rancher/rancher-auth-service

Name: rancher-auth-service

Owner: Rancher

Description: A go service that aims to implement identity providers like github/ldap/ad/azuread to support rancher auth framework

Created: 2016-08-02 20:43:58.0

Updated: 2018-04-11 18:01:37.0

Pushed: 2018-04-11 18:06:22.0

Homepage: null

Size: 5696

Language: Go

GitHub Committers

UserMost Recent Commit# Commits

Other Committers

UserEmailMost Recent Commit# Commits

README

rancher-auth-service

A REST Service listening on port 8090 that implements authentication Identity providers to support the Rancher Auth Framework. Initial version comes with github support. It uses the pluggable provider model to implement other providers later.

APIs exposed are:

POST /v1-rancher-auth/config This will save the provided config to the Cattle Database as settings and initialize the auth provider with the given config

GET /v1-rancher-auth/config This will list the auth config from settings table in Cattle Database

POST /v1-rancher-auth/reload This will read the auth config from settings table in Cattle Database and re-initialize the auth provider

POST /v1-rancher-auth/token
This API authenticates with the actual auth provider(like github) and returns a JWT token to be used for further communication with the service

GET /v1-rancher-auth/me/identities This API lists the user details and his/her group memberships, for the user identified by the token set in Authorization header

GET /v1-rancher-auth/identities?name= This API searches for a user/group by name on the backend auth provider

GET /v1-rancher-auth/identities?externalId=&externalIdType= This API searches for a user/group by Id and type(user/group/team) on the backend auth provider

Build the go service

godep go build

Run the go service

Usage of ./rancher-auth-service: -debug

    Debug

-log string

    Log file

-privateKeyFile string

    Path of file containing RSA Private key

-publicKeyFile string

    Path of file containing RSA Public key

The RSA public and private keys are needed to sign the JWT token provided by /token API

Required Environment Variables:

Set the Cattle service account and secret key to the Environment export CATTLE_ACCESS_KEY= export CATTLE_SECRET_KEY=

This work is supported by the National Institutes of Health's National Center for Advancing Translational Sciences, Grant Number U24TR002306. This work is solely the responsibility of the creators and does not necessarily represent the official views of the National Institutes of Health.