Skip to content

Commit

Permalink
Support APIKEY
Browse files Browse the repository at this point in the history
  • Loading branch information
@fisuda
fisuda committed Jul 22, 2021
1 parent 334f022 commit 540dea8
Show file tree
Hide file tree
Showing 32 changed files with 1,744 additions and 215 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
## NGSI Go v0.8.4-next

- Hardening: Suuport APIKEY (#184)
- Improve: Refactor regproxy and update regproxy example (#183)
- Improve: Add server, health and config sub-cmd to regproxy cmd (#182)
- Improve: Refactor token manager (#181)
Expand Down
56 changes: 45 additions & 11 deletions docs/management/broker.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,9 @@ ngsi broker add [options]
| --password value, -P value | specify password |
| --clientId value, -I value | specify client id |
| --clientSecret value, -S value | specify client secret |
| --headerName value | specify header name for apikey |
| --headerValue value | specify header value for apikey |
| --headerEnvValue value | specify name of environment variable for apikey |
| --tokenScope value | specify scope for token |
| --token value | specify oauth token |
| --service value, -s value | specify FIWARE Service |
Expand Down Expand Up @@ -262,23 +265,51 @@ ngsi broker add \
--password 1234
```

#### Example 11

Orion with APIKEY

```console
ngsi broker add --host orion-with-apikey \
--ngsiType v2 \
--brokerHost http://localhost:1026/ \
--idmType apikey \
--headerName Authorization \
--headerValue "Bearer magic1234"
```

#### Example 12

Orion with APIKEY (environment value)

