Skip to content

Latest commit

 

History

History
135 lines (83 loc) · 3.32 KB

README.md

File metadata and controls

135 lines (83 loc) · 3.32 KB

ZPI-demo

The authentication and authorization system with access management system, adaptive 2FA and OAuth2.0 implementation.

Clone

git clone --recurse-submodules https://github.com/bachm44/ZPI-demo.git

or

git clone --recurse-submodules [email protected]:bachm44/ZPI-demo.git

Requirements

  • docker deamon running

Run

make

In order to add user, use https://ams.zpi.localtest.me.

Password for newly created account is sent to email address provided during registration.

For convenience sake ./seed.py seeds default user and Client. Password is sent to [email protected]. Mail client configuration is described here.

Available services

Authentication library

The library provides authorize button used in demo application. The button redirects to authentication page with appropriate parameters.

Source code: https://github.com/bachm44/ZPI-authorize-lib

Load balancer & Reverse Proxy

Services are hosted using Nginx with the use of localtest.me domain conveniently pointing to 127.0.0.1. For more information see proxy/nginx.conf. Before usage please validate if domain still points there using this service.

The system uses https protocol with self-signed SSL certificates. The project provides sample certificates inside proxy/certs/out. Those certificates should be imported in the browser of your choice. In order to generate new certificates use make cert command and applying everywhere default values (by clicking Enter) and setting required passphase.

Instead of importing certificates to your browser, you can skip validation by clicking proceed with caution (or equivalent).

Configuration available inside proxy directory.

The demo application (Client) consists of authorize button used for obtaining access token by the user.

Source code:

Access management system (https://ams.zpi.localtest.me)

The access management system (AMS) is responsible for access, role and user management through admin console.

Credentials:

  • username: admin
  • password: admin

Source code:

Authentication and authorization server (https://auth.zpi.localtest.me)

The authentication and authorization server responsible for authentication of user and authorization of Client. Authentication button redirects to this domain with appropriate parameters.

Source code:

Use to access raw analysis data.

Credentials:

Visualisation of analysis data.

Credentials:

  • username: admin
  • password: admin

Configuration available inside grafana directory.

Mail server

Mail client configuration:

  • port: 587
  • domain: localhost
  • authenticationMethod: password
  • connectionSecurity: none

Registered accounts:

Server configuration available inside docker-mailserver and docker-compose.yaml.