about summary refs log tree commit diff
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2023-09-22 08:11:28 +0300
committerFrederick Muriuki Muriithi2023-10-26 05:00:27 +0300
commitb496ad27c0d5448161cf66dd9a068d9e512194af (patch)
tree8147d1e531d2e394eba9aa2e8cff55fe9cce43cb
parent418cfaa506c6094477c51ef0c3f0b3f0a8f68a85 (diff)
downloadgenenetwork2-b496ad27c0d5448161cf66dd9a068d9e512194af.tar.gz
Use gn-auth as the authorisation server.
-rw-r--r--wqflask/utility/tools.py1
-rw-r--r--wqflask/wqflask/collect.py24
-rw-r--r--wqflask/wqflask/decorators.py2
-rw-r--r--wqflask/wqflask/metadata_edits.py4
-rw-r--r--wqflask/wqflask/oauth2/checks.py4
-rw-r--r--wqflask/wqflask/oauth2/client.py18
-rw-r--r--wqflask/wqflask/oauth2/collections.py4
-rw-r--r--wqflask/wqflask/oauth2/data.py54
-rw-r--r--wqflask/wqflask/oauth2/groups.py26
-rw-r--r--wqflask/wqflask/oauth2/request_utils.py8
-rw-r--r--wqflask/wqflask/oauth2/resources.py30
-rw-r--r--wqflask/wqflask/oauth2/roles.py12
-rw-r--r--wqflask/wqflask/oauth2/toplevel.py2
-rw-r--r--wqflask/wqflask/oauth2/ui.py2
-rw-r--r--wqflask/wqflask/oauth2/users.py22
-rw-r--r--wqflask/wqflask/views.py4
16 files changed, 109 insertions, 108 deletions
diff --git a/wqflask/utility/tools.py b/wqflask/utility/tools.py
index 3dc01b91..0d1357b9 100644
--- a/wqflask/utility/tools.py
+++ b/wqflask/utility/tools.py
@@ -351,5 +351,6 @@ assert_file(JS_CYTOSCAPE_PATH + '/cytoscape.min.js')
 
 # assert_file(PHEWAS_FILES+"/auwerx/PheWAS_pval_EMMA_norm.RData")
 
+AUTH_SERVER_URL = get_setting("AUTH_SERVER_URL")
 OAUTH2_CLIENT_ID = get_setting('OAUTH2_CLIENT_ID')
 OAUTH2_CLIENT_SECRET = get_setting('OAUTH2_CLIENT_SECRET')
diff --git a/wqflask/wqflask/collect.py b/wqflask/wqflask/collect.py
index 55d922ea..f7b33a59 100644
--- a/wqflask/wqflask/collect.py
+++ b/wqflask/wqflask/collect.py
@@ -78,9 +78,9 @@ def collections_add():
     traits = request.args.get("traits", request.form.get("traits"))
     the_hash = request.args.get("hash", request.form.get("hash"))
     collections = g.user_session.user_collections
-    collections = oauth2_get("oauth2/user/collections/list").either(
+    collections = oauth2_get("auth/user/collections/list").either(
         lambda _err: tuple(), lambda colls: tuple(colls)) + no_token_get(
-            f"oauth2/user/collections/{anon_id}/list").either(
+            f"auth/user/collections/{anon_id}/list").either(
                 lambda _err: tuple(), lambda colls: tuple(colls))
 
     def __create_new_coll_error__(error):
@@ -90,7 +90,7 @@ def collections_add():
 
     if len(collections) < 1:
         new_coll = client.post(
-            "oauth2/user/collections/new",
+            "auth/user/collections/new",
             json={
                 "anon_id": str(anon_id),
                 "name": "Your Default Collection",
@@ -127,7 +127,7 @@ def collections_new():
             params.get("new_collection", "").strip() or
             datetime.datetime.utcnow().strftime('Collection_%b_%d_%H:%M'))
         request_data = {
-            "uri_path": "oauth2/user/collections/new",
+            "uri_path": "auth/user/collections/new",
             "json": {
                 "name": collection_name,
                 "anon_id": str(anon_id),
@@ -154,7 +154,7 @@ def collections_new():
         collection_id = uuid.UUID(coll_id)
         resp = redirect(url_for('view_collection', uc_id=collection_id))
         return client.post(
-            f"oauth2/user/collections/{collection_id}/traits/add",
+            f"auth/user/collections/{collection_id}/traits/add",
             json={
                 "anon_id": str(anon_id),
                 "traits": traits
@@ -185,13 +185,13 @@ def list_collections():
     params = request.args
     anon_id = session.session_info()["anon_id"]
     anon_collections = no_token_get(
-        f"oauth2/user/collections/{anon_id}/list").either(
+        f"auth/user/collections/{anon_id}/list").either(
             lambda err: {"anon_collections_error": process_error(err)},
             lambda colls: {"anon_collections": colls})
 
     user_collections = {"collections": []}
     if user_logged_in():
-        user_collections = oauth2_get("oauth2/user/collections/list").either(
+        user_collections = oauth2_get("auth/user/collections/list").either(
             lambda err: {"user_collections_error": process_error(err)},
             lambda colls: {"collections": colls})
 
