This is a simple client for the Medidata MAuth Authentication Protocol. It can be used to access Platform Services within the Medidata Clinical Cloud.
The MAuth protocol provides a fault-tolerant, service-to-service authentication scheme for Medidata and third-party applications that use web services to communicate. The Authentication Service and integrity algorithm is based on digital signatures encrypted and decrypted with a private/public key pair.
The Authentication Service has two responsibilities. It provides message integrity and provenance validation by verifying a message sender's signature; its other task is to manage public keys. Each public key is associated with an application and is used to authenticate message signatures. The private key corresponding to the public key in the Authentication Service is stored by the application making a signed request; the request is encrypted with this private key. The Authentication Service has no knowledge of the application's private key, only its public key.
A simple cli tool has been added in the cmd/go_mauth_client folder.
It can be installed using:
$ go install github.com/mdsol/go-mauth-client/cmd/go_mauth_client
See README.md for examples of usage.
Two examples have been provided:
- medidata_api_example.go - sample code illustrating use for accessing the Medidata API
- imedidata_client.go - sample code illustrating an iMedidata call
Make a keypair with:
$ mkdir keypair_dir
$ cd keypair_dir
$ openssl genrsa -out yourname_mauth.priv.key 2048
$ chmod 0600 yourname_mauth.priv.key
$ openssl rsa -in yourname_mauth.priv.key -pubout -out yourname_mauth.pub.key
Provide PUBLIC key to DevOps via Zendesk ticket with settings:
- Form: OPS - Service Request
- Assignee: OPS-Devops Cloud Team
- Service Catalog: Application support
Keep the Private key to yourself, don't check into GitHub, don't tell your mother.
You may need to generate a test string for use, this snippet will help
- Install ruby
- Use
irb
to do the following:irb(main):001:0> require 'openssl' irb(main):002:0> key_file = File.read('private_key.pem') irb(main):003:0> key = OpenSSL::PKey::RSA.new(key_file) irb(main):004:0> require 'digest' irb(main):005:0> hashed = Digest::SHA512.hexdigest("Hello world") irb(main):006:0> require 'base64' irb(main):007:0> Base64.encode64(key.private_encrypt(hashed)).delete("\n") => "IUjQhtH4C9lbCRTyca+...Tvlg=="
- Copy the string to your test case