Skip to content
/ express-apigw-base-plugin Public

Base plugin for Express API Gateway containing policies auth JWT, json parser among others.

License

Apache-2.0 license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

nutes-uepb/express-apigw-base-plugin

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
conditions
conditions
 
 
policies
policies
 
 
routes
routes
 
 
services
services
 
 
test/unit
test/unit
 
 
.gitignore
.gitignore
 
 
.mocharc.yml
.mocharc.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
manifest.js
manifest.js
 
 
package.json
package.json
 
 

Repository files navigation

express-apigw-base-plugin

This plugin adds custom policies to the Express Gateway. For more information about Express Gateway plug-ins, see the documentation Express Gateway - Plugins

How to manually install

  1. Execute:
npm install https://github.com/nutes-uepb/express-apigw-base-plugin --save
  1. Add the installed plugin to the gateway system settings in the file "system.config.yml". As in the example below:
plugins:
  express-apigw-base-plugin:
    package: 'express-apigw-base-plugin/manifest.js'
  1. Okay, done that it is already possible to use the policies in "gateway.config.yml"

How to install automatically

Plugins are bundled as Node modules and distributed through npm. The Express Gateway CLI is used to install and configure plugins. Installed plugins are declared in the system.config.yml and are then ready to be used. Express Gateway CLI is a convenient way to install and enable plugins.

$ eg plugin install https://github.com/nutes-uepb/express-apigw-base-plugin

Description of policies

  • body-parser-policy: Converts the request into an object using the body-parser.
    • No configuration parameters
  • auth-policy: Performs authentication and then validates the consumer at the express gateway.
    • Configuration parameters:
      • urlauthservice: Indicates authentication service url. (ie 'http://localhost:5000/api/users/auth')
      • secretOrPublicKey: String with the secret to validate JWT token. (ie 'mysecret')
      • secretOrPublicKeyFile: File with the secret to validate JWT token. (ie 'key.pem')
      • issuer: Valid JWT token issuer. (ie 'myapp')
  • jwt-policy: Validates token jwt based on expiration time and emitter. In addition to verifying the existence of the respective consumer. NOTE: In the case of the jwt secret, it can be informed using one of two properties: "secretOrPublicKey" or "secretOrPublicKeyFile".
    • Configuration parameters:
      • secretOrPublicKey: String with the secret to validate JWT token. (ie 'mysecret')
      • secretOrPublicKeyFile: File with the secret to validate JWT token. (ie 'key.pem')
      • issuer: Valid JWT token issuer. (ie 'myapp')
  • jwtScopes-policy: Performs the validation of the necessary scopes in the requests. Remembering that each scope must be configuring in each apiPublica path. In case of multiple scopes, the policy verifies the existence of at least one of the scopes.
    • No configuration parameters
  • recaptcha-policy: Performs user response validation via the reCaptcha Validation API (https://www.google.com/recaptcha/api/siteverify)
    • Configuration parameters:
      • serverKey: String with the secret key provided by reCaptcha. (ie '6L71Sa8SAAsAAPGsl5pHs4hEdT49prH4Au0toPa_') To learn more visit: https://developers.google.com/recaptcha/intro#overview
      • recaptchaResponse: Template string with reCaptcha's response. (ie '$ {req.body.recaptchaResponse}')

About

Base plugin for Express API Gateway containing policies auth JWT, json parser among others.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

1 star

Watchers

3 watching

Forks

1 fork
Report repository

Releases 8

v1.3.4 Latest
Jun 1, 2022
+ 7 releases

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages