Name: rancher-auth-service
Owner: Rancher
Description: A go service that aims to implement identity providers like github/ldap/ad/azuread to support rancher auth framework
Created: 2016-08-02 20:43:58.0
Updated: 2018-04-11 18:01:37.0
Pushed: 2018-04-11 18:06:22.0
Homepage: null
Size: 5696
Language: Go
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
A REST Service listening on port 8090 that implements authentication Identity providers to support the Rancher Auth Framework. Initial version comes with github support. It uses the pluggable provider model to implement other providers later.
APIs exposed are:
POST /v1-rancher-auth/config This will save the provided config to the Cattle Database as settings and initialize the auth provider with the given config
GET /v1-rancher-auth/config This will list the auth config from settings table in Cattle Database
POST /v1-rancher-auth/reload This will read the auth config from settings table in Cattle Database and re-initialize the auth provider
POST /v1-rancher-auth/token
This API authenticates with the actual auth provider(like github) and returns a JWT token to be used for further communication with the service
GET /v1-rancher-auth/me/identities This API lists the user details and his/her group memberships, for the user identified by the token set in Authorization header
GET /v1-rancher-auth/identities?name= This API searches for a user/group by name on the backend auth provider
GET /v1-rancher-auth/identities?externalId=&externalIdType= This API searches for a user/group by Id and type(user/group/team) on the backend auth provider
godep go build
Usage of ./rancher-auth-service: -debug
Debug
-log string
Log file
-privateKeyFile string
Path of file containing RSA Private key
-publicKeyFile string
Path of file containing RSA Public key
The RSA public and private keys are needed to sign the JWT token provided by /token API
Set the Cattle service account and secret key to the Environment
export CATTLE_ACCESS_KEY=