[GitHub] incubator-trafficcontrol pull request #313: API GW (initial)

Sun, 26 Feb 2017 13:57:55 -0800 

GitHub user amiryesh opened a pull request:

    https://github.com/apache/incubator-trafficcontrol/pull/313

    API GW (initial)

    Initial implementation of API GW,  and authentication service, based on 
https://github.com/rarenivar/project5799
    
    The auth service authenticates a user against `tm_user` table and set 
capabilities accordingly, on the response jwt. Note that capability tables are 
not yet ready in to db, therefor capabilities are set hard coded.  The 
hardcoded capabilities are `[read-ds, write-ds, read-cg]` (ds stands for 
delivery service, cg stands for cache group)
    
    The API GW (webfront) authorize a request according to the required 
capabilities for the API, as configured is `rules.json`. The required 
capabilities per each API will be read from to db when the tables are ready. 

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/amiryesh/incubator-trafficcontrol api-gw

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/incubator-trafficcontrol/pull/313.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #313
    
----
commit c615fa42ff09d285a1995a196ba474dc7bf22a31
Author: Amir Yeshurun <[email protected]>
Date:   2017-02-26T20:51:53Z

    original webfront, auth services taken form 
https://github.com/rarenivar/project5799

commit ccab734f601b1670c3ddb9cf9c00f7bbc6485301
Author: Amir Yeshurun <[email protected]>
Date:   2017-02-26T21:29:40Z

    update auth service to authenticate user against tm_users. add user's 
capabilities to jwt claims. capabilities are currently hard coded because role 
tables are not ready yet. webfront authorize user according to capabilities. 
jwt signing secret is passed to both services on command line

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---

Reply via email to