{"id":19488593,"url":"https://github.com/authbroker/authbroker","last_synced_at":"2025-07-04T23:34:50.339Z","repository":{"id":34932636,"uuid":"188807539","full_name":"authbroker/authbroker","owner":"authbroker","description":"Authentication and Authorization module of HTTP/MQTT/CoAP Brokers based on NodeJS for IoT or Internet of Things.","archived":false,"fork":false,"pushed_at":"2022-03-30T11:09:07.000Z","size":533,"stargazers_count":8,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-20T02:38:34.885Z","etag":null,"topics":["aedes","authentication","authorization","broker","coap","http","internet-of-things","iot","mosca","mqtt","ponte"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/authbroker.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-05-27T08:54:06.000Z","updated_at":"2025-01-19T04:11:50.000Z","dependencies_parsed_at":"2022-07-21T17:32:46.382Z","dependency_job_id":null,"html_url":"https://github.com/authbroker/authbroker","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/authbroker%2Fauthbroker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/authbroker%2Fauthbroker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/authbroker%2Fauthbroker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/authbroker%2Fauthbroker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/authbroker","download_url":"https://codeload.github.com/authbroker/authbroker/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250872408,"owners_count":21500810,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aedes","authentication","authorization","broker","coap","http","internet-of-things","iot","mosca","mqtt","ponte"],"created_at":"2024-11-10T21:04:07.985Z","updated_at":"2025-04-25T18:32:47.933Z","avatar_url":"https://github.com/authbroker.png","language":"JavaScript","funding_links":[],"categories":["Table of Contents","Integrations"],"sub_categories":["Software"],"readme":"# Authentication and Authorization Module for Brokers\n\n[![Open Source Love](https://badges.frapsoft.com/os/v1/open-source.svg?v=103)](https://github.com/ellerbrock/open-source-badges/) [![Build Status](https://travis-ci.org/authbroker/authbroker.svg)](https://travis-ci.com/authbroker/authbroker)\n\n\u003cdiv align=\"center\"\u003e\n    \u003cimg src=\"https://github.com/authbroker/authbroker/blob/master/docs/asset/repository-open-graph.png\" width=\"500px\"\u003c/img\u003e \n\u003c/div\u003e\n\nAuthentication and Authorization module of HTTP/MQTT/CoAP Brokers based on NodeJS for IoT or Internet of Things. This repo is under development.\n\n\n##  Getting Started\n\n* Install [Keycloak](https://www.keycloak.org/) locally. Make sure it's working.\n* If you want to run a test locally, clone this repo.\n\n``` bash\ngit clone https://github.com/authbroker/authbroker\ncd authbroker\nnpm install\nbash run-test.sh\n# visit http://localhost:8080\n# with username 'admin' and password 'admin'\nnpm run test\n\n# for stopping docker instance you use this\ndocker stop $(docker ps -a -q --filter ancestor=authbroker:test --format=\"{{.ID}}\")\n```\n\nIt runs Keycloak by docker and import demo data to IOT_Realm realm. An example Broker runs that used auhtBroker by:\n\n``` bash\nnode ./example/broker.js\n```\nthese below commands Subscribe and Publish to broker.\n\n```bash\nmosquitto_sub -h localhost -p 1883 -t garden/fan -u admin -P admin\n\nmosquitto_pub -h localhost -p 1883 -t garden/fan -m \"hello world\" -u admin -P admin\n```\n\nif username/password or authorization permission in Keycloak changes, authBroker authorization will not permitted to broker. for example change topic to unauthorized topic like garden/unathorized and see how broker reject it.\n\n\n## How Using it\nThis module use Node-style callback and it can be used with different brokers like [Aedes](https://github.com/mcollina/aedes).\n\n\n``` js\nconst aedes = require(\"aedes\")({\n    persistence: new require(\"aedes-persistence\")()\n});\nconst server = require(\"net\").createServer(aedes.handle);\nconst port = 1883;\n\nconst authBroker = require('@authbroker/authbroker');\n\nconst config = {\n        \"realm\": \"IOT_Realm\",\n        \"authUrl\": \"http://localhost:8080/auth\",\n        \"sslRequired\": \"external\",\n        \"clientId\": \"authBroker\",\n        \"verifyTokenAudience\": true,\n        \"credentials\": {\n          \"secret\": \"secret\"\n        },\n        \"confidentialPort\": 0,\n        \"policyEnforcer\": {},\n        \"mqttpubScope\": \"scopes:mqttpub\", // scope text for pub permission\n        \"mqttsubScope\": \"scopes:mqttsub\", // scope text for pub permission\n        \"mqttResPerfix\": \"res:\" // prefix text for resource or topic\n      };\n\nconst authbroker = new authBroker(config)\n\n// hook it up\naedes.authenticate = authbroker.authenticate();\naedes.authorizeSubscribe = authbroker.authorizeSubscribe();\naedes.authorizePublish = authbroker.authorizePublish();\n\nserver.listen(port, function () {\n    console.log(\"server listening on port\", port);\n});\n```\n\nIt's necessary to set these scopes in Authorization section in Keycloak.\nBy defualt 'scopes:mqttpub' is set for Publish permission and 'scopes:mqttsub' is set for Subscription permission.\n\n![Keycloak Scopes](./images/keycloak-scope.png)\n\nUsers can Publish or Subscribe to resources which has a scope 'scopes:mqttpub' or 'scopes:mqttsub'.\n\n![Keycloak Resource](./images/keycloak-res.png)\n\nrun-test.sh script runs a preconfigured  Keycloak Demo version that can be used as a template.\n\n```bash\nbash run-test.sh\n```\nthen visit http://localhost:8080 with username 'admin' and password 'admin' in Admin console.\n\n## Contributing\n\n[![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](https://github.com/dwyl/esta/issues)\n\nAnyone with interest in or experience with the following technologies are encouraged to join the project.\nAnd if you fancy it, join the [Telegram group](t.me/joinchat/AuKmG05CNFTz0bsBny9igg) here for Devs and say Hello!\n\n\n## Authors / Contributors\n\n* [Hadi Mahdavi](https://twitter.com/kamerdack)\n\n\n\n## Credits / Inspiration\n\n* Matteo Collina for Mosca, Aedes, Ponte (https://github.com/moscajs/aedes)\n* Eugenio Pace for Auth0 Mosca inspiration (https://github.com/eugeniop/auth0mosca)\n\n\n## Copyright\n\nMIT - Copyright (c) 2019-2022 ioKloud\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fauthbroker%2Fauthbroker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fauthbroker%2Fauthbroker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fauthbroker%2Fauthbroker/lists"}