Virtuoso SPARQL OAuth Tutorial

The following sample scenario demonstrates the OAuth keys and Protected SPARQL Endpoint features of the Virtuoso Auth UI:

1. Download and install the conductor_dav.vad and policy_manager_dav.vad packages.
2. From the Conductor UI create user test1, enable SQL and DAV logins, and grant it the SPARQL_UPDATE role:
   1. Go to http://<cname>:<port>/conductor, where <cname>:<port> are replaced by your local server values.
   2. Log in as user "dba" or another user with DBA privileges
   3. Go to System Admin -> User Account and click the "Create New Account" link
      
      
      
      
   4. In the form:
      1. Enter user name, password, and confirm password, e.g., "test1", "test1pwd", "test1pwd".
      2. Check "Allow DAV Logins"
      3. Check "Allow SQL/ODBC Logins"
      4. Add Role "SPARQL_UPDATE" from the list of available Roles to the "Selected" box.
         
         
         
         
   5. Click the "Save" button.
   6. The user test1 will be shown as created.
      
      
      
      
3. Go to http://<cname>:<port>/policy_manager/, where <cname>:<port> are replaced by your local server values.
   
   
   
   
4. Click the "OAuth Keys" link
5. Log in as user test1
   
   
   
   
6. The OAuth application registration form will be shown.
   
   
   
   
7. Select SPARQL from the "Application name" list, and click the "Generate Keys" button.
8. A Consumer Key for SPARQL will be generated. It will look something like this:
   

   
   cf92411e17f59960a4189451bfb5bf6b92c856e3
   

   
   
   
   
   
   
9. Click the "Back to main menu" link .
10. Click the "Protected SPARQL Endpoint" link.
11. The OpenLink Virtuoso SPARQL Query form will be shown.
    
    
    
    
12. Enter the following for Default Graph URI:
    

    
    http://myopenlink.net/dataspace/person/kidehen#this
    

    
    
13. For "OAuth token", enter the Consumer Key value which was generated above, i.e.,
    

    
    cf92411e17f59960a4189451bfb5bf6b92c856e3
    

    
    
    
    
    
    
14. Click the "Run Query" button.
15. In the OAuth Authorization Service form, enter the password for user test1 and click the "Login" button.
    
    
    
    
16. In the new form, click the "Authorize" button.
    
    
    
    
17. The query results will be shown:
    
    
    
    

References

• OpenLink's explanation of OAuth
• Virtuoso OAuth server
• Using OAuth with ODS
• ODS Ubiquity Commands
• Virtuoso OAuth Implementation
• ODS Controllers
• Testing Virtuoso OAuth with 3rd Party OAuth Clients
• OAuth Ubiquity Tutorial
• Virtuoso OAuth Test Tool for ODS Controllers
• ODS Ubiquity Tutorials
• OAuth Applications Authentication examples
• OAuth API
• Virtuoso Authentication Server UI.
• SPARQL OAuth Tutorial
• FOAF+SSL Support in OpenLink Data Spaces.
• FOAF+SSL ACLs Tutorial
• Guide for Set up a X.509 certificate issuer and HTTPS listener and generate ODS user certificates.
• CA Keys Import using Conductor