authweiler
Version:
A full-flegded 0Auth2.0 HTTP proxy server
44 lines (30 loc) • 2.02 kB
Markdown
A HTTP reverse proxy server for Delegated AuthN/AuthZ.
- [Authorization Code](https://oauth.net/2/grant-types/authorization-code/)
- [Implicit](https://oauth.net/2/grant-types/implicit/)
- [Password](https://oauth.net/2/grant-types/password/)
- [Client Code](https://oauth.net/2/grant-types/client-credentials/)
- [Device Code](https://oauth.net/2/grant-types/device-code/)
- [Refresh Token](https://oauth.net/2/grant-types/refresh-token/)
Configuring the reverse proxy server is very simple. You can do that in the main config file in dedicated blocks or split that into separate files by blocks.
All config
Proxy server config
A mapping to resource server resources
Scopes map somewhat to resources letting you define generic scopes that apply to all resources or resource specific scopes that apply to specific resources. A scope defines the access rights supported by a resource. For example. Say Account is a resource, a scope to Account.Read means that a user with that scope is allowed to call HTTP Get on the Account resource. Likewise scope Account.Write means that a user with that scope is allowed to call all HTTP methods that is capable of mutating the Account resource .i.e. POST, DELETE, PUT and PATCH. There can be other fine grained scopes such as Account.Get, Account.Post, Account.Delete etc
Extended profile config
Required to persist information such a tokens, sessions and state. Comes bundle with redis-adapter
By default AW uses an embedded database to manage tokens, sessions and codes. but when run in a distributed mode,
it is highly recommended to use a shared storage such as redis through the redis adapter