annotate Sphinx/source/plugins/google-cloud-platform.rst @ 299:d1ef8472b711

fix
author Alain Mazy <alain@mazy.be>
date Tue, 21 Jan 2020 18:06:28 +0100
parents f9e7036d81d0
children 011b01ccf52d
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
254
63cc25161330 skeleton of gcp
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
1 .. _google:
63cc25161330 skeleton of gcp
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
2
63cc25161330 skeleton of gcp
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
3
63cc25161330 skeleton of gcp
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
4 Google Cloud Platform plugin
63cc25161330 skeleton of gcp
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
5 ============================
63cc25161330 skeleton of gcp
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
6
63cc25161330 skeleton of gcp
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
7 .. contents::
63cc25161330 skeleton of gcp
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
8
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
9
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
10 Introduction
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
11 ------------
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
12
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
13 Osimis freely provides the `source code
257
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 256
diff changeset
14 <https://bitbucket.org/osimis/orthanc-gcp/src>`__ of a plugin to
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 256
diff changeset
15 interface Orthanc with the Healthcare API of `Google Cloud Platform
259
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
16 (GCP) <https://en.wikipedia.org/wiki/Google_Cloud_Platform>`__ through
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
17 `DICOMweb <https://www.dicomstandard.org/dicomweb/>`__.
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
18
260
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
19 This GCP plugin turns Orthanc into a DICOMweb client connected to GCP
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
20 servers, enabling the upload of DICOM images using STOW-RS, the
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
21 querying of the cloud content using QIDO-RS, and the retrieval of
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
22 remote content using WADO-RS. These operations can be possibly
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
23 :ref:`scripted <dicomweb-client>` thanks to the REST API of Orthanc.
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
24
260
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
25 Concretely, the role of the GCP plugin is to `manage the credentials
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
26 <https://cloud.google.com/docs/authentication/>`__ to Google Cloud
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
27 Platform. It requires the official :ref:`DICOMweb plugin <dicomweb>`
260
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
28 to be installed, as all the user interactions are done through the
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
29 latter plugin. As soon as Orthanc is started, the GCP plugin
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
30 automatically acquires then periodically refreshes the access tokens,
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
31 transparently updating the remote :ref:`DICOMweb servers
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
32 <dicomweb-client-config>` that are known to the DICOMweb plugin. The
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
33 access tokens can be derived either from service accounts, or from
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
34 user accounts.
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
35
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
36 This page makes the assumption that you have created a Google Cloud
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
37 Platform project, in which you have enabled the `Healthcare API
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
38 <https://cloud.google.com/healthcare/>`__, and in which you have
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
39 created a `DICOM store
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
40 <https://cloud.google.com/healthcare/docs/how-tos/dicom>`__.
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
41
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
42
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
43
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
44 Compilation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
45 -----------
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
46
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
47 .. highlight:: text
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
48
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
49 The procedure to compile the GCP plugin is similar of that for the
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
50 :ref:`core of Orthanc <compiling>`. The following commands should work
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
51 on any recent UNIX-like distribution (including GNU/Linux)::
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
52
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
53 $ mkdir Build
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
54 $ cd Build
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
55 $ cmake .. -DSTATIC_BUILD=ON -DCMAKE_BUILD_TYPE=Release
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
56 $ make
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
57
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
58 The compilation produces a shared library
259
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
59 ``OrthancGoogleCloudPlatform`` that contains the GCP
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
60 plugin. Pre-compiled binaries for Microsoft Windows `are available
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
61 <http://www.orthanc-server.com/browse.php?path=/plugin-google-cloud>`__,
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
62 and are included in the `Windows installers
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
63 <https://www.orthanc-server.com/download-windows.php>`__.
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
64
260
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
65 Under the hood, the GCP plugin is built on the top of the official
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
66 `Google Cloud Platform C++ Client Libraries
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
67 <https://github.com/googleapis/google-cloud-cpp>`__.
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
68
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
69
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
70
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
71 Configuration
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
72 -------------
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
73
260
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
74 Dependencies
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
75 ^^^^^^^^^^^^
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
76
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
77 As explained above, the GCP plugin requires Orthanc (with version
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
78 above 1.5.4), and the :ref:`official DICOMweb plugin <dicomweb>` to be
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
79 installed (with version above 1.0). All the communications with Google
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
80 Cloud Platform are done using the DICOMweb plugin, and the
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
81 responsibility of the GCP plugin is to aquire and periodically refresh
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
82 the access tokens whose lifetime is limited.
