beyondauth

command module

v0.0.0-...-8fc68e0 Latest Latest Go to latest Published: Jan 3, 2019 License: GPL-3.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

README ¶

BeyondAuth

BeyondAuth can be used as a forward authenticating agent to make Traefik or nginx (untested) an Identity Aware Proxy. Inspired by the BeyondCorp papers by Google.

implementation

BeyondAuth uses OpenID Connect to authenticate users and sets a domain cookie with a JWT after a successful login to persist logins. As of v0.1 it has been tested to be compatible with Google, Auth0 and Keycloak. Every request made to the reverse proxy sends an additional request to BeyondAuth to verify if it is allowed or not.
BeyondAuth is stateless, so no data store is needed. This does mean however that issued JWTs cannot be revoked, unless you change the secret and ALL JWTs will be revoked. Every incoming requests is classified into groups, a user can be a member of multiple groups and a subdomain can grant access to multiple groups. So if a user is member of a group that is allowed access, the request is allowed.

todo

Write comprehensive readme
Create a better getKey function
document example

example config

see example.toml

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
jwt

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL