authweiler v0.1.20

AuthWeiler

A HTTP reverse proxy server for Delegated AuthN/AuthZ.

Supported Specs

Auth2.0

• Authorization Code
• Implicit
• Password
• Client Code
• Device Code
• Refresh Token

OpenId Connect

CLI Commands

Configration

Configuring the reverse proxy server is very simple. You can do that in the main config file in dedicated blocks or split that into separate files by blocks.

aw.config.yaml

All config

core.config.yaml

Proxy server config

resources.config.yaml

A mapping to resource server resources

scopes.config.yaml

Scopes map somewhat to resources letting you define generic scopes that apply to all resources or resource specific scopes that apply to specific resources. A scope defines the access rights supported by a resource. For example. Say Account is a resource, a scope to Account.Read means that a user with that scope is allowed to call HTTP Get on the Account resource. Likewise scope Account.Write means that a user with that scope is allowed to call all HTTP methods that is capable of mutating the Account resource .i.e. POST, DELETE, PUT and PATCH. There can be other fine grained scopes such as Account.Get, Account.Post, Account.Delete etc

profiles.config.yaml

Extended profile config

store.config.yaml

Required to persist information such a tokens, sessions and state. Comes bundle with redis-adapter

Store

By default AW uses an embedded database to manage tokens, sessions and codes. but when run in a distributed mode, it is highly recommended to use a shared storage such as redis through the redis adapter