https://github.com/xmidt-org/authbaton
authbaton is a configuration-driven authentication service for apps fronted by reverse proxies.
https://github.com/xmidt-org/authbaton
Last synced: 12 days ago
JSON representation
authbaton is a configuration-driven authentication service for apps fronted by reverse proxies.
- Host: GitHub
- URL: https://github.com/xmidt-org/authbaton
- Owner: xmidt-org
- License: apache-2.0
- Created: 2021-04-12T16:41:00.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2024-12-03T23:30:13.000Z (6 months ago)
- Last Synced: 2025-05-13T00:52:23.377Z (12 days ago)
- Language: Go
- Homepage:
- Size: 467 KB
- Stars: 0
- Watchers: 13
- Forks: 0
- Open Issues: 6
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
README
# authbaton
[](https://github.com/xmidt-org/authbaton/actions/workflows/ci.yml)
[](http://codecov.io/github/xmidt-org/authbaton?branch=main)
[](https://goreportcard.com/report/github.com/xmidt-org/authbaton)
[](https://sonarcloud.io/dashboard?id=xmidt-org_authbaton)
[](https://github.com/xmidt-org/authbaton/blob/main/LICENSE)
[](CHANGELOG.md)
## Summary
AuthBaton is an authentication service for applications behind a reverse proxy.
## Table of Contents
- [Code of Conduct](#code-of-conduct)
- [Details](#details)
- [Usage](#usage)
- [Build](#build)
- [Deploy](#deploy)
- [Contributing](#contributing)
## Code of Conduct
This project and everyone participating in it are governed by the [XMiDT Code Of Conduct](https://xmidt.io/docs/community/code_of_conduct/).
By participating, you agree to this Code.
## Details
AuthBaton is meant to be used as a helper authentication microservice to reverse proxy tools such as NGINX.
The diagram below shows the path that a request follows before reaching the protected application.
## Usage
```
curl http://localhost:6800 -i
HTTP/1.1 403 Forbidden
X-Server-Name: authbaton
X-Server-Version: development
Date: Mon, 05 Apr 2021 21:18:24 GMT
Content-Length: 0
Connection: close
```
```
curl http://localhost:6800/original/request/path -H "Authorization: Basic dXNlcjpwYXNz" -i
HTTP/1.1 200 OK
X-Server-Name: authbaton
X-Server-Version: development
Date: Mon, 05 Apr 2021 21:21:46 GMT
Content-Length: 0
Connection: close
```
**Note:** AuthBaton accepts any URL path. This allows bascule capability checks
to work properly as the reverse proxy can simply reuse the URL path of the original request.
## Build
### Source
In order to build from source, you need a working 1.x Go environment. Find more information on [Go website](https://golang.org/doc/install).
Then, clone the repo and build using make:
```bash
git clone [email protected]:xmidt-org/authbaton.git
cd authbaton
make build
```
### Makefile
The Makefile has the following options you may find helpful:
* `make build`: builds the authbaton binary
* `make test`: runs unit tests with coverage for authbaton
* `make clean`: deletes previously-built binaries and object files
### RPM
First have a local clone of the source and go into the root directory of the
repository. Then use rpkg to build the rpm:
```bash
rpkg srpm --spec /
rpkg -C /.config/rpkg.conf sources --outdir '
```
## Deploy
Once the binary is built, run:
```
./authbaton
```
Ensure that the `authbaton.yaml` config file is in one of the following folders:
- The current working directory
- `$HOME/.authbaton`
- `/etc/authbaton`
### Supported Reverse Proxies
We currently have an example configuration file only for NGINX. However, any reverse proxy that can authenticate an external request by consulting authbaton is supported.
See example configurations [here](/docs/example-config). We are happy to take contributions for example config files for other reverse proxies.
## Contributing
Refer to [CONTRIBUTING.md](CONTRIBUTING.md).