@@ -216,7 +216,7 @@ def handle_anonymous_collections():
         flash(f"Success: {msg['message']}", "alert-success")
         return redirect("/")
     return oauth2_post(
-        f"oauth2/user/collections/anonymous/{choice}",
+        f"auth/user/collections/anonymous/{choice}",
         json={
             "anon_id": str(session_info()["anon_id"])
         }).either(__impdel_error__, __impdel_success__)
@@ -228,7 +228,7 @@ def remove_traits():
     traits_to_remove = process_traits(params['trait_list'])
     resp = redirect(url_for("view_collection", uc_id=uc_id))
     return client.post(
-        f"oauth2/user/collections/{uc_id}/traits/remove",
+        f"auth/user/collections/{uc_id}/traits/remove",
         json = {
             "anon_id": str(session_info()["anon_id"]),
             "traits": traits_to_remove
@@ -251,7 +251,7 @@ def delete_collection():
               if bool(item)]
     if len(uc_ids) > 0:
         return (oauth2_post if user_logged_in() else no_token_post)(
-            "oauth2/user/collections/delete",
+            "auth/user/collections/delete",
             json = {
                 "anon_id": str(session_info()["anon_id"]),
                 "collection_ids": uc_ids
@@ -328,7 +328,7 @@ def view_collection():
 
     uc_id = params['uc_id']
     request_data = {
-        "uri_path": f"oauth2/user/collections/{uc_id}/view",
+        "uri_path": f"auth/user/collections/{uc_id}/view",
         "json": {"anon_id": str(session_info()["anon_id"])}
     }
     if user_logged_in():
@@ -389,7 +389,7 @@ def change_collection_name():
     collection_id = request.form['collection_id']
     resp = redirect(url_for("view_collection", uc_id=collection_id))
     return client.post(
-        f"oauth2/user/collections/{collection_id}/rename",
+        f"auth/user/collections/{collection_id}/rename",
         json={
             "anon_id": str(session_info()["anon_id"]),
             "new_name": request.form["new_collection_name"]
diff --git a/wqflask/wqflask/decorators.py b/wqflask/wqflask/decorators.py
index b32c8fc8..88535187 100644
--- a/wqflask/wqflask/decorators.py
+++ b/wqflask/wqflask/decorators.py
@@ -130,7 +130,7 @@ def required_access(access_levels: tuple[str, ...],
                     "the authorisation checks.",
                     session_info()["user"])
             return client.post(
-                "oauth2/data/authorisation",
+                "auth/data/authorisation",
                 json={"traits": [f"{dataset_name}::{trait_name}"]}).either(
                     __error__, __success__)
         return __checker__
diff --git a/wqflask/wqflask/metadata_edits.py b/wqflask/wqflask/metadata_edits.py
index 9caccd3c..2798e4b4 100644
--- a/wqflask/wqflask/metadata_edits.py
+++ b/wqflask/wqflask/metadata_edits.py
@@ -655,7 +655,7 @@ def list_diffs():
         return {**acc, "waiting": acc["waiting"] + [item]}
 
     accessible_diffs = client.post(
-        "oauth2/data/authorisation",
+        "auth/data/authorisation",
         json={
             "traits": [
                 f"{meta['diff']['dataset_name']}::{meta['diff']['trait_name']}"
@@ -777,7 +777,7 @@ def __authorised_p__(dataset_name, trait_name):
                 ("system:resources:edit-all" in dets["privileges"]))
 
     return client.post(
-        "oauth2/data/authorisation",
+        "auth/data/authorisation",
         json={"traits": [f"{dataset_name}::{trait_name}"]}
     ).map(
         lambda adets: {
diff --git a/wqflask/wqflask/oauth2/checks.py b/wqflask/wqflask/oauth2/checks.py
index 4abeb279..4ef1ab3e 100644
--- a/wqflask/wqflask/oauth2/checks.py
+++ b/wqflask/wqflask/oauth2/checks.py
@@ -33,11 +33,11 @@ def require_oauth2(func):
 
         def __with_token__(token):
             from utility.tools import (
-                GN_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET)
+                AUTH_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET)
             client = OAuth2Session(
                 OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET, token=token)
             resp = client.get(
-                urljoin(GN_SERVER_URL, "oauth2/user/"))
+                urljoin(AUTH_SERVER_URL, "auth/user/"))
             user_details = resp.json()
             if not user_details.get("error", False):
                 return func(*args, **kwargs)
diff --git a/wqflask/wqflask/oauth2/client.py b/wqflask/wqflask/oauth2/client.py
index 2a06b156..af6a1876 100644
--- a/wqflask/wqflask/oauth2/client.py
+++ b/wqflask/wqflask/oauth2/client.py
@@ -18,7 +18,7 @@ SCOPE = ("profile group role resource register-client user masquerade "
 def oauth2_client():
     def __client__(token) -> OAuth2Session:
         from utility.tools import (
-            GN_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET)
+            AUTH_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET)
         return OAuth2Session(
             OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET,
             scope=SCOPE, token_endpoint_auth_method="client_secret_post",
@@ -40,12 +40,12 @@ def __no_token__(_err) -> Left:
 def oauth2_get(uri_path: str, data: dict = {}, **kwargs) -> Either:
     def __get__(token) -> Either:
         from utility.tools import (
-            GN_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET)
+            AUTH_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET)
         client = OAuth2Session(
             OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET,
             token=token, scope=SCOPE)
         resp = client.get(
-            urljoin(GN_SERVER_URL, uri_path),
+            urljoin(AUTH_SERVER_URL, uri_path),
             data=data,
             **kwargs)
         if resp.status_code == 200:
@@ -60,12 +60,12 @@ def oauth2_post(
         **kwargs) -> Either:
     def __post__(token) -> Either:
         from utility.tools import (
-            GN_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET)
+            AUTH_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET)
         client = OAuth2Session(
             OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET,
             token=token, scope=SCOPE)
         resp = client.post(
-            urljoin(GN_SERVER_URL, uri_path), data=data, json=json,
+            urljoin(AUTH_SERVER_URL, uri_path), data=data, json=json,
             **kwargs)
         if resp.status_code == 200:
             return Right(resp.json())
@@ -75,15 +75,15 @@ def oauth2_post(
     return session.user_token().either(__no_token__, __post__)
 
