Merge branch 'main' of https://github.com/Sage-Bionetworks/release_ad…

…ministrator

.github/workflows/shinyapps_deploy.yml

@@ -30,7 +30,7 @@ jobs:
         run: |
           sudo apt-get update
           sudo apt-get install -y pip python3.8-venv libcurl4-openssl-dev libpng-dev libfontconfig1-dev libharfbuzz-dev libfribidi-dev libtiff-dev libxml2-dev
-      
+
       - uses: actions/checkout@v3
 
       - uses: r-lib/actions/setup-pandoc@v2
@@ -44,21 +44,6 @@ jobs:
       
       - uses: r-lib/actions/setup-renv@v2
 
-      - name: Install Schematic
-        shell: bash
-        run: |
-          # has to activate each bash step
-          source .venv/bin/activate
-          pip3 install poetry
-          echo Installing develop branch of schematic from github
-          git clone --single-branch --branch develop https://github.com/Sage-Bionetworks/schematic.git
-          cp .github/schematic_config.yml schematic/config.yml
-          cd schematic
-          poetry build
-          pip3 install dist/schematicpy-1.0.0-py3-none-any.whl
-          schematic --help
-
-
       - name: Set Configurations
         shell: bash
         run: |

R/app_server.R

@@ -11,14 +11,29 @@ app_server <- function( input, output, session ) {
   options(shiny.reactlog = TRUE)
 
   # AUTHENTICATION
-  access_token = projectlive.modules::get_oauth_access_token(
-    oauth_list = OAUTH_LIST, session = session
+  params <- parseQueryString(isolate(session$clientData$url_search))
+  if (!has_auth_code(params)) {
+    return()
+  }
+
+  redirect_url <- paste0(
+    api$access, "?", "redirect_uri=", app_url, "&grant_type=",
+    "authorization_code", "&code=", params$code
   )
-
-  syn <- synapseclient$Synapse()
-  #browser()
-  syn$login(authToken = access_token)
-
+
+  # get the access_token and userinfo token
+  req <- httr::POST(redirect_url, 
+                    encode = "form", 
+                    body = "", 
+                    httr::authenticate(app$key, app$secret, type = "basic"), 
+                    config = list())
+  # Stop the code if anything other than 2XX status code is returned
+
+  httr::stop_for_status(req, task = "get an access token")
+  token_response <- httr::content(req, type = NULL)
+  access_token <- token_response$access_token
+
+  session$userData$access_token <- access_token
   # DEV STUFF ###########################################################################
 
   # read in configs

R/app_ui.R

@@ -6,11 +6,7 @@
 #' @noRd
 #' 
 
-app_ui <- function(req) {
-  projectlive.modules::oauth_ui(req, ui_function, OAUTH_LIST)
-}
-
-ui_function <- function() {
+app_ui <- function() {
 
   tagList(
     # Leave this function for adding external resources
@@ -175,3 +171,15 @@ golem_add_external_resources <- function(){
     # for example, you can add shinyalert::useShinyalert() 
   )
 }
+
+uiFunc <- function(req) {
+  if (!has_auth_code(parseQueryString(req$QUERY_STRING))) {
+    authorization_url <- httr::oauth2.0_authorize_url(api, app, scope = scope)
+    return(tags$script(HTML(sprintf(
+      "location.replace(\"%s\");",
+      authorization_url
+    ))))
+  } else {
+    app_ui()
+  }
+}

R/global.R

@@ -1,23 +1,60 @@
-## Set Up Virtual Environment
-# ShinyAppys has a limit of 7000 files which this app' grossly exceeds
-# due to its Python dependencies.  To get around the limit we zip up
-# the virtual environment before deployment and unzip it here.
+# SET UP OAUTH
+oauth_client <- yaml::yaml.load_file("oauth_config.yml")
 
-# unzip virtual environment, named as ".venv.zip"
-if (!file.exists(".venv")) utils::unzip(".venv.zip")
+client_id <- toString(oauth_client$client_id)
+client_secret <- toString(oauth_client$client_secret)
+app_url <- toString(oauth_client$app_url)
 
-# We get a '126' error (non-executable) if we don't do this:
-system("chmod -R +x .venv")
+if (is.null(client_id) || nchar(client_id) == 0) stop("missing DCA_CLIENT_ID environmental variable")
+if (is.null(client_secret) || nchar(client_secret) == 0) stop("missing DCA_CLIENT_SECRET environmental variable")
+if (is.null(app_url) || nchar(app_url) == 0) stop("missing DCA_APP_URL environmental variable")
 
-# Activate virtual env
-Sys.unsetenv("RETICULATE_PYTHON")
-reticulate::use_virtualenv(file.path(getwd(), ".venv"), required = TRUE)
-
-# set shiny port
+# update port if running app locally
 if (interactive()) {
-  options(shiny.port = 8100)
+  port <- httr::parse_url(app_url)$port
+  if (is.null(port)) stop("running locally requires a TCP port that the application should listen on")
+  options(shiny.port = as.numeric(port))
+}
+
+has_auth_code <- function(params) {
+  # params is a list object containing the parsed URL parameters. Return TRUE if
+  # based on these parameters, it looks like auth code is present that we can
+  # use to get an access token. If not, it means we need to go through the OAuth
+  # flow.
+  return(!is.null(params$code))
 }
 
-message(Sys.getenv())
+app <- httr::oauth_app("shinysynapse",
+                       key = client_id,
+                       secret = client_secret,
+                       redirect_uri = app_url
+)
+
+# These are the user info details ('claims') requested from Synapse:
+claims <- list(
+  family_name = NULL,
+  given_name = NULL,
+  email = NULL,
+  email_verified = NULL,
+  userid = NULL,
+  orcid = NULL,
+  is_certified = NULL,
+  is_validated = NULL,
+  validated_given_name = NULL,
+  validated_family_name = NULL,
+  validated_location = NULL,
+  validated_email = NULL,
+  validated_company = NULL,
+  validated_at = NULL,
+  validated_orcid = NULL,
+  company = NULL
+)
+
+claimsParam <- jsonlite::toJSON(list(id_token = claims, userinfo = claims))
+api <- httr::oauth_endpoint(
+  authorize = paste0("https://signin.synapse.org?claims=", claimsParam),
+  access = "https://repo-prod.prod.sagebase.org/auth/v1/oauth2/token"
+)
 
-OAUTH_LIST <- projectlive.modules::create_oauth_list("oauth_config.yml")
+# The 'openid' scope is required by the protocol for retrieving user information.
+scope <- "openid view download modify"

R/run_app.R

@@ -16,7 +16,7 @@ run_app <- function(
 ) {
   with_golem_options(
     app = shinyApp(
-      ui = app_ui,
+      ui = uiFunc,
       server = app_server,
       onStart = onStart,
       options = options, 

inst/golem-config.yml

@@ -5,4 +5,4 @@ default:
 production:
   app_prod: yes
 dev:
-  golem_wd: /Users/lwolfe/Documents/work/ibc-fair/data_flow
+  golem_wd: !expr here::here()