Giter VIP home page Giter VIP logo

secure-proxy-api's Introduction

##Secure Proxy

This microservice can be used to proxy and secure multiple other microservices. At the moment, the service provides lightweight Authentication, but not Authorisation.

###Consumer Authentication

It acts as a proxy, searching for the presence of two request headers:

consmer_key : a unique identifier per Consumer.

consumer_token : a SHA-256 hash generated for the Consumer

###Setting up Services to Proxy

The application hinges on configuration to be set up in the conf/application.conf field. Here are some current examples as used by the GVM api:

services {
  "release" = {
    url = "http://localhost:8080/release"
    url = ${?RELEASE_ENDPOINT_API_URL}
    accessToken = "default_token"
    accessToken = ${?RELEASE_API_TOKEN}
  }
  "default" = {
    url = "http://localhost:8080/default"
    url = ${?DEFAULT_ENDPOINT_API_URL}
    accessToken = "default_token"
    accessToken = ${?RELEASE_API_TOKEN}
  }
  "announce/struct" = {
    url = "http://localhost:8081/announce/struct"
    url = ${?BROADCAST_STRUCT_API_URL}
    accessToken = "default_token"
    accessToken = ${?BROADCAST_API_TOKEN}
  }
}

In these configuration blocks per service, we have opted for using environment variables, although this is not a necessity. We have also provied default values for each environment variable. Each configuratoin block also specifies an accessToken which will be propagated to the underlying microservice as an access_token request header. Provided your microservice communications use SSL, your microservices should be secure.

###Creating new Consumers

An endpoint has also been provided for creating new consumers. This endpoint simply takes a JSON POST on '/consumer' of:

{"consumer": "groovy"}

and returns a JSON response:

{
  "consumerKey": "5f202e7ab75f00af194c61cc07ae6b0c",
  "consumerToken": "9d3d95435ace2906e3ba80c3dfcaf0ededb9084aabc205f6d1232121996185c2",
  "name": "groovy"
}

The endpoint is itself secured, and looks for the presence of an admin_token request header. This value of this can be set by providing an ADMIN_TOKEN environment variable, which defaults to default_token.

Once the Consumer Key and Token have been obtained, they can be used to make subsequent calls to proxied endpoints. All these calls will require consumer_key and consumer_token headers to be set respectively for each call.

Give it a spin and feel free to raise issues and pull requests!

secure-proxy-api's People

Contributors

marc0der avatar manub avatar

Watchers

avatar James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.