{"id":13787828,"url":"https://github.com/Joffref/opa-middleware","last_synced_at":"2025-05-12T02:30:30.923Z","repository":{"id":59048287,"uuid":"528574963","full_name":"Joffref/opa-middleware","owner":"Joffref","description":"opa-middleware gather all the middlewares you need to use Open Policy Agent with your API","archived":false,"fork":false,"pushed_at":"2024-03-14T11:31:55.000Z","size":297,"stargazers_count":19,"open_issues_count":2,"forks_count":5,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-11-18T01:39:17.742Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Joffref.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-08-24T19:57:28.000Z","updated_at":"2024-03-28T07:16:02.000Z","dependencies_parsed_at":"2024-03-14T12:50:39.995Z","dependency_job_id":null,"html_url":"https://github.com/Joffref/opa-middleware","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Joffref%2Fopa-middleware","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Joffref%2Fopa-middleware/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Joffref%2Fopa-middleware/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Joffref%2Fopa-middleware/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Joffref","download_url":"https://codeload.github.com/Joffref/opa-middleware/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253662528,"owners_count":21944090,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-03T21:00:32.039Z","updated_at":"2025-05-12T02:30:30.610Z","avatar_url":"https://github.com/Joffref.png","language":"Go","readme":"# Open Policy Agent Middleware\n\nThis middleware integrates Open Policy Agent (OPA) to your http/gin/fiber/echo app.\nYou can use it to enforce policies on endpoints.\nYou can use OPA as local policy engine, or as a remote policy engine.\n\n## Installation\n\n```bash\ngo get github.com/Joffref/opa-middleware\n```\n\n## Usage Generic with OPA and HTTP\n\n### Local based policy engine\n\n```go\npackage main\n\nimport (\n\t\"github.com/Joffref/opa-middleware\"\n\t\"github.com/Joffref/opa-middleware/config\"\n\t\"net/http\"\n)\n\nvar Policy = `\npackage policy\n\ndefault allow = false\n\nallow {\n\tinput.path = \"/api/v1/users\"\n\tinput.method = \"GET\"\n}`\n\ntype H struct {\n\tName string\n}\n\nfunc (h *H) ServeHTTP(w http.ResponseWriter, r *http.Request) {\n\tw.Write([]byte(\"Hello World : \" + h.Name))\n}\n\nfunc main() {\n\thandler, err := opamiddleware.NewHTTPMiddleware(\n\t\t\u0026config.Config{\n\t\t\tPolicy: Policy,\n\t\t\tQuery:  \"data.policy.allow\",\n\t\t\tInputCreationMethod: func(r *http.Request) (map[string]interface{}, error) {\n\t\t\t\treturn map[string]interface{}{\n\t\t\t\t\t\"path\":   r.URL.Path,\n\t\t\t\t\t\"method\": r.Method,\n\t\t\t\t}, nil\n\t\t\t},\n\t\t\tExceptedResult:   true,\n\t\t\tDeniedStatusCode: 403,\n\t\t\tDeniedMessage:    \"Forbidden\",\n\t\t},\n\t\t\u0026H{\n\t\t\tName: \"John Doe\",\n\t\t},\n\t)\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\thttp.HandleFunc(\"/\", handler.ServeHTTP)\n\terr = http.ListenAndServe(\":8080\", nil)\n\tif err != nil {\n\t\treturn\n\t}\n}\n```\n\n### Remote based policy engine\nThe policy is the same as above, but the policy is stored in a remote server.