Organization
Create users with organizations and add an organization header to upstream requests. The plugin works similarly to basic auth with the exception that it also tracks an organization for users. It will also add the organization of the users to the header of upstream requests.
Limitations 1. This plugin only works as a Basic Authentication not Oauth. 2. This plugin only works with Cassandra DB repo.
Configuration
The plain organization header config:
Here is a simple definition of the available configurations.
Configuration | Description |
name | Name of the plugin to use, in this case: organization_header |
enabled | Is the plugin enabled? |
Usage
You need to create an user that will be used to authenticate. When using the minimum example, the organization config values will use default values. When using the maximum example, the organization config values can be set when creating a user.
To create an user you can execute the following requests:
minimum config example
http -v POST http://localhost:8081/credentials/basic_auth "Authorization:Bearer yourToken" username=lanister password=pay-your-debt organization=motiv
curl -X POST http://localhost:8081/credentials/basic_auth -H 'authorization: Bearer yourToken' -H 'content-type: application/json' -d '{"username": "lanister", "password": "pay-your-debt", "organization": "motiv"}'
maximum config example
http -v POST http://localhost:8081/credentials/basic_auth "Authorization:Bearer yourToken" username=lanister password=pay-your-debt organization=motiv priority=3 contentPerDay=10000
curl -X POST http://localhost:8081/credentials/basic_auth -H 'authorization: Bearer yourToken' -H 'content-type: application/json' -d '{"username": "lanister", "password": "pay-your-debt", "organization": "motiv", "priority": 3, "contentPerDay": 10000}'
FORM PARAMETER | Description |
username | The username to use in the Basic Authentication (string) |
password | The password to use in the Basic Authentication (string) |
organization | The organization of the user (string) |
priority | The priority of the organization. Defaults to 0 (int) |
contentPerDay | The amount of content per day for the organization. Defaults to 0 (int) |
Updating Organization Config
Organization config values can be created separately from a user by making a POST request with the following endpoint.
/credentials/organization_auth/organization
Organization config values can be updated by making a PUT request with the following endpoint.
/credentials/organization_auth/organization/{organization}
Organization Config Values | Description |
organization | The organization of the user (string) |
priority | The priority of the organization. Defaults to 0 (int) |
contentPerDay | The amount of content per day for the organization. Defaults to 0 (int) |
Using the Credential
The authorization header must be base64 encoded. For example, if the credential uses lanister as the username and pay-your-debt as the password, then the field's value is the base64-encoding of lanister:pay-your-debt, or bGFuaXN0ZXI6cGF5LXlvdXItZGVidA==.
Then the Authorization header must appear as:
Authorization: Basic bGFuaXN0ZXI6cGF5LXlvdXItZGVidA== Simply make a request with the header:
http -v http://localhost:8080/example "Authorization:Basic bGFuaXN0ZXI6cGF5LXlvdXItZGVidA=="
curl -v http://localhost:8080/example -H 'Authorization:Basic bGFuaXN0ZXI6cGF5LXlvdXItZGVidA=='
Using the Headers
Once the organization has been paired with a user any request that proxies through Janus will contain the X-Organization header with a value equal to the organization paired with the user. Janus will also contain the X-OrganizationConfig header with a JSON object as a string with the priority and contentPerDay attributes.
X-OrganizationConfig example:
Last updated