Gatekeeper

OAuth 2.0 token server and module for Blueprint.js

• Stand-alone token-based authentication server
• Module support for Blueprint.js integration
• Implements the OAuth 2.0 specification
• Uses JSON Web Tokens (JWTs) to generate tokens
• Stores tokens into MongoDB database

Installation

npm install @onehilltech/gatekeeper --save

Getting Started

Initial setup

First, run the setup script from the project directory:

./bin/gatekeeper-setup

This will register the gatekeeper-cli client, and other clients, with the server. The client registrations will be placed in ./gatekeeper under the project directory.

Defining the configuration

Define the configuration file gatekeeper.config.js to configure the module for your application:

module.exports = {
  token: {
    kind: 'jwt',
    options: {
      issuer: 'name-of-the-application',
      algorithm : 'RS256',
      secret: 'ssshhh'   // can replace with publicKey, privateKey properties
    }
  }
};

Defining Gatekeeper router endpoint

Define a route (or router) to import the Gatekeeper routes into the application:

// app/routers/EndpointRouter.js
const blueprint = require ('@onehilltech/blueprint')
  ;

module.exports = exports = {
  '/gatekeeper': blueprint ('router://@onehilltech/gatekeeper:v1')
};

Protecting routes

The router definition above will expose the Gatekeeper routers at /gatekeeper. Lastly, define the routes you want to protect using the gatekeeper.auth.bearer Blueprint policy. For example, you can protect all routes on a given path:

// EndpointRouters.js

module.exports = {
  '/v1': {
    policy: 'gatekeeper.auth.bearer'
  }
};

The router above will protect all routes under the /v1 path, which includes all routers located in app/routers/v1 directory. The client will need to define the Authorization header and include a generated token.

Next Steps

See the Wiki for more information.