Hi,
I'm having a devil of a time understanding how I use OAuth2 to access the new My Europeana bits of the API (
https://www.assembla.com/spaces/europeana/tickets/405 - I'm told this stuff is now available on the live server too).
My scenario is an overnight harvester which will take a particular user's Saved Items and import them into another system. As such, it is a non-interactive OAuth client, so if there is any redirecting to login servers etc I will need to automate the login (I have the user's credentials) -- but I can't imagine this would be necessary. What I do imagine to be necessary is for the user to allow my client to access his details - once, as part of setting things up.
As I'm new to OAuth I'm unsure of how it works exactly. I've read the client portions of the OAuth2 RFC but have a hard time relating it to the information I have about Europeana OAuth2 access:
There are plenty of examples out there of how to access Twitter and Facebook via OAuth2, but in my ignorance of OAuth2 I can't tell how their concepts map to Europeana. In any case, there always seems to be a bit where it says, "and now the redirect to the login page" which suggests the examples are for interactive apps.
I'm using Python rauth (
https://rauth.readthedocs.org/en/latest/) to prototype a client. If I can get that to work I can sniff the HTTP traffic and understand the interactions.
As I understand it, I need to:
- register my client with Europeana to obtain a client id and client secret -- but how/where?
- obtain an access token from http://europeana.eu/oauth/token -- I think this will involve interactive authorisation (the user granting my client access to his details), but hopefully only once?
- thereafter, have my client refresh/authorise the token (via http://europeana.eu/oauth/authorize) before I make API requests
Does anyone have experience of this, or know enough about OAuth2 to advise? My kingdom for some sample code!