Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ging/fiware-idm-deprecated

DEPRECATED - Identity Manager - Keyrock
https://github.com/ging/fiware-idm-deprecated

Last synced: 5 days ago
JSON representation

DEPRECATED - Identity Manager - Keyrock

Awesome Lists containing this project

README

        

***********************************
Important information
***********************************
This is an archive of the code repository for the previous Horizion + Keystone-based version of the FIWARE Identity Manager project. The current code repositiory for this project can be found at: https://github.com/ging/fiware-idm

***********************************
Identity Manager - Keyrock Overview
***********************************

.. image:: https://img.shields.io/badge/license-APACHE-blue.svg
:target: http://www.apache.org/licenses/LICENSE-2.0

.. image:: https://img.shields.io/badge/docs-latest-brightgreen.svg?style=flat
:target: http://fiware-idm.readthedocs.org/en/latest/

.. image:: https://img.shields.io/docker/pulls/fiware/idm.svg
:target: https://hub.docker.com/r/fiware/idm/

.. image:: https://img.shields.io/badge/support-sof-yellowgreen.svg
:target: http://stackoverflow.com/questions/tagged/fiware

.. contents::
:local:
:depth: 3

.. _introduction:

Introduction
============

This project is part of `FIWARE `__. You may find
more information about this FIWARE GE
`here `__.

- You may find the source code of this project in GitHub `here `__
- You may find the documentation of this project in Read the Docs `here `__

Welcome to the main repository for the UPM's implementation of the
FIWARE Identity Manager Generic Enabler. This repository acts as an
entry point and holds the documentation and some automated tools for
installation and management. The IdM is composed of two independent
components: a RESTful back-end and web front-end.

If you want to see the
code for each of the components of the IdM and more specific
documentation please head to each component's repository:

- Horizon based front-end `ging/horizon `__
- Keystone based back-end `ging/keystone `__

You can see a working installation in the FIWARE Lab sandbox environment
https://account.lab.fiware.org/

.. begin-requirements

Requirements
------------

Identity Manager - KeyRock requires Ubuntu 12.04 or greater.

Both Horizon, for the front-end, and Keystone, for the back-end, must be
installed in order for the generic enabler to run correctly. They can be installed
in the same machine or in two separated ones. If you choose to separate them, the
two machines must be able to communicate to each other through the network.

.. end-requirements

.. _build:

How to Build & Install
======================

The IdM is made up of two components: the web-based front-end and the
restful back-end. You can check specific documentation in their respective repositories.

Installing the back-end
-----------------------

.. begin-keystone-installation

1. Install the Ubuntu dependencies
::

$ sudo apt-get install python python-dev python-virtualenv libxml2-dev libxslt1-dev libsasl2-dev libssl-dev libldap2-dev libffi-dev libsqlite3-dev libmysqlclient-dev python-mysqldb

2. Get the code from our `GitHub repository `__
::

$ git clone https://github.com/ging/keystone && cd keystone

3. Install the python dependencies
::

$ sudo python tools/install_venv.py

4. Create a configuration file
::

$ cp etc/keystone.conf.sample etc/keystone.conf

5. Create the tables and populate the database

.. begin-database

::

$ sudo tools/with_venv.sh bin/keystone-manage -v db_sync
$ sudo tools/with_venv.sh bin/keystone-manage -v db_sync --extension=oauth2
$ sudo tools/with_venv.sh bin/keystone-manage -v db_sync --extension=roles
$ sudo tools/with_venv.sh bin/keystone-manage -v db_sync --extension=user_registration
$ sudo tools/with_venv.sh bin/keystone-manage -v db_sync --extension=two_factor_auth
$ sudo tools/with_venv.sh bin/keystone-manage -v db_sync --extension=endpoint_filter
$ sudo tools/with_venv.sh bin/keystone-manage -v db_sync --populate

.. end-database

6. Finally, you can run keystone from the console
::

$ sudo tools/with_venv.sh bin/keystone-all -v

You may now log into the web (if you have Horizon installed) using the administrative account (by
default, user is `idm` and the password is the one you entered during the populate step).

.. note::
If you want to run the Keystone backend in the backgroud you
can :ref:`install it as a service `.

.. end-keystone-installation

Now, head on to the :ref:`configuration instructions `.

(You can read more in-depth documentation at the `Installation & Administration Guide `__)

Installing the front-end
------------------------

.. begin-horizon-installation

1. Install the Ubuntu dependencies
::

$ sudo apt-get install python python-dev python-virtualenv libssl-dev libffi-dev libjpeg8-dev

2. Get the code from our `GitHub repository `__
::

$ git clone https://github.com/ging/horizon && cd horizon

3. Create a configuration file
::

$ cp openstack_dashboard/local/local_settings.py.example openstack_dashboard/local/local_settings.py

4. Install the python dependencies
::

$ sudo python tools/install_venv.py

You can now check that everything went OK by running the development server, but you
won't be able to log in until you install the backend.
::

$ sudo tools/with_venv.sh python manage.py runserver localhost:8000

.. note ::
If you want to run the Horizon frontend in the backgroud you
can install it as a service or, for a production environment, run it under Apache.

.. end-horizon-installation

Now, head to the :ref:`configuration instructions `.

(You can read more in-depth documentation at the `Installation & Administration Guide `__)

.. _extras:

Other Installation options
--------------------------

Docker
^^^^^^

We provide a Docker image to facilitate you the building of this
GE.

- `Here `__
you will find the Dockerfile and the documentation explaining how to
use it.
- In `Docker Hub `__ you
will find the public image.

VM Image
^^^^^^^^
We provide an installation script that can be run within a Ubuntu
virtual machine. This script installs the whole Identity Manager, and
sets it up to run in background.

You can find the installation script and a verification script `here `__.

This image contains the following settings as defaults, but you can change any of them after installation, as you can see in the :ref:`horizon ` and the :ref:`keystone ` configuration instructions:

+---------------+--------------+
| Setting | Value |
+===============+==============+
| idm user | :code:`idm` |
+---------------+--------------+
| idm password | :code:`idm` |
+---------------+--------------+
| Horizon port | :code:`8000` |
+---------------+--------------+
| Keystone port | :code:`5000` |
+---------------+--------------+

Chef
^^^^
We also provide a Chef Cookbook, which you can find `here `__.

.. _api:

API Overview
=============

Keyrock back-end is based on Openstack
`Keystone `__ project, so
it exports all the Keystone API. However, Keyrock implements some custom
extensions that have their own REST APIs. Furthermore, to facilitate the
access to some identity resources we have enabled an `SCIM
2.0 `__ API.

Finally, one of the main uses of Keyrock is to allow developers to add
identity management (authentication and authorization) to their
applications based on FIWARE identity. This is posible thanks to
`OAuth2 `__ protocol.

- `Keystone
API `__
- `Keyrock extensions
API `__
- `SCIM 2.0 API `__
- `OAuth2 API `__

You will find the full API description
`here `__

Changes introduced in 5.x
=========================

This section is for users of the 4.x versions. They biggest change introduced
in 5.x is the removal Fabric tasks. The functionality in the tasks has been moved elsewhere, converted to a CLI or removed completely.

- A new CLI tool to help with admin tasks. Documentation :ref:`here `
- The instalation now is always done step by step.
- The population script for the keystone database is now part of keystone.

Check the release notes for a full list of changes and new features.

.. _advanced:

Advanced Documentation
======================

- `User & Programmers
Manual `__
- `Installation & Administration
Guide `__
- `Production set-up
guide `__
- `How to run
tests `__
- `Using the FIWARE LAB instance
(OAuth2) `__
- `Developers and contributors
Guide `__