{"id":13506038,"url":"https://github.com/ging/fiware-pep-proxy","last_synced_at":"2025-05-07T21:04:57.074Z","repository":{"id":9691228,"uuid":"11638649","full_name":"ging/fiware-pep-proxy","owner":"ging","description":"Support for proxy functions within OAuth2-based authentication schemas. Also implements PEP functions within an XACML-based access control schema.","archived":false,"fork":false,"pushed_at":"2024-03-25T08:38:31.000Z","size":2305,"stargazers_count":27,"open_issues_count":27,"forks_count":46,"subscribers_count":20,"default_branch":"master","last_synced_at":"2025-05-07T21:04:48.111Z","etag":null,"topics":["access-control","fiware","pep","pep-proxy"],"latest_commit_sha":null,"homepage":"https://fiware-pep-proxy.rtfd.io/","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ging.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":"roadmap.md","authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2013-07-24T15:43:34.000Z","updated_at":"2024-07-12T01:29:48.000Z","dependencies_parsed_at":"2023-02-18T14:31:28.983Z","dependency_job_id":"4451e083-dfdd-4d28-a215-00cd9dd26107","html_url":"https://github.com/ging/fiware-pep-proxy","commit_stats":null,"previous_names":[],"tags_count":47,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ging%2Ffiware-pep-proxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ging%2Ffiware-pep-proxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ging%2Ffiware-pep-proxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ging%2Ffiware-pep-proxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ging","download_url":"https://codeload.github.com/ging/fiware-pep-proxy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252954432,"owners_count":21830903,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["access-control","fiware","pep","pep-proxy"],"created_at":"2024-08-01T01:00:33.523Z","updated_at":"2025-05-07T21:04:57.055Z","avatar_url":"https://github.com/ging.png","language":"JavaScript","funding_links":[],"categories":["FIWARE Catalogue"],"sub_categories":["Security"],"readme":"# PEP Proxy - Wilma\n\n[![FIWARE Security](https://nexus.lab.fiware.org/static/badges/chapters/security.svg)](https://www.fiware.org/developers/catalogue/)\n[![License: MIT](https://img.shields.io/github/license/ging/fiware-pep-proxy.svg)](https://opensource.org/licenses/MIT)\n[![Docker badge](https://img.shields.io/badge/quay.io-fiware%2Fpep--proxy-grey?logo=red%20hat\u0026labelColor=EE0000)](https://quay.io/repository/fiware/pep-proxy)\n[![Support badge](https://img.shields.io/badge/tag-fiware--wilma-orange.svg?logo=stackoverflow)](https://stackoverflow.com/questions/tagged/fiware-wilma)\n\u003cbr\u003e\n[![Documentation badge](https://img.shields.io/readthedocs/fiware-pep-proxy.svg)](https://fiware-pep-proxy.readthedocs.io/en/latest/)\n[![CI](https://github.com/ging/fiware-pep-proxy/workflows/CI/badge.svg)](https://github.com/ging/fiware-pep-proxy/actions?query=workflow%3ACI)\n[![Coverage Status](https://coveralls.io/repos/github/ging/fiware-pep-proxy/badge.svg?branch=master)](https://coveralls.io/github/ging/fiware-pep-proxy?branch=master)\n![Status](https://nexus.lab.fiware.org/repository/raw/public/static/badges/statuses/wilma.svg)\n[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/4417/badge)](https://bestpractices.coreinfrastructure.org/projects/4417)\n\nWilma is a PEP Proxy - it can be combined with other security components such as\n[Keyrock](https://github.com/ging/fiware-idm) and [Authzforce](https://github.com/authzforce/server) to enforce access\ncontrol to your backend applications. This means that only permitted users will be able to access your Generic Enablers\nor REST services. Identity Management allows you to manage specific permissions and policies to resources allowing\ndifferent access levels for your users.