https://github.com/edgeflare/fabric-oidc-proxy
OIDC/OAuth2 Proxy for Hyperledger Fabric Blockchain
https://github.com/edgeflare/fabric-oidc-proxy
fabric-ca hyperledger-fabric oauth2-proxy oidc
Last synced: 3 months ago
JSON representation
OIDC/OAuth2 Proxy for Hyperledger Fabric Blockchain
- Host: GitHub
- URL: https://github.com/edgeflare/fabric-oidc-proxy
- Owner: edgeflare
- License: apache-2.0
- Created: 2024-08-16T10:21:51.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2024-08-16T19:21:33.000Z (10 months ago)
- Last Synced: 2024-08-17T11:48:06.151Z (10 months ago)
- Topics: fabric-ca, hyperledger-fabric, oauth2-proxy, oidc
- Language: Go
- Homepage:
- Size: 62.5 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# OIDC/OAuth2 Proxy for Hyperledger Fabric Blockchain
fabric-oidc-proxy allows authenticating to [Hyperledger Fabric blockchain](https://github.com/hyperledger/fabric) using OIDC token. It gets, on behalf of OIDC tokenholder (humans, programs, etc), a membership (x509) certificate issued by Fabric CA, and signs transactions using their respective certificate.
## Prerequisites
- Hyperledger Fabric network. For quickstart, checkout our [helm-charts](https://github.com/edgeflare/helm-charts))
- OIDC/OAuth2 provider that allows to add custom claims (We're using [ZITADEL](https://github.com/zitadel/zitadel))
### Quickstart
```shell
go build -o fabric-oidc-proxy .
./fabric-oidc-proxy start --port=8080
```
Register and Enroll a user with the OIDC proxy
```shell
export FABRIC_PROXY_API=http://localhost:8080/api/v1
```
```shell
curl -X POST -H "authorization: Bearer $TOKEN" $FABRIC_PROXY_API/account/enroll
```
## Interacting with the Hyperledger Fabric network
[example using asset-transfer chaincode-as-a-service](./example-ccaas/)
```shell
export TX_URL=$FABRIC_PROXY_API/default/assetcc/submit-transaction
```
- InitLedger
```shell
curl -H "authorization: Bearer $TOKEN" -X POST -d '{"name": "InitLedger","args": []}' $TX_URL
```
- GetAllAssets
```shell
curl -H "authorization: Bearer $TOKEN" -X POST -d '{"name": "GetAllAssets","args": []}' $TX_URL
```
- CreateAsset
```shell
curl -H "authorization: Bearer $TOKEN" -X POST -d '{"name": "CreateAsset","args": ["demo-id-01", "blue", "10", "Sam", "100"]}' $TX_URL
```
- UpdateAsset
```shell
curl -H "authorization: Bearer $TOKEN" -X POST -d '{"name": "UpdateAsset","args": ["demo-id-01", "blue", "10", "Sam", "1000"]}' $TX_URL
```
- DeleteAsset
```shell
curl -H "authorization: Bearer $TOKEN" -X POST -d '{"name": "DeleteAsset","args": ["demo-id-01"]}' $TX_URL
```