Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/devsu/condor-auth-keycloak
An authorization strategy for condor-auth, to allow grpc microservices built in node work with keycloak.
https://github.com/devsu/condor-auth-keycloak
authentication authorization condor condor-framework grpc microservice middleware nodejs
Last synced: about 1 month ago
JSON representation
An authorization strategy for condor-auth, to allow grpc microservices built in node work with keycloak.
- Host: GitHub
- URL: https://github.com/devsu/condor-auth-keycloak
- Owner: devsu
- License: mit
- Created: 2017-04-18T21:43:09.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2017-04-27T23:36:34.000Z (over 7 years ago)
- Last Synced: 2024-10-14T06:19:53.241Z (2 months ago)
- Topics: authentication, authorization, condor, condor-framework, grpc, microservice, middleware, nodejs
- Language: JavaScript
- Size: 14.6 KB
- Stars: 0
- Watchers: 10
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# condor-auth-keycloak
An authorization strategy for [Condor Auth Middleware](https://github.com/devsu/condor-auth).
**Condor** is a [GRPC Framework for node](https://github.com/devsu/condor-framework).
**Condor Auth** is an [authorization middleware](https://github.com/devsu/condor-auth) for Condor.This module validates and decodes bearer tokens provided by [Keycloak](http://www.keycloak.org/) (Keycloak uses OpenID Connect), and maps **realm** and **resource** **roles** that come in the JWT created by keycloak.
[![Build Status](https://travis-ci.org/devsu/condor-auth-keycloak.svg?branch=master)](https://travis-ci.org/devsu/condor-auth-keycloak)
[![Coverage Status](https://coveralls.io/repos/github/devsu/condor-auth-keycloak/badge.svg?branch=master)](https://coveralls.io/github/devsu/condor-auth-keycloak?branch=master)## Installation
```bash
npm i --save condor-framework condor-auth condor-auth-keycloak
```## How to use
First, you will need to create a client in keycloak. Then you just need to add keycloak as a middleware in your condor server.
For the authorization to work, the caller must include the `authorization` metadata, containing a valid access token (**JWT**), created by keycloak.
```js
const Condor = require('condor-framework');
const Auth = require('condor-auth').Auth;
const KeycloakStrategy = require('condor-auth-keycloak').Strategy;
const Greeter = require('./greeter');const strategy = new KeycloakStrategy(/* keycloak-options */);
const auth = new Auth(strategy);const app = new Condor()
.addService('./protos/greeter.proto', 'myapp.Greeter', new Greeter())
.use(auth.middleware)
.start();
```By default, when no options are passed, it will try to read the configuration from `keycloak.json`.
### Configuration File
The `keycloak.json` can be obtained from keycloack, and should look like this:
```
{
"realm": "demo",
"bearer-only": true,
"auth-server-url": "http://localhost:8180/auth",
"ssl-required": "none",
"resource": "node-service"
}
```### Configure access rules
To configure access rules, see the [condor-auth](https://github.com/devsu/condor-auth#2-configuring-access-rules) documentation.
## Options
All values are optional. Their default values are:
| Option | Description | Default |
|--------------|------------------------------------|-----------------|
| configFile | The path to the configuration file | keycloak.json |## License and Credits
MIT License. Copyright 2017 by **Devsu LLC**, a great [microservices development team](https://devsu.com)