condor-auth-keycloak
v0.0.2
Published
Condor Authorization Middleware with Keycloak
Downloads
1
Maintainers
Readme
condor-auth-keycloak
An authorization strategy for Condor Auth Middleware.
Condor is a GRPC Framework for node. Condor Auth is an authorization middleware for Condor.
This module validates and decodes bearer tokens provided by Keycloak (Keycloak uses OpenID Connect), and maps realm and resource roles that come in the JWT created by keycloak.
Installation
npm i --save condor-framework condor-auth condor-auth-keycloak
How to use
First, you will need to create a client in keycloak. Then you just need to add keycloak as a middleware in your condor server.
For the authorization to work, the caller must include the authorization
metadata, containing a valid access token (JWT), created by keycloak.
const Condor = require('condor-framework');
const Auth = require('condor-auth').Auth;
const KeycloakStrategy = require('condor-auth-keycloak').Strategy;
const Greeter = require('./greeter');
const strategy = new KeycloakStrategy(/* keycloak-options */);
const auth = new Auth(strategy);
const app = new Condor()
.addService('./protos/greeter.proto', 'myapp.Greeter', new Greeter())
.use(auth.middleware)
.start();
By default, when no options are passed, it will try to read the configuration from keycloak.json
.
Configuration File
The keycloak.json
can be obtained from keycloack, and should look like this:
{
"realm": "demo",
"bearer-only": true,
"auth-server-url": "http://localhost:8180/auth",
"ssl-required": "none",
"resource": "node-service"
}
Configure access rules
To configure access rules, see the condor-auth documentation.
Options
All values are optional. Their default values are:
| Option | Description | Default | |--------------|------------------------------------|-----------------| | configFile | The path to the configuration file | keycloak.json |
License and Credits
MIT License. Copyright 2017 by Devsu LLC, a great microservices development team