Sunday, 20 December 2020

ORACLE OIC - OAuth - Client with Multiple Audience from Different Resources

As we migrate from on premise to cloud ,  one of the critical requirement from customer to use user propagation capability to propagate the user credentials to ERP or Other target applications. 

This will allow the business users to track the changes and validate the records against a user making calls or updates to cloud. 

Its expected that OIC will propagate the user credentials to SaaS or other down stream application .  But this capability is not present in OIC. 

As a work around , you can configure an OIC service to receive the Authentication details in custom header and propagate to target. 

Client or users are expected to send two different authentication tokens or a single token with multiple scope or audiences.  That is the same token will be authorized in IDCS based on the audience value in the token. 

Following diagram will illustrate some of the security requirements. 






We can have an individual IDCS for each application or we can use same IDCS for multiple application.  

Users and Roles will be synced between IDCS and Cloud applications.  A sync job will be configured in IDCS to sync the users and roles. 

Above diagram illustrate the security setup and clients accessing each application using a specific token. 

Following are the some of the requirements.
  1. Client1 is configured to invoke OIC using OIC token.
  2. Client2 is configured to invoke OIC and SaaS using Single token
  3. Client2 can invoke SaaS directly using SaaS token.
  4. Client2 can invoke OIC is using OIC token. 
  5. Client3 is configured to invoke HCM using HCM token. 


  

Wednesday, 2 December 2020

Convert PEM file to PPK file

We cant use PEM file to access servers using PUTTY.  You need to convert the PEM file to PPK and then you can use the PPK file to connect to unix machine using PUTTY. 

Use the following steps to convert the PEM files to PPK file.


  • Download the PEM file 
  • Open the PuttyGen app
  • Select Type of key to generate option at the bottom as RSA.
  • Select Load
  • Select the downloaded PEM file. 
  • Putty gen will generate both PPK and Public Key. 
  • Download the ppk using Save private key option.
  • Copy the public key content from the top window and save it as public key. 
  • Use Putty and add ppk file under Auth option. 
  • Connect to Server. 

-- Happy Learning



Git Basic Commands

  • Create a remote repository using https://github.com or Oracle DCS. 
  • Generate SSH Key. 
    • Go to git bash cmd. 
    • Type   ssh-keygen  and Enter
    • Accept default values. Note down the folder. 
    • Enter Passphrase
    • Go to the folder and list the files.
    •   You will see two files - id_rsa (Private Key) id_rsa.pub (Public Key)
  • To avoid entering ssh password in case if you have given one while creating ssh key. 
    •   Run  Following Command :    eval $(ssh-agent)
    •   Then Run Following Command :  ssh-add ~private_key_path/.ssh/id_rsa
  • Add the public key in the remote server either using console or command. 
  • Get the SSH link from the Git console. 
  • Create a local folder
    • mkdir ICSLocalRepo
    • Go to local folder -  cd ICSLocalRepo
  • Clone remote repository using following commands. This will clone master branch by default. dot at the end will checkout files to current dir. 
    • git clone ssh/http_URL .
    •  Following command will create a new folder and checkout the branch.
      • git clone ssh/http_URL new_dir_name 
  • Clone a specific branch. Example - develop branch. 
    • git clone -b develop ssh/http_URL  . or new_dir_name
  • List  all remote branches. 
    • git branch -a
  • To check the remote repository details.
    •   git remote -v
  • Check the clone status using status command. 
    • git status
  • Command to add files to local repository and push it to stage
    • git add --all 
    • git add .
  • Commit command. 
    • git comit -m "Commit comments"
  • Push the changes to remote repository.
    • git push origin develop
  • Pull the latest files from remote repository. 
    • git pull --all
  • Access a specific branch 
    • git checkout develop
  • Create a new branch from a remote branch. 
    • git checkout -b release-<release-name> origin/develop
  • Push new branch to origin. 
    • git push origin release-<release-name>
  • Merge changes to a branch. This will merge the changes from new_release_branch to develop. 
    • git checkout develop 
    • git merge new_release_branch