\n```go\npackage main\n\nimport (\n\t\"github.com/Joffref/opa-middleware\"\n\t\"github.com/Joffref/opa-middleware/config\"\n\t\"net/http\"\n)\n\ntype H struct {\n\tName string\n}\n\nfunc (h *H) ServeHTTP(w http.ResponseWriter, r *http.Request) {\n\tw.Write([]byte(\"Hello World : \" + h.Name))\n}\n\nfunc main() {\n\thandler, err := opamiddleware.NewHTTPMiddleware(\n\t\t\u0026config.Config{\n\t\t\tURL: \"http://localhost:8181/\",\n\t\t\tQuery:  \"data.policy.allow\",\n\t\t\tInputCreationMethod: func(r *http.Request) (map[string]interface{}, error) {\n\t\t\t\treturn map[string]interface{}{\n\t\t\t\t\t\"path\":   r.URL.Path,\n\t\t\t\t\t\"method\": r.Method,\n\t\t\t\t}, nil\n\t\t\t},\n\t\t\tExceptedResult:   true,\n\t\t\tDeniedStatusCode: 403,\n\t\t\tDeniedMessage:    \"Forbidden\",\n\t\t},\n\t\t\u0026H{\n\t\t\tName: \"John Doe\",\n\t\t},\n\t)\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\thttp.HandleFunc(\"/\", handler.ServeHTTP)\n\terr = http.ListenAndServe(\":8080\", nil)\n\tif err != nil {\n\t\treturn\n\t}\n}\n```\n\n## Usage with GIN\n```go\npackage main\n\nimport (\n\t\"github.com/Joffref/opa-middleware\"\n\t\"github.com/Joffref/opa-middleware/config\"\n\t\"github.com/gin-gonic/gin\"\n)\n\nfunc main() {\n\tr := gin.Default()\n\tmiddleware, err := opamiddleware.NewGinMiddleware(\n\t\t\u0026config.Config{\n\t\t\tURL:           \"http://localhost:8181/\",\n\t\t\tQuery:            \"data.policy.allow\",\n\t\t\tExceptedResult:   true,\n\t\t\tDeniedStatusCode: 403,\n\t\t\tDeniedMessage:    \"Forbidden\",\n\t\t},\n\t\tfunc(c *gin.Context) (map[string]interface{}, error) {\n\t\t\treturn map[string]interface{}{\n\t\t\t\t\"path\":   c.Request.URL.Path,\n\t\t\t\t\"method\": c.Request.Method,\n\t\t\t}, nil\n\t\t},\n\t)\n\tif err != nil {\n\t\treturn\n\t}\n\tr.Use(middleware.Use())\n\tr.GET(\"/ping\", func(c *gin.Context) {\n\t\tc.JSON(200, gin.H{\n\t\t\t\"message\": \"pong\",\n\t\t})\n\t})\n\tr.Run(\":8080\")\n}\n```\n\n## Usage with Fiber\n```go\npackage main\n\nimport (\n\t\"github.com/Joffref/opa-middleware\"\n\t\"github.com/Joffref/opa-middleware/config\"\n\t\"github.com/gofiber/fiber/v2\"\n)\n\nfunc main() {\n\tapp := fiber.New()\n\tmiddleware, err := opamiddleware.NewFiberMiddleware(\n\t\t\u0026config.Config{\n\t\t\tURL:           \"http://localhost:8181/\",\n\t\t\tQuery:            \"data.policy.allow\",\n\t\t\tExceptedResult:   true,\n\t\t\tDeniedStatusCode: 403,\n\t\t\tDeniedMessage:    \"Forbidden\",\n\t\t},\n\t\tfunc(c *fiber.Ctx) (map[string]interface{}, error) {\n\t\t\treturn map[string]interface{}{\n\t\t\t\t\"path\":   c.Path(),\n\t\t\t\t\"method\": c.Method(),\n\t\t\t}, nil\n\t\t},\n\t)\n\tif err != nil {\n\t\treturn\n\t}\n\tapp.Use(middleware.Use())\n\tapp.Get(\"/ping\", func(c *fiber.Ctx) error {\n\t\terr := c.JSON(\"pong\")\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n\tapp.Listen(\":8080\")\n}\n```\n\n## Usage with Echo\n```go\npackage main\n\nimport (\n\t\"github.com/Joffref/opa-middleware\"\n\t\"github.com/Joffref/opa-middleware/config\"\n\t\"github.com/labstack/echo/v4\"\n)\n\nfunc main() {\n\te := echo.New()\n\tmiddleware, err := opamiddleware.NewEchoMiddleware(\n\t\t\u0026config.Config{\n\t\t\tURL:           \"http://localhost:8181/\",\n\t\t\tQuery:            \"data.policy.allow\",\n\t\t\tExceptedResult:   true,\n\t\t\tDeniedStatusCode: 403,\n\t\t\tDeniedMessage:    \"Forbidden\",\n\t\t},\n\t\tfunc(c echo.Context) (map[string]interface{}, error) {\n\t\t\treturn map[string]interface{}{\n\t\t\t\t\"path\":   c.Request().URL.Path,\n\t\t\t\t\"method\": c.Request().Method,\n\t\t\t}, nil\n\t\t},\n\t)\n\tif err != nil {\n\t\treturn\n\t}\n\te.Use(middleware.Use())\n\te.GET(\"/ping\", func(c echo.Context) error {\n\t\terr := c.JSON(200, \"pong\")\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n\te.Start(\":8080\")\n}\n```","funding_links":[],"categories":["Middlewares","Language and Platform Integrations","⚙️ Middlewares"],"sub_categories":["Go","🌱 Third Party"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FJoffref%2Fopa-middleware","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FJoffref%2Fopa-middleware","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FJoffref%2Fopa-middleware/lists"}