 def no_token_get(uri_path: str, **kwargs) -> Either:
-    from utility.tools import GN_SERVER_URL
-    resp = requests.get(urljoin(GN_SERVER_URL, uri_path), **kwargs)
+    from utility.tools import AUTH_SERVER_URL
+    resp = requests.get(urljoin(AUTH_SERVER_URL, uri_path), **kwargs)
     if resp.status_code == 200:
         return Right(resp.json())
     return Left(resp)
 
 def no_token_post(uri_path: str, **kwargs) -> Either:
     from utility.tools import (
-        GN_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET)
+        AUTH_SERVER_URL, OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET)
     data = kwargs.get("data", {})
     the_json = kwargs.get("json", {})
     request_data = {
@@ -99,7 +99,7 @@ def no_token_post(uri_path: str, **kwargs) -> Either:
         },
         ("data" if bool(data) else "json"): request_data
     }
-    resp = requests.post(urljoin(GN_SERVER_URL, uri_path),
+    resp = requests.post(urljoin(AUTH_SERVER_URL, uri_path),
                          **new_kwargs)
     if resp.status_code == 200:
         return Right(resp.json())
diff --git a/wqflask/wqflask/oauth2/collections.py b/wqflask/wqflask/oauth2/collections.py
index e31b4ad2..d4bfe7f0 100644
--- a/wqflask/wqflask/oauth2/collections.py
+++ b/wqflask/wqflask/oauth2/collections.py
@@ -7,10 +7,10 @@ def num_collections() -> int:
     """Compute the number of collections available for tte current sussion."""
     anon_id = session_info()["anon_id"]
     all_collections = no_token_get(
-        f"oauth2/user/collections/{anon_id}/list").either(
+        f"auth/user/collections/{anon_id}/list").either(
             lambda _err: [], lambda colls: colls)
     if user_logged_in():
         all_collections = all_collections + oauth2_get(
-            "oauth2/user/collections/list").either(
+            "auth/user/collections/list").either(
                 lambda _err: [], lambda colls: colls)
     return len(all_collections)
diff --git a/wqflask/wqflask/oauth2/data.py b/wqflask/wqflask/oauth2/data.py
index 795e9ea3..9edfe964 100644
--- a/wqflask/wqflask/oauth2/data.py
+++ b/wqflask/wqflask/oauth2/data.py
@@ -18,11 +18,11 @@ from .client import oauth2_get, oauth2_post
 data = Blueprint("data", __name__)
 
 def __search_mrna__(query, template, **kwargs):
-    from utility.tools import GN_SERVER_URL
+    from utility.tools import AUTH_SERVER_URL
     species_name = kwargs["species_name"]
-    search_uri = urljoin(GN_SERVER_URL, "oauth2/data/search")
+    search_uri = urljoin(AUTH_SERVER_URL, "auth/data/search")
     datasets = oauth2_get(
-        "oauth2/data/search",
+        "auth/data/search",
         json = {
             "query": query,
             "dataset_type": "mrna",
@@ -43,11 +43,11 @@ def __selected_datasets__():
                             request.form.get("selected", []))
 
 def __search_genotypes__(query, template, **kwargs):
-    from utility.tools import GN_SERVER_URL
+    from utility.tools import AUTH_SERVER_URL
     species_name = kwargs["species_name"]
-    search_uri = urljoin(GN_SERVER_URL, "oauth2/data/search")
+    search_uri = urljoin(AUTH_SERVER_URL, "auth/data/search")
     datasets = oauth2_get(
-        "oauth2/data/search",
+        "auth/data/search",
         json = {
             "query": query,
             "dataset_type": "genotype",
@@ -59,7 +59,7 @@ def __search_genotypes__(query, template, **kwargs):
     return render_ui(template, search_uri=search_uri, **datasets, **kwargs)
 
 def __search_phenotypes__(query, template, **kwargs):
-    from utility.tools import GN_SERVER_URL
+    from utility.tools import AUTH_SERVER_URL
     page = int(request.args.get("page", 1))
     per_page = int(request.args.get("per_page", 50))
     selected_traits = request.form.getlist("selected_traits")
@@ -71,18 +71,18 @@ def __search_phenotypes__(query, template, **kwargs):
             template, traits=[], per_page=per_page, query=query,
             selected_traits=selected_traits, search_results=search_results,
             search_endpoint=urljoin(
-                GN_SERVER_URL, "oauth2/data/search"),
-            gn_server_url = GN_SERVER_URL,
+                AUTH_SERVER_URL, "auth/data/search"),
+            gn_server_url = AUTH_SERVER_URL,
             results_endpoint=urljoin(
-                GN_SERVER_URL,
-                f"oauth2/data/search/phenotype/{job_id}"),
+                AUTH_SERVER_URL,
+                f"auth/data/search/phenotype/{job_id}"),
             **kwargs)
-    return oauth2_get("oauth2/data/search", json={
+    return oauth2_get("auth/data/search", json={
         "dataset_type": "phenotype",
         "species_name": kwargs["species_name"],
         "per_page": per_page,
         "page": page,
-        "gn3_server_uri": GN_SERVER_URL
+        "auth_server_uri": AUTH_SERVER_URL
     }).either(
         lambda err: __search_error__(process_error(err)),
         __search_success__)
@@ -94,7 +94,7 @@ def json_search_genotypes() -> Response:
         return jsonify(error), error["status_code"]
     
