Organization

Create users with organizations and add an organization header to upstream requests. The plugin works similarly to basic auth with the exception that it also tracks an organization for users. It will also add the organization of the users to the header of upstream requests.

Limitations 1. This plugin only works as a Basic Authentication not Oauth. 2. This plugin only works with Cassandra DB repo.

Configuration

The plain organization header config:

{
  "name": "organization_header",
  "enabled":  true
}

Here is a simple definition of the available configurations.

Configuration	Description
name	Name of the plugin to use, in this case: organization_header
enabled	Is the plugin enabled?

Usage

You need to create an user that will be used to authenticate. When using the minimum example, the organization config values will use default values. When using the maximum example, the organization config values can be set when creating a user.

To create an user you can execute the following requests:

minimum config example

http -v POST http://localhost:8081/credentials/basic_auth "Authorization:Bearer yourToken" username=lanister password=pay-your-debt organization=motiv

curl -X POST http://localhost:8081/credentials/basic_auth -H 'authorization: Bearer yourToken' -H 'content-type: application/json' -d '{"username": "lanister", "password": "pay-your-debt", "organization": "motiv"}'

maximum config example

http -v POST http://localhost:8081/credentials/basic_auth "Authorization:Bearer yourToken" username=lanister password=pay-your-debt organization=motiv priority=3 contentPerDay=10000

curl -X POST http://localhost:8081/credentials/basic_auth -H 'authorization: Bearer yourToken' -H 'content-type: application/json' -d '{"username": "lanister", "password": "pay-your-debt", "organization": "motiv", "priority": 3, "contentPerDay": 10000}'

FORM PARAMETER	Description
username	The username to use in the Basic Authentication (string)
password	The password to use in the Basic Authentication (string)
organization	The organization of the user (string)
priority	The priority of the organization. Defaults to 0 (int)
contentPerDay	The amount of content per day for the organization. Defaults to 0 (int)

Updating Organization Config

Organization config values can be created separately from a user by making a POST request with the following endpoint.

/credentials/organization_auth/organization

Organization config values can be updated by making a PUT request with the following endpoint.

/credentials/organization_auth/organization/{organization}

Organization Config Values	Description
organization	The organization of the user (string)
priority	The priority of the organization. Defaults to 0 (int)
contentPerDay	The amount of content per day for the organization. Defaults to 0 (int)

Using the Credential

The authorization header must be base64 encoded. For example, if the credential uses lanister as the username and pay-your-debt as the password, then the field's value is the base64-encoding of lanister:pay-your-debt, or bGFuaXN0ZXI6cGF5LXlvdXItZGVidA==.

Then the Authorization header must appear as:

Authorization: Basic bGFuaXN0ZXI6cGF5LXlvdXItZGVidA== Simply make a request with the header:

http -v http://localhost:8080/example "Authorization:Basic bGFuaXN0ZXI6cGF5LXlvdXItZGVidA=="

curl -v http://localhost:8080/example -H 'Authorization:Basic bGFuaXN0ZXI6cGF5LXlvdXItZGVidA=='

Using the Headers

Once the organization has been paired with a user any request that proxies through Janus will contain the X-Organization header with a value equal to the organization paired with the user. Janus will also contain the X-OrganizationConfig header with a JSON object as a string with the priority and contentPerDay attributes.

X-OrganizationConfig example:

{
"priority": 3,
"contentPerDay": 10000
}