Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/h0ru5/apo

A.P.O. - "Authorized Personnel Only" is a minimalist OAuth IAM written in Go
https://github.com/h0ru5/apo

authorization go golang htpasswd iam jwt oauth2 rest-api

Last synced: about 2 months ago
JSON representation

A.P.O. - "Authorized Personnel Only" is a minimalist OAuth IAM written in Go

Awesome Lists containing this project

README

        

# A.P.O: - Authorized personnel only

APO is a simple OAuth IAM server.
It's backed is simple htpasswd file (as used e.g. in Apache)
It issues tokens under `/token`.
Tokens are signed using ECDSA, using a key generated at startup and exposed as jwk under `/key`

**Please Note:** this app server currently only provides an http endpoint (not https),
so you should expose it behind a reverse proxy (such as nginx).
This allows you also to use a certificate managed by letsencrypt.

## Building, staring

`go run main.go`

## Configuration

config is based on viper. The server looks for a file called `iam-conf.json` and evaluates command line parameters and environment variables

### passfile

set via command line using `-f` or `--passfile` resp `"passfile"`in the config file.

This tells the server which htpasswd file to use as user base. defaults to ``"./passes"``
Not re-evaluated at runtime, restart IAM on changes.

### endpoint

set via command line using `-e` or `--endpoint` resp `"endpoint"`in the config file.

where this server listens. defaults to ``":3000"``

### audience

set via command line using `-a` or `--audience` resp `"audience"`in the config file.

the audience/realm that gets protected. Appears as such in the basic auth challenge of IAM and in the issued token.
defaults to `"myhome"`

## dependencies

### direct
```
"github.com/Sirupsen/logrus"
"github.com/abbot/go-http-auth"
"github.com/dgrijalva/jwt-go"
"github.com/foomo/htpasswd"
"github.com/gorilla/mux"
"github.com/mendsley/gojwk"
"github.com/spf13/pflag"
"github.com/spf13/viper"
```

### transitive
```
github.com/Sirupsen/logrus MIT License
github.com/abbot/go-http-auth Apache License 2.0 (95%)
github.com/dgrijalva/jwt-go MIT License (98%)
github.com/foomo/htpasswd MIT License
github.com/fsnotify/fsnotify BSD 3-clause "New" or "Revised" License (96%)
github.com/gorilla/mux BSD 3-clause "New" or "Revised" License (96%)
github.com/h0ru5/hmauth/IAM MIT License (98%)
github.com/hashicorp/hcl Mozilla Public License 2.0
github.com/kr/fs BSD 3-clause "New" or "Revised" License (96%)
github.com/magiconair/properties BSD 2-clause "Simplified" License (95%)
github.com/mendsley/gojwk BSD 2-clause "Simplified" License (96%)
github.com/mitchellh/mapstructure MIT License
github.com/pelletier/go-buffruneio ?
github.com/pelletier/go-toml MIT License
github.com/pkg/errors BSD 2-clause "Simplified" License
github.com/pkg/sftp BSD 2-clause "Simplified" License
github.com/spf13/afero Apache License 2.0 (95%)
github.com/spf13/cast MIT License
github.com/spf13/jwalterweatherman MIT License
github.com/spf13/pflag BSD 3-clause "New" or "Revised" License (96%)
github.com/spf13/viper MIT License
golang.org/x/crypto BSD 3-clause "New" or "Revised" License (96%)
golang.org/x/net/context BSD 3-clause "New" or "Revised" License (96%)
golang.org/x/sys/unix BSD 3-clause "New" or "Revised" License (96%)
golang.org/x/text BSD 3-clause "New" or "Revised" License (96%)
gopkg.in/yaml.v2 ? (The Unlicense, 35%)
```

## Licence / Copyright

Copyright (c) Johannes Hund / @h0ru5 2017

Published under the [MIT licence](https://opensource.org/licenses/MIT)