     return oauth2_get(
-        "oauth2/data/search",
+        "auth/data/search",
         json = {
             "query": request.json["query"],
             "dataset_type": "genotype",
@@ -111,7 +111,7 @@ def json_search_mrna() -> Response:
         return jsonify(error), error["status_code"]
 
     return oauth2_get(
-        "oauth2/data/search",
+        "auth/data/search",
         json = {
             "query": request.json["query"],
             "dataset_type": "mrna",
@@ -124,21 +124,21 @@ def json_search_mrna() -> Response:
 @data.route("/phenotype/search", methods=["POST"])
 def json_search_phenotypes() -> Response:
     """Search for phenotypes."""
-    from utility.tools import GN_SERVER_URL
+    from utility.tools import AUTH_SERVER_URL
     form = request.json
     def __handle_error__(err):
         error = process_error(err)
         return jsonify(error), error["status_code"]
 
     return oauth2_get(
-        "oauth2/data/search",
+        "auth/data/search",
         json={
             "dataset_type": "phenotype",
             "species_name": form["species_name"],
             "query": form.get("query", ""),
             "per_page": int(form.get("per_page", 50)),
             "page": int(form.get("page", 1)),
-            "gn3_server_uri": GN_SERVER_URL,
+            "auth_server_uri": AUTH_SERVER_URL,
             "selected_traits": form.get("selected_traits", [])
         }).either(__handle_error__, jsonify)
 
@@ -156,10 +156,10 @@ def list_data_by_species_and_dataset(
         "genotype": __search_genotypes__,
         "phenotype": __search_phenotypes__
     }
-    roles = oauth2_get("oauth2/user/roles").either(
+    roles = oauth2_get("auth/user/roles").either(
         lambda err: {"roles_error": process_error(err)},
         lambda roles: {"roles": roles})
-    groups = oauth2_get("oauth2/group/list").either(
+    groups = oauth2_get("auth/group/list").either(
         lambda err: {"groups_error": process_error(err)},
         lambda grps: {"groups": grps})
     query = request.args.get("query", "")
@@ -183,13 +183,13 @@ def list_data():
             **{key:val for key,val in kwargs.items()
                if key not in ("groups", "data_items", "user_privileges")})
 
-    groups = oauth2_get("oauth2/group/list").either(
+    groups = oauth2_get("auth/group/list").either(
         lambda err: {"groups_error": process_error(err)},
         lambda grp: {"groups": grp})
-    roles = oauth2_get("oauth2/user/roles").either(
+    roles = oauth2_get("auth/user/roles").either(
         lambda err: {"roles_error": process_error(err)},
         lambda roles: {"roles": roles})
-    species = oauth2_get("oauth2/data/species").either(
+    species = oauth2_get("auth/data/species").either(
         lambda err: {"species_error": process_error(err)},
         lambda species: {"species": species})
 
@@ -232,7 +232,7 @@ def link_data():
             return redirect(url_for(
                 "oauth2.data.list_data", **state_data))
         return oauth2_post(
-            "oauth2/group/data/link",
+            "auth/group/data/link",
             data={
                 "dataset_type": form["dataset_type"],
                 "dataset_ids": dataset_ids,
@@ -261,7 +261,7 @@ def link_genotype_data():
         flash(success["description"], "alert-success")
         return link_source_url
 
-    return oauth2_post("oauth2/data/link/genotype", json={
+    return oauth2_post("auth/data/link/genotype", json={
         "species_name": form.get("species_name"),
         "group_id": form.get("group_id"),
         "selected": tuple(json.loads(dataset) for dataset
@@ -288,7 +288,7 @@ def link_mrna_data():
         flash(success["description"], "alert-success")
         return link_source_url
 
-    return oauth2_post("oauth2/data/link/mrna", json={
+    return oauth2_post("auth/data/link/mrna", json={
         "species_name": form.get("species_name"),
         "group_id": form.get("group_id"),
         "selected": tuple(json.loads(dataset) for dataset
@@ -314,7 +314,7 @@ def link_phenotype_data():
         flash(success["description"], "alert-success")
         return link_source_url
 