\n\nThis project is part of [FIWARE](https://www.fiware.org/). For more information check the FIWARE Catalogue entry for\n[Security](https://github.com/Fiware/catalogue/tree/master/security).\n\n| :books: [Documentation](https://fiware-pep-proxy.readthedocs.io/en/latest/) | :mortar_board: [Academy](https://fiware-academy.readthedocs.io/en/latest/security/wilma) | \u003cimg style=\"height:1em\" src=\"https://quay.io/static/img/quay_favicon.png\"/\u003e [quay.io](https://quay.io/repository/fiware/pep-proxy)  | :dart: [Roadmap](https://github.com/ging/fiware-pep-proxy/blob/master/roadmap.md) |\n| --------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- | ---------------------------------------------------------------- | --------------------------------------------------------------------------------- |\n\n\n## Content\n\n-   [Install](#how-to-build--install)\n    -   [Docker](#docker)\n-   [API](#api-overview)\n-   [Tests](#tests)\n-   [Advanced Documentation](#advanced-documentation)\n-   [Quality Assurance](#quality-assurance)\n-   [License](#license)\n\n## Install\n\n-   Software requirements:\n\n    -   nodejs \u003e= v8.x.x\n    -   npm \u003e= 5.x.x\n\nNote: Both can be installed from [Node.js](http://nodejs.org/download/)\n\n-   Clone Proxy repository:\n\n```console\ngit clone https://github.com/ging/fiware-pep-proxy.git\n```\n\n-   Install the dependencies:\n\n```console\ncd fiware-pep-proxy/\nnpm install\n```\n\n-   Duplicate config.template in `config.js` and configure app host there.\n\n```javascript\nconfig.app_host = 'www.google.es'; // Hostname to forward authenticated requests\nconfig.app_port = '80'; // Port where the HTTP server is running\n```\n\n-   Start proxy server\n\n```console\nsudo npm start\n```\n\n\u003e **ATTENTION!!!**\n\u003e\n\u003e There is an existing security exploit in all versions older than 2.15 of Log4J. Although not\n\u003e using this software currently, the older 7.x.x versions of PEP-Proxy used to use Log4j for logging.\n\u003e Prior to the release 8.0.0, older versions of this software were affected by this exploit as well.\n\u003e Logging was updated to use Debug and Morgan in March 2021. We released a new version 8.0.0 on dockerhub.\n\u003e  Also latest is updated already. If still using 7.x.x please update as soon as possible.\n\n### Docker\n\nWe also provide a Docker image to facilitate you the building of this GE.\n\n-   [Here](https://github.com/ging/fiware-pep-proxy/tree/master/extras/docker) you will find the Dockerfile and the\n    documentation explaining how to use it.\n-   In [Docker Hub](https://hub.docker.com/r/fiware/pep-proxy/) you will find the public image.\n\n## API\n\nRequests to proxy should be made with a special `HTTP Header: X-Auth-Token`. This header contains the OAuth access token\nobtained from FIWARE IDM GE.\n\nExample of requests:\n\n```text\nGET / HTTP/1.1\nHost: proxy_host\nAuthorization: Bearer z2zXk...ANOXvZrmvxvSg\n```\n\n```text\nGET / HTTP/1.1\nHost: proxy_host\nX-Auth-Token:z2zXk...ANOXvZrmvxvSg\n```\n\nTo test the proxy you can generate this request running the following command:\n\n```console\ncurl --header \"X-Auth-Token: z2zXk...ANOXvZrmvxvSg\" http://proxy_host\n```\n\nor\n\n```console\ncurl --header \"Authorization: Bearer z2zXk...ANOXvZrmvxvSg\" http://proxy_host\n```\n\nOnce authenticated, the forwarded request will include additional HTTP headers with user info:\n\n```text\nX-Nick-Name: nickname of the user in IdM\nX-Display-Name: display name of user in IdM\nX-Roles: roles of the user in IdM\nX-Organizations: organizations in IdM\n```\n\n## Tests\n\nFor performing a basic end-to-end test, you have to follow the next steps. A detailed description about how to run tests\ncan be found [here](https://fiware-pep-proxy.readthedocs.io/en/latest/admin_guide#end-to-end-testing).