```console
export TOKEN="Bearer magic1234"
ngsi broker add --host orion-with-apikey-env \
--ngsiType v2 \
--brokerHost http://localhost:1026/ \
--idmType apikey \
--headerName Authorization \
--headerEnvValue TOKEN
```

### NGSI type

Specify `v2` to `--ngsiType` when you add an alias for FIWARE Orion Context Broker.

### Parameters for Identity Managers

| idmType | Required parameters | Description |
| -------------------------------------------------------------------------- | --------------------------------------------------- | ------------------------------------------------ |
| basic | username, password | Basic authentication |
| password | idmHost, username, password, clientId, clientSecret | This type is for Password Credentials |
| [keyrock](https://fiware-idm.readthedocs.io/) | idmHost, username, password, clientId, clientSecret | This type is for Password Credentials of Keyrock |
| [KeyrockTokenProvider](https://github.com/FIWARE-Ops/KeyrockTokenProvider) | idmHost, username, password | It provides auth token from Keyrock |
| tokenproxy | idmHost, username, password | It provides auth token from Keyrock |
| [ThinkingCities](https://thinking-cities.readthedocs.io/) | idmHost, username, password | It provides auth token from Keystone |
| Keycloak | idmHost, username, password, clientId, clientSecret | It provides auth token from Keycloak |
| WSO2 | idmHost, username, password, clientId, clientSecret | It provides auth token from WSO2 |
| Kong (client credentials) | idmHost, clientId, clientSecret | It provides auth token from Kong |
| idmType | Required parameters | Description |
| -------------------------------------------------------------------------- | --------------------------------------------------- | ------------------------------------------------------ |
| basic | username, password | Basic authentication |
| password | idmHost, username, password, clientId, clientSecret | This type is for Password Credentials. |
| [keyrock](https://fiware-idm.readthedocs.io/) | idmHost, username, password, clientId, clientSecret | This type is for Password Credentials of Keyrock. |
| [KeyrockTokenProvider](https://github.com/FIWARE-Ops/KeyrockTokenProvider) | idmHost, username, password | It provides auth token from Keyrock. |
| tokenproxy | idmHost, username, password | It provides auth token from Keyrock. |
| [ThinkingCities](https://thinking-cities.readthedocs.io/) | idmHost, username, password | It provides auth token from Keystone. |
| Keycloak | idmHost, username, password, clientId, clientSecret | It provides auth token from Keycloak. |
| WSO2 | idmHost, username, password, clientId, clientSecret | It provides auth token from WSO2. |
| Kong (client credentials) | idmHost, clientId, clientSecret | It provides auth token from Kong. |
| apikey | headerName, either headerValue or headerEnvValue | It allows you to set a header name and a header value. |

### FIWARE Service and FIWARE ServicePath

Expand Down Expand Up @@ -365,6 +396,9 @@ ngsi broker upadte [options]
| --password value, -P value | specify password |
| --clientId value, -I value | specify client id |
| --clientSecret value, -S value | specify client secret |
| --headerName value | specify header name for apikey |
| --headerValue value | specify header value for apikey |
| --headerEnvValue value | specify name of environment variable for apikey |
| --tokenScope value | specify scope for token |
| --token value | specify oauth token |
| --service value, -s value | specify FIWARE Service |
Expand Down
99 changes: 53 additions & 46 deletions docs/management/server.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,24 +85,27 @@ ngsi server add [options]

### Options

| Options | Description |
| ------------------------------ | ------------------------------ |
| --host value, -h value | specify host or alias |
| --serverHost value, -b value | specify context server host |
| --serverType value | specify FIWARE GE Type |
| --idmType value, -t value | specify token type |
| --idmHost value, -m value | specify identity manager host |
| --apiPath value, -a value | specify API path |
| --username value, -U value | specify username |
| --password value, -P value | specify password |
| --clientId value, -I value | specify client id |
| --clientSecret value, -S value | specify client secret |
| --tokenScope value | specify scope for token |
| --token value | specify oauth token |
| --service value, -s value | specify FIWARE Service |
| --path value, -p value | specify FIWARE ServicePath |
| --safeString value | Use safe string: `off` or `on` |
| --help | show help (default: false) |
| Options | Description |
| ------------------------------ | ----------------------------------------------- |
| --host value, -h value | specify host or alias |
| --serverHost value, -b value | specify context server host |
| --serverType value | specify FIWARE GE Type |
| --idmType value, -t value | specify token type |
| --idmHost value, -m value | specify identity manager host |
| --apiPath value, -a value | specify API path |
| --username value, -U value | specify username |
| --password value, -P value | specify password |
| --clientId value, -I value | specify client id |
| --clientSecret value, -S value | specify client secret |
| --headerName value | specify header name for apikey |
| --headerValue value | specify header value for apikey |
| --headerEnvValue value | specify name of environment variable for apikey |
| --tokenScope value | specify scope for token |
| --token value | specify oauth token |
| --service value, -s value | specify FIWARE Service |
| --path value, -p value | specify FIWARE ServicePath |
| --safeString value | Use safe string: `off` or `on` |
| --help | show help (default: false) |

> **Note:** Orion interprets the FIWARE Service name (tenant name) in lowercase. To use a coherent FIWARE Service name,
> NGSI Go allows only lowercase letters in FIWARE Service name. Please have a look at
Expand Down Expand Up @@ -186,17 +189,18 @@ ngsi server add \

### Parameters for Identity Managers

| idmType | Required parameters | Description |
| -------------------------------------------------------------------------- | --------------------------------------------------- | ------------------------------------------------ |
| basic | username, password | Basic authentication |
| password | idmHost, username, password, clientId, clientSecret | This type is for Password Credentials |
| [keyrock](https://fiware-idm.readthedocs.io/) | idmHost, username, password, clientId, clientSecret | This type is for Password Credentials of Keyrock |
| [KeyrockTokenProvider](https://github.com/FIWARE-Ops/KeyrockTokenProvider) | idmHost, username, password | It provides auth token from Keyrock |
| tokenproxy | idmHost, username, password | It provides auth token from Keyrock |
| [ThinkingCities](https://thinking-cities.readthedocs.io/) | idmHost, username, password | It provides auth token from Keystone |
| Keycloak | idmHost, username, password, clientId, clientSecret | It provides auth token from Keycloak |
| WSO2 | idmHost, username, password, clientId, clientSecret | It provides auth token from WSO2 |
| Kong (client credentials) | idmHost, clientId, clientSecret | It provides auth token from Kong |
| idmType | Required parameters | Description |
| -------------------------------------------------------------------------- | --------------------------------------------------- | ------------------------------------------------------ |
| basic | username, password | Basic authentication |
| password | idmHost, username, password, clientId, clientSecret | This type is for Password Credentials. |
| [keyrock](https://fiware-idm.readthedocs.io/) | idmHost, username, password, clientId, clientSecret | This type is for Password Credentials of Keyrock. |
| [KeyrockTokenProvider](https://github.com/FIWARE-Ops/KeyrockTokenProvider) | idmHost, username, password | It provides auth token from Keyrock. |
| tokenproxy | idmHost, username, password | It provides auth token from Keyrock. |
| [ThinkingCities](https://thinking-cities.readthedocs.io/) | idmHost, username, password | It provides auth token from Keystone. |
| Keycloak | idmHost, username, password, clientId, clientSecret | It provides auth token from Keycloak. |
| WSO2 | idmHost, username, password, clientId, clientSecret | It provides auth token from WSO2. |
| Kong (client credentials) | idmHost, clientId, clientSecret | It provides auth token from Kong. |
| apikey | headerName, either headerValue or headerEnvValue | It allows you to set a header name and a header value. |

### FIWARE Service and FIWARE ServicePath

Expand Down Expand Up @@ -270,23 +274,26 @@ ngsi server upadte [options]

### Options

| Options | Description |
| ------------------------------ | -------------------------------- |
| --host value, -h value | specify host or alias (Required) |
| --serverHost value, -b value | specify context server host |
| --idmType value, -t value | specify token type |
| --idmHost value, -m value | specify identity manager host |
| --apiPath value, -a value | specify API path |
| --username value, -U value | specify username |
| --password value, -P value | specify password |
| --clientId value, -I value | specify client id |
| --clientSecret value, -S value | specify client secret |
| --tokenScope value | specify scope for token |
| --token value | specify oauth token |
| --service value, -s value | specify FIWARE Service |
| --path value, -p value | specify FIWARE ServicePath |
| --safeString value | Use safe string: `off` or `on` |
| --help | show help (default: false) |
| Options | Description |
| ------------------------------ | ----------------------------------------------- |
| --host value, -h value | specify host or alias (Required) |
| --serverHost value, -b value | specify context server host |
| --idmType value, -t value | specify token type |
| --idmHost value, -m value | specify identity manager host |
| --apiPath value, -a value | specify API path |
| --username value, -U value | specify username |
| --password value, -P value | specify password |
| --clientId value, -I value | specify client id |
| --clientSecret value, -S value | specify client secret |
| --headerName value | specify header name for apikey |
| --headerValue value | specify header value for apikey |
| --headerEnvValue value | specify name of environment variable for apikey |
| --tokenScope value | specify scope for token |
| --token value | specify oauth token |
| --service value, -s value | specify FIWARE Service |
| --path value, -p value | specify FIWARE ServicePath |
| --safeString value | Use safe string: `off` or `on` |
| --help | show help (default: false) |

#### Example 1

Expand Down
3 changes: 3 additions & 0 deletions e2e/cases/3000_management/0104_broker_add.test
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,9 @@ OPTIONS:
--password value, -P value specify password
--clientId value, -I value specify client id
--clientSecret value, -S value specify client secret
--headerName value specify header name for apikey
--headerValue value specify header value for apikey
--headerEnvValue value specify name of environment variable for apikey
--tokenScope value specify scope for token
--token value oauth token
--service value, -s value FIWARE Service
Expand Down
3 changes: 3 additions & 0 deletions e2e/cases/3000_management/0105_broker_update.test
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,9 @@ OPTIONS:
--password value, -P value specify password
--clientId value, -I value specify client id
--clientSecret value, -S value specify client secret
--headerName value specify header name for apikey
--headerValue value specify header value for apikey
--headerEnvValue value specify name of environment variable for apikey
--tokenScope value specify scope for token
--token value oauth token
--service value, -s value FIWARE Service
Expand Down

0 comments on commit 540dea8

Please sign in to comment.