-    return oauth2_post("oauth2/data/link/phenotype", json={
+    return oauth2_post("auth/data/link/phenotype", json={
         "species_name": form.get("species_name"),
         "group_id": form.get("group_id"),
         "selected": tuple(
diff --git a/wqflask/wqflask/oauth2/groups.py b/wqflask/wqflask/oauth2/groups.py
index 76731793..fd5ab7eb 100644
--- a/wqflask/wqflask/oauth2/groups.py
+++ b/wqflask/wqflask/oauth2/groups.py
@@ -18,7 +18,7 @@ groups = Blueprint("group", __name__)
 def user_group():
     """Get the user's group."""
     def __get_join_requests__(group, users):
-        return oauth2_get("oauth2/group/requests/join/list").either(
+        return oauth2_get("auth/group/requests/join/list").either(
             lambda error: render_ui(
                 "oauth2/group.html", group=group, users=users,
                 group_join_requests_error=process_error(error)),
@@ -26,7 +26,7 @@ def user_group():
                 "oauth2/group.html", group=group, users=users,
                 group_join_requests=gjr))
     def __success__(group):
-        return oauth2_get(f"oauth2/group/members/{group['group_id']}").either(
+        return oauth2_get(f"auth/group/members/{group['group_id']}").either(
             lambda error: render_ui(
                 "oauth2/group.html", group=group,
                 user_error=process_error(error)),
@@ -36,7 +36,7 @@ def user_group():
         return render_ui(
             "oauth2/group.html", group_error=process_error(err))
 
-    return oauth2_get("oauth2/user/group").either(
+    return oauth2_get("auth/user/group").either(
         __group_error__, __success__)
 
 @groups.route("/create", methods=["POST"])
@@ -45,7 +45,7 @@ def create_group():
     def __setup_group__(response):
         session["user_details"]["group"] = response
 
-    resp = oauth2_post("oauth2/group/create", data=dict(request.form))
+    resp = oauth2_post("auth/group/create", data=dict(request.form))
     return resp.either(
         handle_error("oauth2.group.join_or_create"),
         handle_success(
@@ -64,7 +64,7 @@ def join_or_create():
             "oauth2/group_join_or_create.html", groups=[],
             groups_error=process_error(err))
     def __group_success__(groups):
-        return oauth2_get("oauth2/user/group/join-request").either(
+        return oauth2_get("auth/user/group/join-request").either(
             __gjr_error__, partial(__gjr_success__, groups=groups))
     def __gjr_error__(err):
         return render_ui(
@@ -74,7 +74,7 @@ def join_or_create():
         return render_ui(
             "oauth2/group_join_or_create.html", groups=groups,
             group_join_request=gjr)
-    return oauth2_get("oauth2/group/list").either(
+    return oauth2_get("auth/group/list").either(
         __group_error__, __group_success__)
 
 @groups.route("/delete/<uuid:group_id>", methods=["GET", "POST"])
@@ -102,7 +102,7 @@ def list_join_requests() -> Response:
         return render_ui(
             "oauth2/join-requests.html", error=False, requests=requests,
             datetime_string=__ts_to_dt_str__)
-    return oauth2_get("oauth2/group/requests/join/list").either(
+    return oauth2_get("auth/group/requests/join/list").either(
         __fail__, __success__)
 
 @groups.route("/accept-join-requests", methods=["POST"])
@@ -116,7 +116,7 @@ def accept_join_request():
         flash("Request was accepted successfully.", "alert-success")
         return redirect(url_for("oauth2.group.list_join_requests"))
     return oauth2_post(
-        "oauth2/group/requests/join/accept",
+        "auth/group/requests/join/accept",
         data=request.form).either(
             handle_error("oauth2.group.list_join_requests"),
             __success__)
@@ -132,7 +132,7 @@ def reject_join_request():
         flash("Request was rejected successfully.", "alert-success")
         return redirect(url_for("oauth2.group.list_join_requests"))
     return oauth2_post(
-        "oauth2/group/requests/join/reject",
+        "auth/group/requests/join/reject",
         data=request.form).either(
             handle_error("oauth2.group.list_join_requests"),
             __success__)
@@ -152,13 +152,13 @@ def group_role(group_role_id: uuid.UUID):
                 if priv not in role["role"]["privileges"]))
 
     def __role_success__(role):
-        return oauth2_get("oauth2/group/privileges").either(
+        return oauth2_get("auth/group/privileges").either(
             lambda err: __render_error__(
                 group_role=group_role,
                 group_privileges_error=process_error(err)),
             lambda privileges: __gprivs_success__(role, privileges))
 
-    return oauth2_get(f"oauth2/group/role/{group_role_id}").either(
+    return oauth2_get(f"auth/group/role/{group_role_id}").either(
         lambda err: __render_error__(group_role_error=process_error(err)),
         __role_success__)
 
@@ -183,8 +183,8 @@ def add_delete_privilege_to_role(
         privilege_id = form.get("privilege_id")
         assert bool(privilege_id), "Privilege to add must be provided"
         uris = {
-            "ADD": f"oauth2/group/role/{group_role_id}/privilege/add",
-            "DELETE": f"oauth2/group/role/{group_role_id}/privilege/delete"
+            "ADD": f"auth/group/role/{group_role_id}/privilege/add",
+            "DELETE": f"auth/group/role/{group_role_id}/privilege/delete"
         }
         return oauth2_post(
             uris[direction],
diff --git a/wqflask/wqflask/oauth2/request_utils.py b/wqflask/wqflask/oauth2/request_utils.py
index 987b3c7d..2f475337 100644
--- a/wqflask/wqflask/oauth2/request_utils.py
+++ b/wqflask/wqflask/oauth2/request_utils.py
@@ -10,12 +10,12 @@ from flask import (
 from .client import SCOPE, oauth2_get
 
 def authserver_authorise_uri():
-    from utility.tools import GN_SERVER_URL, OAUTH2_CLIENT_ID
+    from utility.tools import AUTH_SERVER_URL, OAUTH2_CLIENT_ID
     req_baseurl = urlparse(request.base_url, scheme=request.scheme)
     host_uri = f"{req_baseurl.scheme}://{req_baseurl.netloc}/"
     return urljoin(
-        GN_SERVER_URL,
-        "oauth2/authorise?response_type=code"
+        AUTH_SERVER_URL,
+        "/auth/authorise?response_type=code"
         f"&client_id={OAUTH2_CLIENT_ID}"
         f"&redirect_uri={urljoin(host_uri, 'oauth2/code')}")
 
