{"id":22268172,"url":"https://github.com/curityio/aws-token-publisher","last_synced_at":"2025-03-25T14:45:50.716Z","repository":{"id":38256865,"uuid":"285331407","full_name":"curityio/aws-token-publisher","owner":"curityio","description":"A Demo token publisher for the split token approach with AWS DynamoDB.","archived":false,"fork":false,"pushed_at":"2022-07-04T06:23:29.000Z","size":1141,"stargazers_count":0,"open_issues_count":1,"forks_count":2,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-01-30T13:31:12.069Z","etag":null,"topics":["aws","dynamodb","event-listener","plugin","split-token","token-publisher"],"latest_commit_sha":null,"homepage":"https://curity.io/resources/learn/aws-token-publisher/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/curityio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-08-05T15:30:21.000Z","updated_at":"2023-04-26T16:45:30.000Z","dependencies_parsed_at":"2022-08-31T16:12:09.741Z","dependency_job_id":null,"html_url":"https://github.com/curityio/aws-token-publisher","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Faws-token-publisher","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Faws-token-publisher/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Faws-token-publisher/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Faws-token-publisher/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/curityio","download_url":"https://codeload.github.com/curityio/aws-token-publisher/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245486237,"owners_count":20623239,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","dynamodb","event-listener","plugin","split-token","token-publisher"],"created_at":"2024-12-03T11:11:48.573Z","updated_at":"2025-03-25T14:45:50.684Z","avatar_url":"https://github.com/curityio.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# AWS Token Publisher Demo Plugin\n\n[![Quality](https://img.shields.io/badge/quality-test-yellow)](https://curity.io/resources/code-examples/status/)\n[![Availability](https://img.shields.io/badge/availability-binary-blue)](https://curity.io/resources/code-examples/status/)\n\nThis is an example event listener SDK Plugin for the Curity Identity Server. The plugin registers an event listener\nlistening for issued access token events, and forwards them to an AWS deployed DynamoDB.\n\n## Building, installation and configuration\n\nTo build the plugin, simply download it and run `mvn package`. This creates `identityserver.plugins.events.listeners.aws-token-publisher-1.0.0.jar` in `target/aws-token-publisher` and copies all needed dependencies into the same folder.\nCopy the folder `aws_token_publisher` with all the jar files to `\u003cidsvr_home\u003e/usr/share/plugins/`\nand (re)start the Curity Identity Server. Configure a new event listener (shown here using the Admin UI, but could also be configured through the CLI, REST or XML):\n\n![Add new listener](docs/new-listener.png)\n\nPick a suitable name and then select the AWS Token Publisher (`aws-token-publisher`) as type.\n\nConfigure your listener by adding:\n\n- AWS Region that the DynamoDB is deployed in \n- Name of the table configured in DynamoDB to hold the split-token information\n- Name of the column that is the primary key in the DynamoDB table configured above. This is the column that will store a hash of the token signature\n- A DynamoDB Access Method\n  - AWS Access Key ID and AWS Access Key Secret or\n  - AWS Profile Name or \n  - EC2 Instance Profile\n\nProvide the credentials, that is the **AWS Access Key ID and AWS Access Key Secret**, of the user that has the permission to access the DynamoDB.\nAlternatively, choose **AWS Profile Name** to load credentials from the system (i.e. from `~/.aws/credentials`). Provide the name of the profile, that is the name of the entry in the credentials file.\n\nIf **AWS Role Arn** is specified, an AssumeRole attempt will be made with the provided AWS region and the credentials found, either from config (Access Key ID and Access Key Secret) or from profile. The credentials then don't have direct access to DynamoDB but instead need to have access to the role that will provide temporary credentials to access DynamoDB.\n\nSelect the option **EC2 Instance Profile** if the Curity Identity Server runs on an EC2 instance and the instance has an IAM role assigned with permissions to access the DynamoDB.\n\n![Configure the listener](docs/configure-listener.png)\n\nPlease visit [curity.io](https://curity.io/) for more information about the Curity Identity Server.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Faws-token-publisher","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcurityio%2Faws-token-publisher","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Faws-token-publisher/lists"}