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
83
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
84
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
85 Common parameters
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
86 ^^^^^^^^^^^^^^^^^
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
87
260
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
88 There are some common parameters to be set. Firstly, the ``Plugins``
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
89 :ref:`configuration option <configuration>` of Orthanc must contain
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
90 the path that contains the ``OrthancGoogleCloudPlatform`` shared
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
91 library.
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
92
260
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
93 Secondly, obtaining the access tokens for Google Cloud Platform
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
94 necessitates a sequence of HTTPS requests. As a consequence, the
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
95 Orthanc configuration must specify how the authenticity of the Google
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
96 servers is verified. You have two possibilities to that end:
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
97
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
98 1. Disabling the verification of the remote servers (**not recommended
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
99 in production**). This is done by setting option ``HttpsVerifyPeers``
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
100 to ``false``.
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
101
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
102 2. Providing a list of `trusted Certificate Authorities (CA)
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
103 <https://curl.haxx.se/docs/sslcerts.html>`__ to the HTTPS client
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
104 that is internally used by Orthanc (namely, `cURL
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
105 <https://en.wikipedia.org/wiki/CURL>`__). This is done by properly
299
Alain Mazy <alain@mazy.be>
parents: 260
diff changeset
106 setting ``HttpsCACertificates`` option, so that it points to a file
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
107 containing a store of CA certificates. Depending on your operating
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
108 system, this file can be found as follows:
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
109
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
110 * On Debian-based system, the standard file
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
111 ``/etc/ssl/certs/ca-certificates.crt`` can be used.
260
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
112 * On other systems (including Microsoft Windows), the cURL project
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
113 provides `CA certificates
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
114 <https://curl.haxx.se/docs/caextract.html>`__ that are extracted
260
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
115 from Mozilla.
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
116
259
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
117 Note that to debug HTTPS communications, you have the possibility of
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
118 setting the ``HttpVerbose`` configuration option of Orthanc to
260
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
119 ``true``. It can also be useful to run Orthanc in ``--verbose`` mode
259
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
120 (check out :ref:`this page <log>`).
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
121
254
63cc25161330 skeleton of gcp
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
122
63cc25161330 skeleton of gcp
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
123
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
124 Service account
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
125 ^^^^^^^^^^^^^^^
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
126
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
127 As explained on the `Google documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
128 <https://cloud.google.com/docs/authentication/#service_accounts>`__,
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
129 *"a service account is a Google account that represents an
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
130 application, as opposed to representing an end user"*. This is
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
131 presumably the most common situation in the case of Orthanc.
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
132
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
133 You first have to `create a service account
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
134 <https://cloud.google.com/docs/authentication/getting-started#creating_a_service_account>`__
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
135 for your application. This will produce a JSON file (say,
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
136 ``dicom-osimis.json``) that you have to store securely on the server
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
137 that will run Orthanc.
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
138
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
139 .. highlight:: json
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
140
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
141 Secondly, you have to modify the :ref:`Orthanc configuration
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
142 <configuration>` in order to provide the GCP plugin with your service
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
143 account file and with the parameters of your `DICOM store
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
144 <https://cloud.google.com/healthcare/docs/how-tos/dicom>`__. Here is a
256
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 255
diff changeset
145 sample, minimalist configuration of Orthanc::
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
146
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
147 {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
148 "HttpsCACertificates": "/etc/ssl/certs/ca-certificates.crt",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
149 "Plugins" : [ "." ],
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
150 "GoogleCloudPlatform" : {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
151 "Accounts": {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
152 "my-google" : {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
153 "Project" : "osimis-test",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
154 "Location" : "europe-west2",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
155 "Dataset" : "test",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
156 "DicomStore" : "dicom",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
157 "ServiceAccountFile" : "dicom-osimis.json"
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
158 }
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
159 }
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
160 }
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
161 }
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
162
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
163
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
164 In this example, once the GCP plugin has succeeded to authenticate
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
165 using the service account, the DICOMweb plugin will provide access to
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
166 the cloud DICOM store at URI ``/dicom-web/servers/my-google/`` of the
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
167 REST API of Orthanc.
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
168
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
169
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
170 User account
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
171 ^^^^^^^^^^^^
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
172
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
173 User account is an alternative to service account, and can be used
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
174 *"when the application needs to access resources on behalf of an end
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
175 user"* (check out the `Google documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
176 <https://cloud.google.com/docs/authentication/#user_accounts>`__).
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
177
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
178 .. highlight:: json
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
179
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
180 The easiest way of setting up a user account is through the `gcloud
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
181 command-line tool <https://cloud.google.com/sdk/gcloud/>`__.