@@ -23,7 +23,7 @@ def raise_unimplemented():
     raise Exception("NOT IMPLEMENTED")
 
 def user_details():
-    return oauth2_get("oauth2/user/").either(
+    return oauth2_get("auth/user/").either(
         lambda err: {},
         lambda usr_dets: usr_dets)
 
diff --git a/wqflask/wqflask/oauth2/resources.py b/wqflask/wqflask/oauth2/resources.py
index 6f2bd5f2..7d20b859 100644
--- a/wqflask/wqflask/oauth2/resources.py
+++ b/wqflask/wqflask/oauth2/resources.py
@@ -19,7 +19,7 @@ def user_resources():
     def __success__(resources):
         return render_ui("oauth2/resources.html", resources=resources)
 
-    return oauth2_get("oauth2/user/resources").either(
+    return oauth2_get("auth/user/resources").either(
         request_error, __success__)
 
 @resources.route("/create", methods=["GET", "POST"])
@@ -35,7 +35,7 @@ def create_resource():
             resource_category=request.args.get("resource_category"))
 
     if request.method == "GET":
-        return oauth2_get("oauth2/resource/categories").either(
+        return oauth2_get("auth/resource/categories").either(
             lambda error: __render_template__(error=process_error(
                 error, "Could not retrieve resource categories")),
             lambda cats: __render_template__(categories=cats))
@@ -51,7 +51,7 @@ def create_resource():
         flash("Resource created successfully", "alert-success")
         return redirect(url_for("oauth2.resource.user_resources"))
     return oauth2_post(
-        "oauth2/resource/create", data=request.form).either(
+        "auth/resource/create", data=request.form).either(
             __perr__, __psuc__)
 
 def __compute_page__(submit, current_page):
@@ -77,7 +77,7 @@ def view_resource(resource_id: uuid.UUID):
 
     def __group_roles_success__(
             resource, unlinked_data, users_n_roles, this_user, group_roles):
-        return oauth2_get("oauth2/user/list").either(
+        return oauth2_get("auth/user/list").either(
             lambda err: render_ui(
                 "oauth2/view-resource.html", resource=resource,
                 unlinked_data=unlinked_data, users_n_roles=users_n_roles,
@@ -88,7 +88,7 @@ def view_resource(resource_id: uuid.UUID):
                 users))
 
     def __this_user_success__(resource, unlinked_data, users_n_roles, this_user):
-        return oauth2_get("oauth2/group/roles").either(
+        return oauth2_get("auth/group/roles").either(
             lambda err: render_ui(
                 "oauth2/view-resources.html", resource=resource,
                 unlinked_data=unlinked_data, users_n_roles=users_n_roles,
@@ -97,7 +97,7 @@ def view_resource(resource_id: uuid.UUID):
                 resource, unlinked_data, users_n_roles, this_user, groles))
 
     def __users_n_roles_success__(resource, unlinked_data, users_n_roles):
-        return oauth2_get("oauth2/user/").either(
+        return oauth2_get("auth/user/").either(
             lambda err: render_ui(
                 "oauth2/view-resources.html",
                 this_user_error=process_error(err)),
@@ -105,7 +105,7 @@ def view_resource(resource_id: uuid.UUID):
                 resource, unlinked_data, users_n_roles, usr_dets))
 
     def __unlinked_success__(resource, unlinked_data):
-        return oauth2_get(f"oauth2/resource/{resource_id}/user/list").either(
+        return oauth2_get(f"auth/resource/{resource_id}/user/list").either(
             lambda err: render_ui(
                 "oauth2/view-resource.html",
                 resource=resource,
@@ -118,7 +118,7 @@ def view_resource(resource_id: uuid.UUID):
 
     def __resource_success__(resource):
         dataset_type = resource["resource_category"]["resource_category_key"]
-        return oauth2_get(f"oauth2/group/{dataset_type}/unlinked-data").either(
+        return oauth2_get(f"auth/group/{dataset_type}/unlinked-data").either(
             lambda err: render_ui(
                 "oauth2/view-resource.html", resource=resource,
                 unlinked_error=process_error(err)),
@@ -127,14 +127,14 @@ def view_resource(resource_id: uuid.UUID):
     def __fetch_resource_data__(resource):
         """Fetch the resource's data."""
         return client.get(
-            f"oauth2/resource/view/{resource['resource_id']}/data?page={page}"
+            f"auth/resource/view/{resource['resource_id']}/data?page={page}"
             f"&count_per_page={count_per_page}").either(
                 lambda err: {
                     **resource, "resource_data_error": process_error(err)
                 },
                 lambda resdata: {**resource, "resource_data": resdata})
 
