Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/ConsenSys/quorum-security-plugin-enterprise

Quorum Security Plugin to provide TLS configuration and enable OAuth2-compliant resource server for JSON RPC
https://github.com/ConsenSys/quorum-security-plugin-enterprise

protocols-team-goquorum

Last synced: about 2 months ago
JSON representation

Quorum Security Plugin to provide TLS configuration and enable OAuth2-compliant resource server for JSON RPC

Lists

README 

        
# Quorum Enterprise Security Plugin



This is to provide a backend support for `geth` JSON RPC servers by implementing services from [security plugin interface](https://github.com/jpmorganchase/quorum-plugin-definitions/blob/master/security.proto):



- `TLSConfigurationSource` to provide TLS configuration for HTTP and WS RPC servers

- `AuthenticationManager` to enable RPC servers being OAuth2-compliant resource servers

  that support both JSON Web Token ([JWT](https://tools.ietf.org/html/rfc7519)) and opaque access token format



## Prerequisites



- Go 1.13.x



## Quick Start



```bash

$ make

$ PLUGIN_DEST_PATH= make dist-local

```



## Configuration



Refer to the official documentation [here](http://docs.goquorum.com/en/latest/PluggableArchitecture/Plugins/security/For-Users/) for more details



## Token Validation



Access token is validated by one of the following methods when configured:



- [JSON Web Signature](https://tools.ietf.org/html/rfc7515): The JSON Web Key Set ([JWKS](https://tools.ietf.org/html/rfc7517)) is a set of keys which contains the public keys used to verify

  the JSON Web Token (JWT) issued by the authorization server. JWKS is retrieved via a preconfigured endpoint.

- [OAuth2 Token Introspection](https://tools.ietf.org/html/rfc7662): support HTTP Basic Authentication and Form Authentication

  to access the protected introspection endpoint. Other authentication methods may be supported in the future.