festivals-identity-server

command module
v0.7.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 8, 2024 License: LGPL-3.0 Imports: 6 Imported by: 0

README



Festivals App Identity Server

A lightweight go server app providing a RESTful API, called FestivalsIdentityAPI. The FestivalsIdentityAPI exposes all authorization and authentication functions needed by the the FestivalsApp components.


DevelopmentDeploymentFestivalsIdentityAPIArchitectureEngage


Development

  1. Make server run ✅
  2. Make server serves tls ✅
  3. Make other server serve tls ✅
  4. implement jwt to validate requests to other partys (especialy for admin requests) ✅
Requirements

Deployment

Running the festivals-identity-server is pretty easy because Go binaries are able to run without system dependencies on the target for which they are compiled. The festivals-identity-server expects either a config file at /etc/festivals-server.conf, the environment variables set or the template config file present in the directory it runs from. You also need to setup the database correctly and provide all needed certificates in the right format, see festivals-pki.

#Installing
curl -o install.sh https://raw.githubusercontent.com/Festivals-App/festivals-identity-server/master/operation/install.sh
chmod +x install.sh
sudo ./install.sh <mysql_root_pw> <mysql_backup_pw> <read_write_pw>
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf          // edit bind-address=<private-ip>

#Updating
curl -o update.sh https://raw.githubusercontent.com/Festivals-App/festivals-identity-server/master/operation/update.sh
chmod +x update.sh
sudo ./update.sh

#To see if the server is running use:
sudo systemctl status festivals-identity-server
Build and run using make
make build
make run
# Default API Endpoint : http://localhost:22580

FestivalsIdentityAPI

The FestivalsIdentityAPI is documented in detail here.

Architecture

There are a three diffrent security mechanisms to secure the festivalsapp backend, at first every party needs a valid client certificate from the FestivalsApp Root CA to communicate with other partys via mTLS, for more information see the festivals-pki repository. After secure communication is established, clients need either an API key for the read-only parts of the FestivalsAPI or an JSON Web Token (JWT) for everything else. The JWT is used to implement a role-based access control (RBAC) to decide whether the user is authorized to access the given function.

The general documentation for the Festivals App is in the festivals-documentation repository. The documentation repository contains architecture information, general deployment documentation, templates and other helpful documents.

Engage

I welcome every contribution, whether it is a pull request or a fixed typo. The best place to discuss questions and suggestions regarding the festivals-identity-server is the issues section. More general information and a good starting point if you want to get involved is the festival-documentation repository.

The following channels are available for discussions, feedback, and support requests:

Type Channel
General Discussion
Other Requests
Licensing

Copyright (c) 2020-2024 Simon Gaus. Licensed under the GNU Lesser General Public License v3.0

Documentation

The Go Gopher

There is no documentation for this package.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL