Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ryotarai/github-api-auth-proxy
https://github.com/ryotarai/github-api-auth-proxy
Last synced: 8 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/ryotarai/github-api-auth-proxy
- Owner: ryotarai
- Created: 2019-09-04T00:19:27.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2023-03-07T02:44:55.000Z (almost 2 years ago)
- Last Synced: 2024-11-01T13:03:27.935Z (about 2 months ago)
- Language: Go
- Size: 97.7 KB
- Stars: 1
- Watchers: 3
- Forks: 2
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# github-api-auth-proxy
```
+--------+ +-----------------------+ +------------+
| +---->+ +----->+ |
| Client | | github-api-auth-proxy | | GitHub API |
| +<----+ w/ OPA policy +<-----+ |
+--------+ +--------+------+-------+ +------------+
```
## Usage
First, write OPA policy:
```
$ cat < policy.rego
package github.authz
default allow = false
allow {
input.username == "user1"
input.method == "GET"
input.path == "/user"
}
EOC
```
In the config file, passwords need to be hashed by bcrypt. You can get bcrypt-ed password as follows:
```
$ github-api-auth-proxy -bcrypt
Password:
Bcrypted: $2a$10$tHUUM6cydLY/Sg9.OqmOsehpRdqbmyAcsdwm6t13qMxAlb4eENur2
```
Second, create a config YAML file:
```yaml
originURL: 'https://api.github.com'
opaPolicyFile: 'policy.rego'
accessToken: 'your personal access token'
passwords:
user1:
- '$2a$10$tHUUM6cydLY/Sg9.OqmOsehpRdqbmyAcsdwm6t13qMxAlb4eENur2'
```
Then, start github-api-auth-proxy:
```
$ github-api-auth-proxy -config config.yaml
```
```
$ curl -u user1:password http://localhost:8080/user
```