Versions Compared

Old Version 15

changes.mady.by.user Erik de Rooij

Saved on

compared with

New Version Current

changes.mady.by.user Orshi Egressy-Molnár

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Since 2017.01 the Digital Delta import assumes that authentication is required for the given serverUrl, the properties clientId and clientSecret are required in the import configuration file. When using the google authentication service, the property refreshToken is also needed. By default the import will use "https://accounts.google.com/o/oauth2/token" as tokenUrl, optionally, a tokenUrl property can be specified.  Note that other authentication services have not yet been tested.

Digital Delta offer two version of enidpoints. By default, version 1.0 is used. Since 2021.02 version 2.0 is also supported by FEWS. To use the new version, add version v2 to the properties. (See below.) Supported versions are currently v1 and v2.


Digital Delta import may need oauth2 authorisation. The exact way of accessing the bearer token for authorization depends on the requirements of the authorization of the server. FEWS has a default oauth2 token provider. If the import needs a different oauth2 token provider it can be configured as a string property, authProviderClass.


Example Import configuration file:

Code Block
languagexml
<?xml version="1.0" encoding="UTF-8"?>
<timeSeriesImportRun xmlns="http://www.wldelft.nl/fews"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="http://www.wldelft.nl/fews http://fews.wldelft.nl/schemas/version1.0/timeSeriesImportRun.xsd">
<!-- This is an example import configuration file for importing Observations and Measurements data from a service -->
<import>
    <general>
        <importType>DigitalDelta</importType>
        <serverUrl>http://host:port/FewsWebServices/rest/digitaledelta/12.0/timeseries</serverUrl>
        <relativeViewPeriod unit="hour" start="-5" end="0" startOverrulable="true" endOverrulable="true"/>
        <idMapId>IdImportDD</idMapId>
    </general>
	<properties>
		<!-- Required: These properties are used to get an authentication token from the authentication service -->
		<string key="clientId" value="XXXX"/>
		<string key="clientSecret" value="XXXX"/>
 
        <!-- Optional: The refresh_token used by the Google authentication service -->
		 <properties>
         <string key="refreshTokenversion" value="XXXXv2"></>
 
		<!-- Optional: The url used to obtain an authentication token, by default the Google authentication service is used -->
		string>
         <string key="tokenUrlauthProviderClass" value="https://accounts.google.com/o/oauth2/token"/>
    nl.wldelft.util.io.auth.DigitalDeltaAuth2TokenProvider"></string>
     </properties>
    <timeSeriesSet>
       <moduleInstanceId>ImportDD</moduleInstanceId>
       <valueType>scalar</valueType>
       <parameterId>MyPar</parameterId>
       <locationSetId>MyLocSet</locationSetId>
       <timeSeriesType>external historical</timeSeriesType>
       <timeStep unit="nonequidistant"/>
       <readWriteMode>add originals</readWriteMode>
       <synchLevel>1</synchLevel>
    </timeSeriesSet>
</import>
</timeSeriesImportRun>

...

Code Block
languagexml
<?xml version="1.0" encoding="UTF-8"?>
<idMap version="1.1" xmlns="http://www.wldelft.nl/fews" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.wldelft.nl/fews http://fews.wldelft.nl/schemas/version1.0/idMap.xsd">
 <!--
    map internal timeseries directly to external timeseries
    externalLocation should be set to the locationCode
    externalParameter should be set to the observationTypeUuid
    The Digital Delta parser queries each timeseries separately.
 -->
 
<map internalLocation="MyLoc1" internalParameter="MyPar1" externalLocation="10160355000" externalParameter="44656c7461726573404645575340542e6f62732e6d65616e" />
<map internalLocation="MyLoc2" internalParameter="MyPar1" externalLocation="10160360000" externalParameter="44656c7461726573404645575340542e6f62732e6d65616e" />
 
</idMap>

DigitaleDelta Authentication

Currently the server import supports OAuth2 authentication

OAuth2 Authentication

Digital Delta Authentication

As of release 2017.02 it is also possible to configure OAuth2 authentication. This functionality has been backported to Stable 2017.01, however the way to configure this in the older releases differs.

OAuth2 Authentication version 2017.02 and later


Code Block
languagexml
<general>
    <importType>DigitalDelta</importType>
    <serverUrl>http://dummy_hostname

 

<general>
    <importTypeStandard>wml2_server</importTypeStandard>
    <serverUrl>http://host
:port/FewsWebServices/rest/digitaledelta/1.0/timeseries</serverUrl>
    

    <!--
<user>username<
 <user>dummy_username</user> --
>                
>                <!-- normally not required for OAuth2 -->
    

    <!--
<password>userpassword<
 <password>dummy_password</password> --
>    
>    <!-- normally not required for OAuth2 -->
    <oauth2Config>
        

    <oauth2Config>
        <!-- Required: URL from which to receive the access token -->
        <authUrl>https

        <authUrl>https://sso.aquadesk.nl/connect/
token</authUrl>        
token</authUrl>
        <!--
 Optional: For proper OAuth2 authentication a client_id and 
client_secret are required. However in some cases the authentication URL
 does not require this.
             Instead Basic Authentication is required to access the authUrl. Here the user and password fields shown above are required -->
        <clientId>openid client id</clientId>
        <clientSecret>openid client secret</clientSecret>
        <!-- Optional Array: Scope of request -->
        <scope>openid</scope>
        <scope>email</scope>
        <!-- Optional Array: Audience for whom request is intended. Used to validate response. If omitted the clientId and username become are used -->
        <audience>audienceId</audience>
        <audience>audienceId2</audience>
       <!-- Optional: Issuer of the access token. Used to validate response. If omitted the root url of authUrl is used. -->
        <issuer>https
 
             Instead
 Basic Authentication is required to access the authUrl. Here the user 
and password fields shown above are required -->
        <clientId>openid client id</clientId>
        <clientSecret>openid client secret</clientSecret>
        <!-- Optional Array: Scope of request -->
        <scope>openid</scope>
        <scope>email</scope>
        <!-- Optional Array: Audience for whom request is intended. Used to validate response. If omitted the clientId and username become are used -->
        <audience>audienceId</audience>
        <audience>audienceId2</audience>
       <!-- Optional: Issuer of the access token. Used to validate response. If omitted the root url of authUrl is used. -->
        <issuer>https://sso.aquadesk.
nl<
nl</issuer>
       

       <!-- Optional: A refresh token can be used if provider supports this. -->
        <refreshToken>refresh access 

        <refreshToken>refresh access token</refreshToken>
    

    </oauth2Config>
    ...

    ...
 </general>


OAuth2 Authentication versions before 2017.02


Code Block
languagexml
<general>
    <importType>DigitalDelta</importType>
    <serverUrl>http://dummy_hostname:port/FewsWebServices/rest/digitaledelta/1.0/timeseries</serverUrl>
    <!-- <user>dummy_username</user> -->                <!-- normally not required for OAuth2 -->
    <!-- <password>dummy_password</password> -->    <!-- normally not required for OAuth2 -->    
    ...
 </general>
<properties>
   <string key="authUrl" value="https://accounts.google.com/o/oauth2/token" />
   <string key="issuer" value="https://sso.aquadesk.nl" />
   <string key="clientId" value="id...." />
   <string key="clientSecret" value="*****" />
</properties>
 </general>