IMPORTANT. On working via OAuth protocol the following constraint appears: if the repository is based on Oracle server, version of Oracle client must be not less than 11.
To set up login to the platform via OAuth, execute the following operations:
1. Prepare the web application:
In the pp.xml file:
1.1 In the <metabase> section put the authentication attribute to OAuth.
1.2 Add a string that is used to enable authorization via OAuth server:
<oAuthService enabled="true" />
2. Prepare the server (registry settings):
The user administrator credentials must be specified of the connection to the repository settings. To do that, specify the GOST value in the Alg registry key. The Alg registry key must be located at:
HKEY_CURRENT_USER\SOFTWARE\Foresight\Foresight Analytics Platform\9.0\Debug\Crypt
Add this key if it is not available.
3. Prepare BI server:
Check the internet availability at the server with installed BI server, make sure that access to twitter.com is provided.
If an internet connection is provided via the proxy server, enter the following environment variables:
CURLOPT_PROXY=proxy.sever.ru:8080
CURLOPT_PROXYUSERPWD=login:password
Where:
proxy.sever.ru:8080 - the proxy server and port address, via which the connection is executed
login and password - the user name and password to log in to the internet.
NOTE. To add the environmental variables, select the Computer > Properties > Advanced System Settings item, on the Advanced tab click the Environment Variables button. The Environment Variables dialog box opens, from which create the mentioned above variables.
4. Set up platform repository:
4.1. To save encrypted password to log in to repository, run the PP.Util.exe utility from the appropriate account (under which web application pool works) with the key /save_creds “repository id” /dc “user name”. The utility is located in the folder with installed Foresight Analytics Platform. After the successful startup the password for entering the repository is requested. Enter the password. After this the message "Password for metabase "repository name" and login "user name" saved" is displayed.
NOTE. The private key and certificate are the personal digital signature of the user. They are generated in PEM format using specific software tools (such as openssl).
4.2. Save the certificate to the repository:
PP.Util.exe /save_cert "path to certificate" <repository ID> <user name>
After this the utility requires password of the specified user. The obtained credentials are used to connect to the repository. The following message appears if the authorization is successful and the certificate is saved:
Certificate from file "certificate path" with identifier "certificate ID" saved to metabase "repository ID"
4.3. Save private key to the registry:
PP.Util.exe /save_private_key "key file path" <Certificate ID> <encryption algorithm := gos|pro, if is not specified, then pro>
After this the message is displayed:
Certificate from file "key path" with identifier "certificate ID" saved
5. Start the web application:
After executing the operations, the login.html page displays the Twitter icon:
Do not fill the boxes in the dialog box, click the 
button.
If everything is set up properly, the user is moved to the page where he needs to enter user name and password of the Twitter account and click the Authorize button.
After that the application is returned again to the login dialog box, from which the user is moved to the welcome page.
If the Parameter is Set Incorrectly error is displayed on clicking the button, check the connection with the desktop application: restart the desktop application, the form, services.
See also: