Re: [Edgex-tsc] Auth Service
Per our meeting yesterday, I think the answer is yes this would be of interest. We wholeheartedly accept such contributions for consideration into the upcoming release cycle. If you (Mainflux) or others are willing to build these that would be great.
As a community, we need to make sure any contribution, to include this proposed one, meet the architectural guideposts we have in place (and from our conversation yesterday, I think this one does but defer to the security experts for more affirmative reaction). And we, as a community as of yesterday, haven't set this out as something we need as MVP for California release, but would love to see it if you can make it happen.
As I understand it, I think this would be a good addition to what we talked about for AAA with regard to support of the Basic Auth option. I would encourage you to continue to share through the Security WG via Doug, David and Riaz and others your thoughts, progress and any requests to deviate from our resolutions about California that we made yesterday.
From: edgex-tsc-bounces@... <edgex-tsc-bounces@...> on behalf of Drasko DRASKOVIC <drasko@...>
Sent: Tuesday, January 16, 2018 11:53 PM
To: edgex-golang@...; edgex-devel@...; edgex-tsc@...; edgex-tsc-security@...; edgex-tsc-core@...; Dejan Mijic; Janko Isidorovic; darko@...; manuel@...; Nikola Marcetic
Subject: [Edgex-tsc] Auth Service
I started writing a small Auth service that would live behind the
proxy and have 3 goals:
1) To create (register) a user (i.e. create a user account in MongoDB)
2) Login user (i.e. issue JWT token upon correct username + password)
3) Expose /auth API call so that all other API calls to other services
can be first redirected first to this service for Auth check
Basically - whole API of the service is here:
This service would solve gateway protection on production level
(encrypted user credentials are kept in MongoDB, can be also written
in Vault in later versions), and I guess that first version can be
finished in a couple of days.
Would something like this be of interest?
Mainflux Author and Technical Advisor
www.mainflux.com | Industrial IoT Cloud
Engineering Division | Paris, France
EdgeX-TSC mailing list