Mercurial > hg > orthanc-authorization
annotate Plugin/DefaultConfiguration.json @ 73:512247750f0a
new ValidityDuration arg in create token API
author | Alain Mazy <am@osimis.io> |
---|---|
date | Fri, 03 Mar 2023 10:41:27 +0100 |
parents | e381ba725669 |
children | 57e98fc07ab2 |
rev | line source |
---|---|
71 | 1 { |
2 "Authorization" : { | |
72
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
3 // The Base URL of the auth webservice. This is an alias for all 3 next configurations: |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
4 // // "WebServiceUserProfileUrl" : " ROOT /user/get-profile", |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
5 // // "WebServiceTokenValidationUrl" : " ROOT /tokens/validate", |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
6 // // "WebServiceTokenCreationBaseUrl" : " ROOT /tokens/", |
73
512247750f0a
new ValidityDuration arg in create token API
Alain Mazy <am@osimis.io>
parents:
72
diff
changeset
|
7 // You should define it only if your auth webservice implements all 3 routes ! |
72
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
8 // "WebServiceRootUrl" : "http://change-me:8000/", |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
9 |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
10 // The URL of the auth webservice route implementing user profile (optional) |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
11 // (this configuration was previously named "WebService" and its old name is still accepted |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
12 // for backward compatibility) |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
13 // "WebServiceUserProfileUrl" : "http://change-me:8000/user/profile", |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
14 |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
15 // The URL of the auth webservice route implementing resource level authorization (optional) |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
16 // "WebServiceTokenValidationUrl" : "http://change-me:8000/tokens/validate", |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
17 |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
18 // The Base URL of the auth webservice route to create tokens (optional) |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
19 // "WebServiceTokenCreationBaseUrl" : "http://change-me:8000/tokens/", |
71 | 20 |
21 // The username and password to connect to the webservice (optional) | |
22 //"WebServiceUsername": "change-me", | |
23 //"WebServicePassword": "change-me", | |
24 | |
25 // An identifier added to the payload of each request to the auth webservice (optional) | |
26 //"WebServiceIdentifier": "change-me" | |
27 | |
28 // The name of the HTTP headers that may contain auth tokens | |
29 //"TokenHttpHeaders" : [], | |
30 | |
31 // the name of the GET arguments that may contain auth tokens | |
32 //"TokenGetArguments" : [], | |
33 | |
34 // A list of predefined configurations for well-known plugins | |
35 // "StandardConfigurations": [ // new in v 0.4.0 | |
36 // "osimis-web-viewer", | |
37 // "stone-webviewer", | |
38 // "orthanc-explorer-2" | |
39 // ], | |
40 | |
41 //"UncheckedResources" : [], | |
42 //"UncheckedFolders" : [], | |
43 //"CheckedLevel" : "studies", | |
44 //"UncheckedLevels" : [], | |
45 | |
46 // Definition of required "user-permissions". This can be fully customized. | |
72
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
47 // You may define other permissions yourself as long as they match the permissions |
71 | 48 // provided in the user-profile route implemented by the auth-service. |
49 // You may test your regex in https://regex101.com/ by selecting .NET (C#) and removing the leading ^ and trailing $ | |
50 // The default configuration is suitable for Orthanc-Explorer-2 (see TBD sample) | |
51 "Permissions" : [ | |
52 // elemental browsing in OE2 | |
53 ["post", "^/tools/find$", "all|view"], | |
54 ["get" , "^/(patients|studies|series|instances)/([a-f0-9-]+)/(studies|series|instances)$", "all|view"], | |
55 ["get" , "^/instances/([a-f0-9-]+)/(tags|header)$", "all|view"], | |
56 ["get" , "^/statistics$", "all|view"], | |
57 | |
58 // monitor jobs you have created | |
59 ["get" , "^/jobs/([a-f0-9-]+)$", "all|send|modify|anonymize|q-r-remote-modalities"], | |
60 | |
61 // downloads: not functional yet, we need one-time-tokens | |
62 ["get" , "^/(patients|studies|series|instances)/([a-f0-9-]+)/archive$", "all|download"], | |
63 ["get" , "^/(patients|studies|series|instances)/([a-f0-9-]+)/media$", "all|download"], | |
64 | |
65 // interacting with peers/modalities/dicomweb | |
66 ["post", "^/(peers|modalities)/(.*)/store$", "all|send"], | |
67 ["get" , "^/(peers|modalities)$", "all|send|q-r-remote-modalities"], | |
68 ["post", "^/modalities/(.*)/echo$", "all|send|q-r-remote-modalities"], | |
69 ["post", "^/modalities/(.*)/query$", "all|q-r-remote-modalities"], | |
70 ["get", "^/queries/([a-f0-9-]+)/answers$", "all|q-r-remote-modalities"], | |
71 ["post", "^/modalities/(.*)/move$", "all|q-r-remote-modalities"], | |
72 ["get" , "^/DICOM_WEB_ROOT/(servers)/(.*)/stow$", "all|send"], | |
73 | |
74 // upload | |
75 ["post", "^/instances$", "all|upload"], | |
76 | |
77 // modifications/anonymization | |
78 ["post", "^/(patients|studies|series|instances)/([a-f0-9-]+)/modify(.*)$", "all|modify"], | |
79 ["post", "^/(patients|studies|series|instances)/([a-f0-9-]+)/anonymize(.*)$", "all|anonymize"] | |
80 | |
81 ] | |
82 } | |
83 } |