This demo application is designed to show a practical example on how to create an application and a productizer that connect to a Dataspace built with the IOXIO Dataspace technology and implement HTTP Message Signatures for data verification.
This repository contains 3 applications:
- Python FastAPI backend that is responsible for authentication and requesting data from data sources
- React-based frontend application.
- Python Flask productizer that acts as a data source and returns fake weather data
Main idea is to demonstrate how to:
- Retrieve data products from Product Gateway
- Implement a productizer
- Sign and verify each request from an app to a productizer and from a productizer to an application
- backend - Python FastAPI backend
- main.py - All the backend routes, e.g. for authentication or data retrieval
- settings.py - Backend configuration
- http_sig.py - Helpers for HTTP Message Signatures
- frontend - React application
- containers - Root containers for handling data products
- components - Stateless components to simplify following the containers' logic
- utils - Some helpers, e.g. for making network requests to the backend
- productizer - Productizer implementation
- main.py - Weather route
- http_sig.py - Helpers for HTTP Message Signatures
Before running the app locally, you have to:
-
Register your application in the Developer Portal. Use the following values in the form:
- Redirect URI:
http://localhost:3000/api/auth
- Logout redirect URI:
http://localhost:3000
Note: In the next step you will need the Client ID and Client secret that get generated when you complete the registration of the application.
- Redirect URI:
-
Create the backend/.env file based on backend/.env.example and set the variables with the values from the previous step.
Before running backend and productizer you need to
generate RSA keys and add them as PRIVATE_KEY
to
.env
in backend and productizer folders. Those keys are used for HTTP Message
Signatures.
- Python 3.9+ - For running the backend
- Poetry - Python dependency management tool
- Node - For running the frontend
- pnpm - Node package manager
- pre-commit - Runs hooks before you commit to e.g. format
your code. Make sure you run
pre-commit install
after checking out the repo.
cd backend
poetry install
poetry run dev
NOTE! It's important that backend is running with 2 workers because during ongoing request productizer will try to access backend's JWKs.
cd productizer
poetry install
poetry run flask --app app.main run --debug
cd frontend
pnpm install
pnpm dev
By default services are running at the following ports:
- Frontend at http://localhost:3000
- Backend at http://localhost:8088
- Productizer at http://localhost:5000
Backend and productizer host their public keys at <BASE_URL>/.well-known/jwks.json
and
each service use this URL to verify HTTP Message Signatures. The URLs are set in
settings.py
of each service as HTTP_SIG_VERIFY_JWKS_URI
.
Here's an example of the output when all the services are set up properly: