AuthWeiler
A HTTP reverse proxy server for Delegated AuthN/AuthZ.
Supported Specs
Auth2.0
OpenId Connect
CLI Commands
Configration
Configuring the reverse proxy server is very simple. You can do that in the main config file in dedicated blocks or split that into separate files by blocks.
aw.config.yaml
All config
core.config.yaml
Proxy server config
resources.config.yaml
A mapping to resource server resources
scopes.config.yaml
Scopes map somewhat to resources letting you define generic scopes that apply to all resources or resource specific scopes that apply to specific resources. A scope defines the access rights supported by a resource. For example. Say Account is a resource, a scope to Account.Read means that a user with that scope is allowed to call HTTP Get on the Account resource. Likewise scope Account.Write means that a user with that scope is allowed to call all HTTP methods that is capable of mutating the Account resource .i.e. POST, DELETE, PUT and PATCH. There can be other fine grained scopes such as Account.Get, Account.Post, Account.Delete etc
profiles.config.yaml
Extended profile config
store.config.yaml
Required to persist information such a tokens, sessions and state. Comes bundle with redis-adapter
Store
By default AW uses an embedded database to manage tokens, sessions and codes. but when run in a distributed mode, it is highly recommended to use a shared storage such as redis through the redis adapter