256
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 255
diff changeset
182 `Google's quick-starts
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
183 <https://cloud.google.com/sdk/docs/quickstarts>`__ explain how to
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
184 initialize the environment depending on your operating system (check
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
185 out the "Initialize the SDK" sections, which essentially boil down to
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
186 calling ``gcloud init``).
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
187
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
188
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
189 .. highlight:: bash
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
190
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
191 Once the ``gcloud init`` command-line has been invoked, you can
259
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
192 extract credentials to be used by Orthanc by typing the following
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
193 command::
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
194
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
195 $ gcloud auth print-access-token --format json
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
196
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
197
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
198 .. highlight:: json
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
199
260
f9e7036d81d0 updating DICOMweb documentation
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 259
diff changeset
200 This command generates a JSON file containing all the required
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
201 information, that can be written to a file (say,
256
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 255
diff changeset
202 ``dicom-user.json``). Given this file, here is a sample, minimalist
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
203 configuration of Orthanc::
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
204
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
205 {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
206 "HttpsCACertificates": "/etc/ssl/certs/ca-certificates.crt",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
207 "Plugins" : [ "." ],
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
208 "GoogleCloudPlatform" : {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
209 "Accounts": {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
210 "my-google" : {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
211 "Project" : "osimis-test",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
212 "Location" : "europe-west2",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
213 "Dataset" : "test",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
214 "DicomStore" : "dicom",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
215 "AuthorizedUserFile" : "dicom-osimis.json"
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
216 }
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
217 }
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
218 }
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
219 }
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
220
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
221 In this example, once the GCP plugin has succeeded to authenticate
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
222 using the user account, the DICOMweb plugin will provide access to the
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
223 cloud DICOM store at URI ``/dicom-web/servers/my-google/`` of the REST
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
224 API of Orthanc.
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
225
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
226
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
227 .. highlight:: bash
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
228
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
229 Note that only 3 fields in the JSON file produced by the ``gcloud auth
259
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
230 print-access-token`` command are required: ``client_id``,
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
231 ``client_secret``, and ``refresh_token``. Instead of using the full
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
232 JSON file, you can extract only these fields, e.g. using the `jq
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
233 <https://stedolan.github.io/jq/>`__ command-line tool::
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
234
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
235 $ gcloud auth print-access-token --format json | jq '{ AuthorizedUserClientId: .client_id, AuthorizedUserClientSecret:.client_secret, AuthorizedUserRefreshToken:.refresh_token }'
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
236 {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
237 "AuthorizedUserClientId": "XXXXXXXXXX.apps.googleusercontent.com",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
238 "AuthorizedUserClientSecret": "ZmssLNXXXXXX",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
239 "AuthorizedUserRefreshToken": "1/e2ngXXXXXX"
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
240 }
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
241
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
242
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
243 .. highlight:: json
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
244
259
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
245 These fields can then be copied/pasted as follows in order to create a
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
246 configuration for Orthanc that is equivalent to the one using the
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
247 separate JSON file::
255
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
248
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
249 {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
250 "HttpsCACertificates": "/etc/ssl/certs/ca-certificates.crt",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
251 "Plugins" : [ "." ],
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
252 "GoogleCloudPlatform" : {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
253 "Accounts": {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
254 "my-google" : {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
255 "Project" : "osimis-test",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
256 "Location" : "europe-west2",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
257 "Dataset" : "test",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
258 "DicomStore" : "dicom",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
259 "AuthorizedUserClientId": "XXXXXXXXXX.apps.googleusercontent.com",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
260 "AuthorizedUserClientSecret": "ZmssLNXXXXXX",
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
261 "AuthorizedUserRefreshToken": "1/e2ngXXXXXX"
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
262 }
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
263 }
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
264 }
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 254
diff changeset
265 }
259
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
266
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
267
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
268 Advanced options
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
269 ^^^^^^^^^^^^^^^^
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
270
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
271 .. highlight:: json
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
272
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
273 Some advanced configuration options are available as well, as
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
274 summarized in this excerpt::
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
275
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
276 {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
277 ...
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
278 // In seconds, must be large enough to send/receive your largest studies
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
279 // using WADO or STOW, depending on the speed of your Internet connection
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
280 "HttpTimeout" : 600,
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
281
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
282 "GoogleCloudPlatform" : {
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
283 ...
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
284 // Path to the URL of the GCP services
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
285 "BaseUrl" : "https://healthcare.googleapis.com/v1beta1/"
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
286 }
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 258
diff changeset
287 }