Skip to content

alexanderkiel/lens-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

63 Commits

dev

dev

 
 

resources

resources

 
 

src/lens

src/lens

 
 

test/lens

test/lens

 
 

.dockerignore

.dockerignore

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

Procfile

Procfile

 
 

README.md

README.md

 
 

project.clj

project.clj

 
 

system.properties

system.properties

 
 

Repository files navigation

Please start at the Top-Level Lens Repo.

Lens Auth Service

Build Status Docker Pulls

The central OAuth 2.0 authorization service for all Lens backend services.

Lens auth currently supports only the Resource Owner Password Credentials Grant described in section 4.3 of the spec. An OAuth 2.0 compatible token endpoint is implemented under the /token path. An OAuth 2.0 compatible introspection endpoint is implemented under the /introspect path.

Client Identifiers

Client identifiers issued by this authorization service are opaque strings with a length not longer than 255 chars.

Usage with Leiningen

To start the service with leiningen, run the following command

lein with-profile production trampoline run

This starts the Lens Auth service on localhost port 8080.

Usage on Heroku Compatible PaaS

This application uses the following environment vars:

  • PORT - the port to listen on
  • CONTEXT_PATH - an optional context path under which the workbook service runs
  • TOKEN_STORE - how to store the generated tokens. Currently atom and riak are supported (defaults to atom)
  • RIAK_TOKEN_HOST - Must be specified if token-store is riak
  • RIAK_TOKEN_PORT - the Riak HTTP port (defaults to 8098)
  • RIAK_TOKEN_BUCKET - the name of the Riak bucket to store generated tokens in (defaults to auth-tokens)
  • EXPIRE - the time in seconds after which a token expires
  • AUTH - how to check user credentials, currently noop (all credentials are valid) and ldap are supported (defaults to noop)
  • LDAP_HOSTS - the host or hosts (comma separated) to use for ldap connect, must be specified if auth is ldap
  • LDAP_USER_BASE_DN - the ldap base dn to locate users, must be specified if auth is ldap
  • LDAP_BIND_DN - the server connects to ldap using this user dn, must be specified if auth is ldap
  • LDAP_BIND_PASSWORD - the server connects to ldap using this password, must be specified if auth is ldap
  • LDAP_SEARCH_TPL - the filter string template used to find users (defaults to (sAMAccountName=%s))
  • CLIENT_STORE - how to store the generated tokens. Currently atom and riak are supported (defaults to atom)
  • RIAK_CLIENT_HOST - Must be specified if client-store is riak
  • RIAK_CLIENT_PORT - the Riak HTTP port (defaults to 8098)
  • RIAK_CLIENT_BUCKET - the name of the Riak bucket to store generated clients in (defaults to auth-clients)

If you have foreman installed you can create an .env file listing the environment vars specified above and just type foreman start.

Usage through Docker Container

You have to start the auth container:

docker run -d -p 8080:80 --name lens-auth akiel/lens-auth

After starting the container, a curl http://localhost:8080/token should show Method not allowed. which is okay for the moment.

Develop

Running a REPL will load the user namespace. Use (startup) to start the server and (reset) to reload after code changes.

License

Copyright © 2015 Alexander Kiel

Distributed under the Eclipse Public License, the same as Clojure.

About

Central OAuth 2.0 Authorization Server for Lens.

Resources

Readme

License

EPL-1.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

3 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages