Overview

The following repository is provided as an environment for trying the IIIF Auth API.

https://github.com/digirati-co-uk/iiif-auth-server

In this article, we will use the above repository to try the IIIF Auth API.

Starting Up

Preparation

gcpsppidyoiittuppihrciociilinennofssn--vtteameaaunllhtvvllthe/t-nb-psvi-rsenu:rv/pr/eage/encrqgrvtauiiditverhaeutpmbeie.pnctosm./tdxitgirati-co-uk/iiif-auth-server

If version conflicts occur during pip install -r requirements.txt, try removing the version information and running again, as shown below:

aFiiJMpPssWrlitiabiitegaisnrrlxerpsfdjklvkak2aauoezrn2pwdesgSoueeargrfeoeus

Creating the Database

Then create the database.

eefxxlppaoosrrkttiFFnLLiAAtSSdKKb__ADPEPB=UiGi=itfrauueth

After executing the above, a file called iiifauth.db is created in iiif-auth-server/iiifauth.

You can inspect the database contents using tools like the following:

https://sqlitebrowser.org/dl/

Starting the Server

Execute the following:

flaskrun

Then, accessing http://127.0.0.1:5000 will display the following screen.

Preparing the Viewer

Execute the following to download Mirador 3 and start it on a local server.

wpgyetthohntt-pms:h/t/tmpi.rsaedrovre.rcultural.jp

If the following screen appears when you access http://0.0.0.0:8000, you’re all set.

Loading into the Viewer

The http://127.0.0.1:5000 page is structured with Images listed first, followed by Manifests.

This time, we’ll load the Manifests at the bottom into Mirador 3.

As an easy-to-understand example, let’s try the 02 degraded case.

Access the following URL:

http://0.0.0.0:8000/?manifest=http://0.0.0.0:5000/manifest/02_degraded

The following is displayed. Note that a login banner appears at the top of the screen, and a desaturated (grayscale) image is displayed.

Let’s try logging in. A login screen like the following appears, so click the Login button.

After logging in, the banner changes to a Log out button, and the color image is displayed.

The above is one example of using the IIIF Auth API.

Below is a screenshot of iiifauth.db opened in DB Browser for SQLite (it may be small and hard to see). You can confirm that session_id and token values are stored.

Examining info.json

The info.json for the above example is as follows.

You can confirm that the strings described in the service section were displayed in the viewer.

{}""""]""}"]"@@hp,ps,t,wcier"re""""""""""]i{}iodiohor@@cdffhlpsldn"gfttvcioeaaeare{}{}e"]"tt:hitoiodnsiiabor,ss,whetlpccn"fclldefv""""""c12481i"x""e:oet:iruuelii@p@lp:a,,,,6d:th:"/l"erirrr"lciriarlt"t:/":x"mpee":eedodbo[eh3:t2i:thLtDH:"""f"efF"1p5[i{"taiee":::i:lia:7":0i":tbosa"Ll"lc6h/6fhpencdPo"["e":et2t/,.t":l"relghh"h"o5t0ith/":ireitt:t":r6p.opt/:p"antttls:0/:t0"t:spp"po""/.a/p."Eiet::h:gh:0p/:0Lxo"o//t/ti.ii/.oanVL//t/ot[i0/i0gm"ioEi0p0upi:iii.ip:egxi.:.t:f5mfi0nlwai00"/.0a.i:"e"iImf./.,/i0gif5,Ynnp.0i0io0eo.0Iog"li.i.i////i0nu,eo0i0iai2ao0sg/:f:fpm/p//tdrIa5.5.igliaaioenp0i0i//e/putnysi0o0oi0viitu'st/00/m2em/httciaa/aa_laa/iatuapapgg2gucoalutuiuiea.etonpetht/t//uj"hpihaha2gs,krev1/u/u/uo1ieaen/ttltcin/eqrrlohohon"cusfok/g/n_litioge1o1tdnoroorinu/eetgennttlxgeish"f"lo/otrxna,u,oklg.attvlgeoojd.0helingusej2an"itods_taq/n"n.ogcu0/"jnayca20,p"uoel_2g,gusig_"ustag,ilyuanot"gu.go,ugjiupitnignh.n"ej.,wpjifgptu"ghl,"l,yocuorloeuxramvpelresiaocnc.ou<nathtroef=i\e"whttthpe:/f/uelxla-mqpulael.iotryg/cpoonltiecnyt\."">,AccessPolicy</a>",

Furthermore, within service > service, there are entries like the following. Information needed for logout and other operations is described here.

"serv]ic{}{}e,"""""":@p@lpiriar[dodbo"f"ef:i:lil"l"e":eh"h"t:t":ttlp"po":h:gh/t/t/t/ot0p0up.:.t:00"/./.,/0i0i.i.i0i0i:f:f5.5.0i0i0o0o00/a/aapapuiuit/t/haha/u/uttltohohk/g/e1o1nu/ttllo/ooklggeooingun"it/n"0/20_2g_aguaguugiuni.nj.pjgp"g,",

So far, the following URLs have appeared:

The processing for these is described in iiifauth/iiif_auth_server.py.

For example, the logout process is as follows, where you can see that the relevant record is deleted from the tokens table:

@daepfp.l"ssdddrro"eeaaaeog"rsttttuoLvsaaautuoiibbbretgcoaaan(_ensss'so_.eee"/euip..Yartdo=ecouvpxoutis=(gemhce'ecma/ergstuirl(vee_tteopitrde(gac_vb()notesi('[out"ec)dgwte"reee/r"v_ltl<niie_op,cdtsgae'eegti_)setdifsdeedrirn(ooontpmnu>ia_t/ftti"<itodieek(drre)e)nn,n:,stsiiwefdhrieevenrirtec>ie'fs_)ieiesdrs])i)on_id=?andservice_id=?',

It seems best to implement your own solution based on the above code, adapted to each institution’s environment.

The specific processing for login success/failure cases is described in the following:

{]""}"}"}c0,0,0,o122m___mI""]g""]"g"""eclaala,dalodnaauuaueuapetrbtgbtggbeg"ueh{}ueh{}ruenrsl_il_ail"a:_"sn"sdn"dB:e.:ee_::e"rr"""""""jr"""""""dddTe"vplhdcffp"vplhdcff"e"t_huSiraeeoaagLiraeeoaa:gTrfigtcobasnii"ocobasniirhuoshaefedcfllgefedcfll"aeerensileriuu:isileriuu0d,"ild"l"rirrrn"l"rirrr2ed:s.ae:"pmee{e:"pmee_dejr:":tLHDw:":tLHDg.g"npd:"iaeei:"iaeeajr0eg[L"obast[L"obasupa2i"l"oPnedch"oPnedcggd_tohgl"lerhgl"leru"egh:gtie:"ridtie:"riidaeitna:"petna:"pn:ur{nps":tgps":t_g":teE"ir:teE"id{ouI,/xL"oa/xL"oepiILaoAndLaoVngenIiEomgu"eiEomgi"rn.Fixgpit:dixgpie:a)jialnhialnwdpnfmIe"e"afmIe"i"efgo.pn,n<c.pn,nYdo"ril"Itacil"Igo.roe,nieoe,nujmJ/schs/sgpSaItarsaItrdgoOpnitepnieo"fNistiffistyn-/tu=o/tus'tLaitnraitcthDuti"utiae,tuoFhutuolahtnatnhtnepae/iita/ipbv1rlpu1rveoenee:tneeavnl"qd/hlqrreo,u"/eofus"tgi,edgoiit,hirxirroooneaunenu"sms"fs"hg,pe,u,ahtlrltvheslheia."atto,qtaruccygaycoo/loenupiustotsallylioi"otngc,gosyi\itfn"nhr>eawAwgicifmtctuehehlnsltysysoocuPuoororlfloeieuIxcxrIayaIm<mvFp/pe.lalre>esI"itaaosccncc.poouuu<rnnapttohsttreooefivv=sii\ee"cwwhotntttfhhpiie:gs/uf/rcueaolxtnlait-moeqpnnultaet.l.h"ioe,trygd/ecpmooonl"ti,ecnyt\."">,AccessPolicy</a>"

Various processing scenarios should be possible, so it would be good to experiment using the above file and the following:

https://iiifauth.digtest.co.uk/

Summary

The IIIF Auth API has not been widely adopted in Japan, with few implementations apart from Shimane University. I hope this article serves as a helpful reference.

https://current.ndl.go.jp/ca1988

I plan to investigate specific implementation methods in the future.