\n\nRequests to proxy should be made with a special HTTP Header: X-Auth-Token. This header contains the OAuth access token\nobtained from FIWARE IDM GE.\n\nExample of requests:\n\n```text\nGET / HTTP/1.1\nHost: proxy_host\nAuthorization: Bearer z2zXk...ANOXvZrmvxvSg\n```\n\n```text\nGET / HTTP/1.1\nHost: proxy_host\nX-Auth-Token:z2zXk...ANOXvZrmvxvSg\n```\n\nTo test the proxy you can generate this request running the following command:\n\n```console\ncurl --header \"X-Auth-Token: z2zXk...ANOXvZrmvxvSg\" http://proxy_host\n```\n\nor\n\n```console\ncurl --header \"Authorization: Bearer z2zXk...ANOXvZrmvxvSg\" http://proxy_host\n```\n\nOnce authenticated, the forwarded request will include additional HTTP headers with user info:\n\n```text\n X-Nick-Name: nickname of the user in IdM\n X-Display-Name: display name of user in IdM\n X-Roles: roles of the user in IdM\n X-Organizations: organizations in IdM\n```\n\n## Advanced Documentation\n\n-   [How to run tests](https://fiware-pep-proxy.readthedocs.io/en/latest/admin_guide#end-to-end-testing)\n-   [User \u0026 Programmers Manual](https://fiware-pep-proxy.readthedocs.io/en/latest/user_guide/)\n-   [Installation \u0026 Administration Guide](https://fiware-pep-proxy.readthedocs.io/en/latest/admin_guide/)\n\n## Quality Assurance\n\nThis project is part of [FIWARE](https://www.fiware.org/) and has been rated as follows:\n\n-   **Version Tested:**\n    ![](https://img.shields.io/badge/dynamic/json.svg?label=Version\u0026url=https://fiware.github.io/catalogue/json/wilma.json\u0026query=$.version\u0026colorB=blue)\n-   **Documentation:**\n    ![](https://img.shields.io/badge/dynamic/json.svg?label=Completeness\u0026url=https://fiware.github.io/catalogue/json/wilma.json\u0026query=$.docCompleteness\u0026colorB=blue)\n    ![](https://img.shields.io/badge/dynamic/json.svg?label=Usability\u0026url=https://fiware.github.io/catalogue/json/wilma.json\u0026query=$.docSoundness\u0026colorB=blue)\n-   **Responsiveness:**\n    ![](https://img.shields.io/badge/dynamic/json.svg?label=Time%20to%20Respond\u0026url=https://fiware.github.io/catalogue/json/wilma.json\u0026query=$.timeToCharge\u0026colorB=blue)\n    ![](https://img.shields.io/badge/dynamic/json.svg?label=Time%20to%20Fix\u0026url=https://fiware.github.io/catalogue/json/wilma.json\u0026query=$.timeToFix\u0026colorB=blue)\n-   **FIWARE Testing:**\n    ![](https://img.shields.io/badge/dynamic/json.svg?label=Tests%20Passed\u0026url=https://fiware.github.io/catalogue/json/wilma.json\u0026query=$.failureRate\u0026colorB=blue)\n    ![](https://img.shields.io/badge/dynamic/json.svg?label=Scalability\u0026url=https://fiware.github.io/catalogue/json/wilma.json\u0026query=$.scalability\u0026colorB=blue)\n    ![](https://img.shields.io/badge/dynamic/json.svg?label=Performance\u0026url=https://fiware.github.io/catalogue/json/wilma.json\u0026query=$.performance\u0026colorB=blue)\n    ![](https://img.shields.io/badge/dynamic/json.svg?label=Stability\u0026url=https://fiware.github.io/catalogue/json/wilma.json\u0026query=$.stability\u0026colorB=blue)\n\n---\n\n## License\n\nWilma PEP Proxy is licensed under the [MIT](LICENSE) License.\n\n© 2018 - 2023 Universidad Politécnica de Madrid.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fging%2Ffiware-pep-proxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fging%2Ffiware-pep-proxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fging%2Ffiware-pep-proxy/lists"}