:/client_id/\u003csecret\u003e\n  OIDCClientSecret \u003csecret\u003e\n\n  OIDCRedirectURI https://htpheno-cm.chtc.wisc.edu/callback\n\n  # Used to encrypt the session cookie and the local cache.\n  OIDCCryptoPassphrase \u003csecret\u003e\n\n  # Control the information in the returned token.\n  OIDCScope  \"openid email org.cilogon.userinfo\"\n\n  # The value of this scope is used as the username in the environment\n  # variables provided to WSGI.\n  OIDCRemoteUserClaim  eppn\n\n\u003c/VirtualHost\u003e\n```\n\nBy default we \"protect\" everything under `/` with OIDC.\nSome pages should be \"public\", i.e., unprotected \n(right now, these are the \n\"index\" and \"about\" pages, and anything under `/static`, \nso that static assets can always be served).\nThis is managed by Apache, not the webapp.\nExample configuration below:\n\n```\n  \u003cLocation \"/\"\u003e\n    \u003cRequireAny\u003e\n      Require valid-user\n    \u003c/RequireAny\u003e\n    AuthType openid-connect\n  \u003c/Location\u003e\n\n  \u003cLocationMatch \"^/$\"\u003e\n    \u003cRequireAny\u003e\n      Require all granted\n    \u003c/RequireAny\u003e\n    AuthType none\n  \u003c/LocationMatch\u003e\n\n  \u003cLocation \"/about\"\u003e\n    \u003cRequireAny\u003e\n      Require all granted\n    \u003c/RequireAny\u003e\n    AuthType none\n  \u003c/Location\u003e\n\n  \u003cLocation \"/static\"\u003e\n    \u003cRequireAny\u003e\n      Require all granted\n    \u003c/RequireAny\u003e\n    AuthType none\n  \u003c/Location\u003e\n```\n\n\n## Configuration\n\nConfiguration options will be read out of a file named `config.py`, placed at the\nroot of the repository, next to this `README.md`. The file should contain\nglobal variables with names matching the configuration options described below,\nlike\n```python\nUSER_ID_ENV_VAR = \"REMOTE_USER\"\n```\n\n### Required\n\nThese configuration options **must** be set.\nThey do not have defaults.\n\n* `COLLECTOR` - The Open Science pool collector hostname.\n* `SERVER_NAME` - The hostname of the host server.\n* `OIDC_REDIRECT_URI` - The URI for the OIDC redirect.\n* `USER_ID_ENV_VAR` - The request environment variable that holds the user's identity.\n* `HUMANS_FILE` - The path to the file that contains information on humans.\n* `ADMIN_EMAILS` - The email addresses that will receive mail when users sign up, like `ADMIN_EMAILS = \"Foo Bar \u003cfoobar@university.edu\u003e, Wiz Bang \u003cwizbang@organization.org\u003e\"`.\n* `SUPPORT_EMAIL` - The email address to display for users to send support questions to.\n\n### Optional\n\n* `CONDOR_TOKEN_REQUEST_LIST` - The path to the `condor_token_request_list` executable. By default, discover it on `$PATH`.\n* `CONDOR_TOKEN_REQUEST_APPROVE` - The path to the `condor_token_request_approve` executable. By default, discover it on `$PATH`.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopensciencegrid%2Fopen-science-pool-registry","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopensciencegrid%2Fopen-science-pool-registry","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopensciencegrid%2Fopen-science-pool-registry/lists"}