This is an example implementation of a UMA Host, Requester and Host.

How to run

Install it via:

python develop

Then go to uma/host in three terminals and start them like this:

python 8999
python 9000
python 9001

These will represent:

  • the Requester
  • The Host with the protected resource
  • The Authorization Manager

Go to http://localhost:8999/requester

This starts the UMA flow. This will:

  • try to access http://localhost:9000/mrtopf (resource on Host)
  • will receive a 401 with the AM as information in WWW-Authenticate
  • will redirect the user via OAuth Web Server flow to the AM (9001)
  • the AM will ask the user for permission (only ok is implemented so far)
  • the AM will send a temporary code back to the Requester
  • The requester exchanged this with an access token (GET is used now, needs to be POST)
  • Then the initial request is tried again and it should show the JSON response of http://localhost:8999/requester

This is all rough and no data is actually stored. In order to do this again, restart all servers.