festivals-identity-server

command module

v0.7.8 Latest Latest Go to latest Published: Apr 8, 2024 License: LGPL-3.0 Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Festivals-App/festivals-identity-server

Links

Open Source Insights

README ¶

Festivals App Identity Server

A lightweight go server app providing a RESTful API, called FestivalsIdentityAPI. The FestivalsIdentityAPI exposes all authorization and authentication functions needed by the the FestivalsApp components.

Development • Deployment • FestivalsIdentityAPI • Architecture • Engage

Development

Make server run ✅
Make server serves tls ✅
Make other server serve tls ✅
implement jwt to validate requests to other partys (especialy for admin requests) ✅

Requirements

Golang Version 1.21.5+
Visual Studio Code 1.85.2+
- Plugin recommendations are managed via workspace recommendations.
Bash script friendly environment

Deployment

Running the festivals-identity-server is pretty easy because Go binaries are able to run without system dependencies on the target for which they are compiled. The festivals-identity-server expects either a config file at /etc/festivals-server.conf, the environment variables set or the template config file present in the directory it runs from. You also need to setup the database correctly and provide all needed certificates in the right format, see festivals-pki.

#Installing
curl -o install.sh https://raw.githubusercontent.com/Festivals-App/festivals-identity-server/master/operation/install.sh
chmod +x install.sh
sudo ./install.sh <mysql_root_pw> <mysql_backup_pw> <read_write_pw>
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf          // edit bind-address=<private-ip>

#Updating
curl -o update.sh https://raw.githubusercontent.com/Festivals-App/festivals-identity-server/master/operation/update.sh
chmod +x update.sh
sudo ./update.sh

#To see if the server is running use:
sudo systemctl status festivals-identity-server

Build and run using make

make build
make run
# Default API Endpoint : http://localhost:22580

FestivalsIdentityAPI

The FestivalsIdentityAPI is documented in detail here.

Architecture

There are a three diffrent security mechanisms to secure the festivalsapp backend, at first every party needs a valid client certificate from the FestivalsApp Root CA to communicate with other partys via mTLS, for more information see the festivals-pki repository. After secure communication is established, clients need either an API key for the read-only parts of the FestivalsAPI or an JSON Web Token (JWT) for everything else. The JWT is used to implement a role-based access control (RBAC) to decide whether the user is authorized to access the given function.

The general documentation for the Festivals App is in the festivals-documentation repository. The documentation repository contains architecture information, general deployment documentation, templates and other helpful documents.

Engage

I welcome every contribution, whether it is a pull request or a fixed typo. The best place to discuss questions and suggestions regarding the festivals-identity-server is the issues section. More general information and a good starting point if you want to get involved is the festival-documentation repository.

The following channels are available for discussions, feedback, and support requests:

Type	Channel
General Discussion
Other Requests

Licensing

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
jwt
server
config
database
handler
status

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL