~willvaughn/grsroot-auth

Generic authentication and authorization service written in Clojure
remove unnecessary (do) in delete user app role route handler
add description to api docs ui
change services to api-v1 routes

refs

main
browse  log 

clone

read-only
https://git.sr.ht/~willvaughn/grsroot-auth
read/write
git@git.sr.ht:~willvaughn/grsroot-auth

You can also use your local clone with git send-email.

#grsroot-auth

generated using Luminus version "4.33"

FIXME

#Prerequisites

You will need Leiningen 2.0 or above installed.

#Running

To start a web server for the application, run:

lein run

#Development Notes

This service is a database of users and apps, and it deals with authentication tokens. That's it. This API is mostly open, and unauthenticated itself, which means it should be a private backend service used by your application services, but not accessible from the internet. There are a few authenticated API endpoints for creating application objects and roles. These objects are a matter of your application design, and should only be manipulated by developer administrators setting up the grsroot-auth service with data about the services it provides authentication and authorization for.

This service is built around the Clojure library buddy and is mostly a formalization of the blog series Securing Cloure Microservices using buddy.

#Getting Started

TODO

  • To create apps and app roles, it is necessary to have a user of type super-admin for the grsroot-auth app.
#Making private and public keys

http://funcool.github.io/buddy-sign/latest/06-faq.html

mkdir -p env/dev/resources/keys
cd env/dev/resources/keys
openssl genrsa -aes256 -out private-key.pem 2048
openssl rsa -pubout -in private-key.pem -out public-key.pem

#License

Copyright © 2022 FIXME