-    return oauth2_get(f"oauth2/resource/view/{resource_id}").map(
+    return oauth2_get(f"auth/resource/view/{resource_id}").map(
         __fetch_resource_data__).either(
             lambda err: render_ui(
                 "oauth2/view-resource.html",
@@ -164,7 +164,7 @@ def link_data_to_resource():
             flash(f"Data linked to resource successfully", "alert-success")
             return redirect(url_for(
                 "oauth2.resource.view_resource", resource_id=resource_id))
-        return oauth2_post("oauth2/resource/data/link", data=dict(form)).either(
+        return oauth2_post("auth/resource/data/link", data=dict(form)).either(
             __error__,
             __success__)
     except AssertionError as aserr:
@@ -193,7 +193,7 @@ def unlink_data_from_resource():
             return redirect(url_for(
                 "oauth2.resource.view_resource", resource_id=resource_id))
         return oauth2_post(
-            "oauth2/resource/data/unlink", data=dict(form)).either(
+            "auth/resource/data/unlink", data=dict(form)).either(
             __error__, __success__)
     except AssertionError as aserr:
         flash(aserr.args[0], "alert-danger")
@@ -222,7 +222,7 @@ def assign_role(resource_id: uuid.UUID) -> Response:
                 "oauth2.resource.view_resource", resource_id=resource_id))
 
         return oauth2_post(
-            f"oauth2/resource/{resource_id}/user/assign",
+            f"auth/resource/{resource_id}/user/assign",
             data={
                 "group_role_id": group_role_id,
                 "user_email": user_email
@@ -253,7 +253,7 @@ def unassign_role(resource_id: uuid.UUID) -> Response:
                 "oauth2.resource.view_resource", resource_id=resource_id))
 
         return oauth2_post(
-            f"oauth2/resource/{resource_id}/user/unassign",
+            f"auth/resource/{resource_id}/user/unassign",
             data={
                 "group_role_id": group_role_id,
                 "user_id": user_id
@@ -277,7 +277,7 @@ def toggle_public(resource_id: uuid.UUID):
             "oauth2.resource.view_resource", resource_id=resource_id))
 
     return oauth2_post(
-        f"oauth2/resource/{resource_id}/toggle-public", data={}).either(
+        f"auth/resource/{resource_id}/toggle-public", data={}).either(
             lambda err: __handle_error__(err),
             lambda suc: __handle_success__(suc))
 
diff --git a/wqflask/wqflask/oauth2/roles.py b/wqflask/wqflask/oauth2/roles.py
index 652719a8..1549e105 100644
--- a/wqflask/wqflask/oauth2/roles.py
+++ b/wqflask/wqflask/oauth2/roles.py
@@ -28,11 +28,11 @@ def user_roles():
         uprivs = tuple(
             privilege["privilege_id"] for role in roles
             for privilege in role["privileges"])
-        return oauth2_get("oauth2/group/roles").either(
+        return oauth2_get("auth/group/roles").either(
             lambda err: __grerror__(roles, uprivs, err),
             lambda groles: __grsuccess__(roles, uprivs, groles))
 
-    return oauth2_get("oauth2/user/roles").either(
+    return oauth2_get("auth/user/roles").either(
         request_error, __role_success__)
 
 @roles.route("/role/<uuid:role_id>", methods=["GET"])
@@ -41,7 +41,7 @@ def role(role_id: uuid.UUID):
     def __success__(the_role):
         return render_ui("oauth2/role.html", role=the_role)
 
-    return oauth2_get(f"oauth2/role/view/{role_id}").either(
+    return oauth2_get(f"auth/role/view/{role_id}").either(
         request_error, __success__)
 
 @roles.route("/create", methods=["GET", "POST"])
@@ -67,12 +67,12 @@ def create_role():
             prev_role_name=request.args.get("role_name"))
 
     def __fetch_gprivs__(roles):
-        return oauth2_get("oauth2/group/privileges").either(
+        return oauth2_get("auth/group/privileges").either(
             lambda err: __gprivs_error__(roles, err),
             lambda gprivs: __success__(roles, gprivs))
 
     if request.method == "GET":
-        return oauth2_get("oauth2/user/roles").either(
+        return oauth2_get("auth/user/roles").either(
             __roles_error__, __fetch_gprivs__)
 
     form = request.form
@@ -92,6 +92,6 @@ def create_role():
         flash("Role created successfully.", "alert-success")
         return redirect(url_for("oauth2.role.user_roles"))
     return oauth2_post(
-        "oauth2/group/role/create",data={
+        "auth/group/role/create",data={
             "role_name": role_name, "privileges[]": privileges}).either(
         __create_error__,__create_success__)
diff --git a/wqflask/wqflask/oauth2/toplevel.py b/wqflask/wqflask/oauth2/toplevel.py
index eeeb2da3..65f60067 100644
--- a/wqflask/wqflask/oauth2/toplevel.py
+++ b/wqflask/wqflask/oauth2/toplevel.py
@@ -51,7 +51,7 @@ def authorisation_code():
             "client_id": app.config["OAUTH2_CLIENT_ID"]
         }
         return no_token_post(
-            "oauth2/token", data=request_data).either(
+            "auth/token", data=request_data).either(
                 lambda err: __error__(process_error(err)), __success__)
     flash("AuthorisationError: No code was provided.", "alert-danger")
     return redirect("/")
diff --git a/wqflask/wqflask/oauth2/ui.py b/wqflask/wqflask/oauth2/ui.py
index 315aae2b..39b735fb 100644
--- a/wqflask/wqflask/oauth2/ui.py
+++ b/wqflask/wqflask/oauth2/ui.py
@@ -9,7 +9,7 @@ def render_ui(templatepath: str, **kwargs):
     """Handle repetitive UI rendering stuff."""
     roles = kwargs.get("roles", tuple()) # Get roles if already provided
     if user_logged_in() and not bool(roles): # If not, try fetching them
-        roles_results = oauth2_get("oauth2/user/roles").either(
+        roles_results = oauth2_get("auth/user/roles").either(
             lambda err: {"roles_error": process_error(err)},
             lambda roles: {"roles": roles})
         kwargs = {**kwargs, **roles_results}
diff --git a/wqflask/wqflask/oauth2/users.py b/wqflask/wqflask/oauth2/users.py
index 1ff23d17..fc451b93 100644
--- a/wqflask/wqflask/oauth2/users.py
+++ b/wqflask/wqflask/oauth2/users.py
@@ -33,12 +33,12 @@ def user_profile():
     def __roles_success__(roles):
         if bool(usr_dets.get("group")):
             return __render__(usr_dets, roles)
-        return oauth2_get("oauth2/user/group/join-request").either(
+        return oauth2_get("auth/user/group/join-request").either(
             lambda err: __render__(
                 user_details, group_join_error=process_error(err)),
             lambda gjr: __render__(usr_dets, roles=roles, group_join_request=gjr))
 
-    return oauth2_get("oauth2/user/roles").either(
+    return oauth2_get("auth/user/roles").either(
         lambda err: __render__(usr_dets, role_error=process_error(err)),
         __roles_success__)
 
@@ -59,13 +59,13 @@ def request_add_to_group() -> Response:
               "alert-success")
         return redirect(url_for("oauth2.user.user_profile"))
 
-    return oauth2_post(f"oauth2/group/requests/join/{group_id}",
+    return oauth2_post(f"auth/group/requests/join/{group_id}",
                        data=form).either(__error__, __success__)
 
 @users.route("/login", methods=["GET", "POST"])
 def login():
     """Route to allow users to sign up."""
-    from utility.tools import GN_SERVER_URL
+    from utility.tools import AUTH_SERVER_URL
     next_endpoint=request.args.get("next", False)
 
     if request.method == "POST":
@@ -73,7 +73,7 @@ def login():
         client = oauth2_client()
         try:
             token = client.fetch_token(
-                urljoin(GN_SERVER_URL, "oauth2/token"),
+                urljoin(AUTH_SERVER_URL, "auth/token"),
                 username=form.get("email_address"),
                 password=form.get("password"),
                 grant_type="password")
@@ -101,10 +101,10 @@ def login():
 
 @users.route("/logout", methods=["GET", "POST"])
 def logout():
-    from utility.tools import GN_SERVER_URL
+    from utility.tools import AUTH_SERVER_URL
     if user_logged_in():
         resp = oauth2_client().revoke_token(
-            urljoin(GN_SERVER_URL, "oauth2/revoke"))
+            urljoin(AUTH_SERVER_URL, "auth/revoke"))
         the_session = session.session_info()
         if not bool(the_session["masquerading"]):
             # Normal session - clear and go back.
@@ -124,7 +124,7 @@ def logout():
 
 @users.route("/register", methods=["GET", "POST"])
 def register_user():
-    from utility.tools import GN_SERVER_URL
+    from utility.tools import AUTH_SERVER_URL
     if user_logged_in():
         next_endpoint=request.args.get("next", "/")
         flash(("You cannot register a new user while logged in. "
@@ -137,7 +137,7 @@ def register_user():
 
     form = request.form
     response = requests.post(
-        urljoin(GN_SERVER_URL, "oauth2/user/register"),
+        urljoin(AUTH_SERVER_URL, "auth/user/register"),
         data = {
             "user_name": form.get("user_name"),
             "email": form.get("email_address"),
@@ -160,7 +160,7 @@ def masquerade():
     """Masquerade as a particular user."""
     if request.method == "GET":
         this_user = session.session_info()["user"]
-        return client.get("oauth2/user/list").either(
+        return client.get("auth/user/list").either(
             lambda err: render_ui(
                 "oauth2/masquerade.html", users_error=process_error(err)),
             lambda usrs: render_ui(
@@ -184,7 +184,7 @@ def masquerade():
         flash("You must provide a user to masquerade as.", "alert-danger")
         return redirect(url_for("oauth2.user.masquerade"))
     return client.post(
-        "oauth2/user/masquerade/",
+        "auth/user/masquerade/",
         json={"masquerade_as": request.form.get("masquerade_as")}).either(
             with_flash_error(redirect(url_for("oauth2.user.masquerade"))),
             __masq_success__)
diff --git a/wqflask/wqflask/views.py b/wqflask/wqflask/views.py
index d2f33b71..87202170 100644
--- a/wqflask/wqflask/views.py
+++ b/wqflask/wqflask/views.py
@@ -160,7 +160,7 @@ def index_page():
                                anon_id=anon_id)
 
     return no_token_get(
-        f"oauth2/user/collections/{anon_id}/list").either(
+        f"auth/user/collections/{anon_id}/list").either(
             lambda err: __render__([]),
             __render__)
 
@@ -522,7 +522,7 @@ def show_trait_page():
     trait_id = request.args["trait_id"]
 
     return client.post(
-        "oauth2/data/authorisation",
+        "auth/data/authorisation",
         json={
             "traits": [f"{dataset}::{trait_id}"]
         }).either(with_flash_error(render_template("show_trait_error.html")),