{"id":21581269,"url":"https://github.com/ezy/enterpise-api-gateway","last_synced_at":"2025-04-10T18:53:52.902Z","repository":{"id":83684346,"uuid":"244459852","full_name":"ezy/enterpise-api-gateway","owner":"ezy","description":"Super light OAuth2 API gateway. Auths against LDAP, returns JWT and refresh tokens, generates routes to proxy from `src/config.js` to target URL.","archived":false,"fork":false,"pushed_at":"2020-04-01T06:38:07.000Z","size":12,"stargazers_count":10,"open_issues_count":0,"forks_count":3,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-04-14T14:04:49.688Z","etag":null,"topics":["api-gateway","config","enterprise","enterprise-systems","expressjs","jsonwebtoken","jwt","jwt-auth","jwt-token","ldap","ldap-auth","ldap-authentication","nodejs","oauth2","oauth2-server"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ezy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-03-02T19:44:10.000Z","updated_at":"2021-02-24T12:38:06.000Z","dependencies_parsed_at":"2023-07-02T01:11:07.890Z","dependency_job_id":null,"html_url":"https://github.com/ezy/enterpise-api-gateway","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ezy%2Fenterpise-api-gateway","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ezy%2Fenterpise-api-gateway/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ezy%2Fenterpise-api-gateway/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ezy%2Fenterpise-api-gateway/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ezy","download_url":"https://codeload.github.com/ezy/enterpise-api-gateway/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248275365,"owners_count":21076581,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api-gateway","config","enterprise","enterprise-systems","expressjs","jsonwebtoken","jwt","jwt-auth","jwt-token","ldap","ldap-auth","ldap-authentication","nodejs","oauth2","oauth2-server"],"created_at":"2024-11-24T14:11:50.956Z","updated_at":"2025-04-10T18:53:52.894Z","avatar_url":"https://github.com/ezy.png","language":"JavaScript","readme":"# Node API Gateway\n\nA super lightweight API gateway (825 lines of code) with an inbuilt OAuth2 server that will run in a docker container, authenticate against an LDAP server returning JWT and refresh tokens, then generates routes to proxy from `src/config.js` to the target URL.\n\n## Installation\n\nYou'll need docker if you don't already have it installed.\n\nCopy `.example.env` to `.env.development` and update the passwords for access. Adjust `src/config.js` to include setting your proxy urls:\n\n```sh\n# Build and start your server\ndocker-compose up --build\n```\n\nAPI will be available at `localhost:\u003cPORT\u003e` for http requests.\n\n## API Endpoints\n\nSpecify your endpoints in `src/config.js` under the `routes` object using the correct request method object (get,post,put,delete). Routes will be generated at runtime from this list using the following configuration:\n\n- host: { string } over-rides `hostUrl` to specify proxy target host,\n- path: { string } the target path for the req and res,\n- auth: { boolean } set to true to require JWT authentication for the endpoint\n\n### Oauth2 Authentication\n\nThe gateway acts as it's own Oauth2 server using a JWT and refresh token for authentication. All auth grant types reside at the `/oauth/token` endpoint.\n\n#### Password grant\n\nInitial authentication should be with the following REST structure\n\n- POST\n- Uses req.body: `{ \"grant_type\": \"password\", \"username\": \"zz001\", \"password\": \"S3cur3\", \"scope\": \"openid profile\", \"client_id\": \"xxx\" }`\n- Headers: `{ \"Content-Type\": \"application/json\" }`\n\nTo return:\n\n```json\n{\n    \"access_token\": \"{{access_token}}\",\n    \"token_type\": \"Bearer\",\n    \"expires_in\": 31557600,\n    \"refresh_token\": \"{{refresh_token}}\",\n    \"uid\": \"ZZ001C\"\n}\n```\n\n#### Refresh grant\n\nIf the JWT token has expired a refresh grant should be made to the `/oauth/token` endpoint with a valid refresh_token.\n\n- POST\n- Uses req.body: `{ \"grant_type\": \"refresh_token\", \"refresh_token\": \"{{refresh_token}}\", \"client_id\": \"xxx\" }`\n- Headers: `{ \"Content-Type\": \"application/json\" }`\n\nTo return:\n\n```json\n{\n    \"access_token\": \"{{access_token}}\",\n    \"token_type\": \"Bearer\",\n    \"expires_in\": 31557600,\n    \"refresh_token\": \"{{refresh_token}}\",\n    \"uid\": \"ZZ001C\"\n}\n```\n\n#### Decoded JWT token data example\n\n```json\n{\n  \"iss\": \"http://localhost\",\n  \"aud\": \"https://localhost:5000/v1\",\n  \"sub\": \"ZZ001\",\n  \"email\": \"Zach.Zoolander@email.com\",\n  \"identityContext\": \"0\",\n  \"scopes\": \"read,write\",\n  \"iat\": 1557807257,\n  \"exp\": 1589364857\n}\n```\n\n#### Decoded refresh token example\n\nThe refresh token isn't dependant on the decoded JWT data, but the Oauth server does validate the token for expiry and authenticity using the secret as an extra layer of security.\n\n```json\n{\n  \"sub\": \"ZZ001\",\n  \"iat\": 1557807430,\n  \"exp\": 1589365030\n}\n```\n\n## HTTP / HTTPS\n\nApp is configured for both http and https and runs http out of the box. To enable https generate (or provide) your https certs - `privateKey.pem, certificate.pem, authority.pem (optional)` - in the root directory, and set `config.protocol: 'https'`.\n\n### Postman client\n\nImport the postman file located at `./node_api.postman_collection.json` to test the endpoints.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fezy%2Fenterpise-api-gateway","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fezy%2Fenterpise-api-gateway","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fezy%2Fenterpise-api-gateway/lists"}