The library for authorization: both acquiring and validating.
This library provides validation of Tokens used for authorization as well as a way to acquire Authorization header values. Tokens can be parsed and validated from http requests. Bascule provides a generic framework that can be configured, but currently can support basic and jwt authorization.
Table of Contents
Code of Conduct
This project and everyone participating in it are governed by the XMiDT Code Of Conduct. By participating, you agree to this Code.
acquire subpackage handles getting the value for an Authorization header of
an http request. The JWT acquirer gets a JWT from a configurable endpoint,
caches it, and will get a new JWT at a configurable time before the current JWT
Validation of Tokens happens once an authorization value has been parsed into
something that implements the Token interface.
basculehttp subpackage provides http decorators/middleware that will parse an http
request into a Token and validate it with configurable rules.
Read more about the
basculehttp subpackage in its README.
This repo is a library of packages used for the authorization. There is no installation.
Refer to CONTRIBUTING.md.