bearer-auth-api

REST API server using gin-gonic to check "Authorization: Bearer" header.

Description

This REST API Server receives any path and any methods, and checks Bearer Token ("Authorization: Bearer TOKEN" Request Header).

1. If no Bearer Token, respond 401 Unauhtorized always.
2. If Token does not be found in AUTH_TOKENS JSON which is given from the environment variable, respond 401 Unauthorized.
3. If Token is found, but path does not be allowed, respond 403 Forbidden
4. If Token is found and path is allowed, respond 200 OK

This REST API is assumed to use with Ambassador on Kubernetes.

AUTH_TOKENS JSON template

{
  "<token1>": ["<allowed path regex>", "<allowed path regex>"...],
  "<token2>": [...],
  ...
}

example)

{
  "Znda7iglaqdoltsp7kDl60TvkkszcEGU": ["^/path1/.*$", "^/path2/path2-2/.*$"],
  "fANtLRTszYAayjtmLFllSHBrt2zRyoqV": ["^/path2/.*$"]
}

Run as Docker container

1. Pull container nmatsui/bearer-auth-api from DockerHub

   $ docker pull nmatsui/bearer-auth-api

2. Run Container

   • If you want to change exposed port, set LISTEN_PORT environment variable.

   $ docker run -d -p 3000:3000 nmatsui/bearer-auth-api

Build from source code

1. go get

   $ go get -u github.com/nmatsui/bearer-auth-api

2. go install

   $ go install github.com/nmatsui/bearer-auth-api

License

Apache License 2.0

Copyright

Copyright (c) 2018 Nobuyuki Matsui nobuyuki.matsui@gmail.com