The hardware and bandwidth for this mirror is donated by METANET, the Webhosting and Full Service-Cloud Provider.
If you wish to report a bug, or if you are interested in having us mirror your free-software or open-source project, please feel free to contact us at mirror[@]metanet.ch.
This vignette provides a step-by-step tutorial on how to secure a Shiny application using Google authentication through the tapLock R package. tapLock simplifies the integration of OpenID Connect and OAuth 2.0 into Shiny applications, ensuring robust security with minimal coding effort.
Before proceeding, ensure you have the following: - A basic understanding of R and Shiny. - A Shiny application ready for deployment. - Access to Google Developer Console for OAuth credentials. - (Optional) A server with HTTPS enabled.
Install tapLock from GitHub using the pak
package:
Authorized JavaScript origins
to your Shiny application URL.Authorized redirect URIs
to
your Shiny application URL with the suffix /login
.client_id
and
client_secret
.Load tapLock and set up the authentication configuration:
library(taplock)
auth_config <- new_openid_config(
provider = "google",
client_id = Sys.getenv("GOOGLE_CLIENT_ID"),
client_secret = Sys.getenv("GOOGLE_CLIENT_SECRET"),
app_url = Sys.getenv("SHINY_APP_URL")
)
Replace GOOGLE_CLIENT_ID
,
GOOGLE_CLIENT_SECRET
, and SHINY_APP_URL
with
your actual credentials and application URL in your environment
variables.
Modify your Shiny app to use sso_shiny_app
:
library(shiny)
library(tapLock)
# Authentication configuration
auth_config <- new_openid_config(
provider = "google",
client_id = Sys.getenv("GOOGLE_CLIENT_ID"),
client_secret = Sys.getenv("GOOGLE_CLIENT_SECRET"),
app_url = Sys.getenv("SHINY_APP_URL")
)
# UI
ui <- fluidPage(
tags$h1("Welcome to the Secure Shiny App"),
textOutput("userInfo")
)
# Server
server <- function(input, output, session) {
output$userInfo <- renderText({
user_email <- get_token_field(token(), "email")
glue::glue("Logged in as: {user_email}")
})
}
# Secure Shiny app with tapLock
sso_shiny_app(auth_config, ui, server)
Deploy your Shiny application as you normally would. The tapLock package handles the authentication process. We recommend deploying your application with a solution like Shiny Server (Open Source or Pro) or with faucet. Solutions like Posit Connect already include authentication and do not require tapLock.
By following these steps, you have successfully secured your Shiny application with Google authentication using tapLock. This ensures that only authenticated users can access your application, enhancing its security and privacy.
These binaries (installable software) and packages are in development.
They may not be fully stable and should be used with caution. We make no claims about them.