Code Monkey home page Code Monkey logo

gnatsd-jwt's Introduction

gnatsd-jwt

NATS server with a simple JWT auth backend

Try it

Using cfssl generate certs

$ cfssl gencert -initca ca-csr.json | cfssljson -bare ca -
$ cfssl gencert -config config.json -profile signing -ca ca.pem -ca-key ca-key.pem sign-csr.json | cfssljson -bare sign

Start server

go run main.go -D --jwt_publickey testdata/sign.pem

Sign JWT tokens

User Admin

{
    "user": "admin",
    "permissions": {
        "publish": [
            ">"
        ],
        "subscribe": [
            ">"
        ]
    }
}

User Req

{
    "user": "req",
    "permissions": {
        "publish": [
            "req.foo",
            "req.bar"
        ],
        "subscribe": [
            "_INBOX.*.*"
        ]
    }
}

Generate tokens

$ ADMIN_TOKEN=$(cat testdata/admin.json | go run $GOPATH/src/github.com/dgrijalva/jwt-go/cmd/jwt/*.go -key testdata/sign-key.pem -alg ES256 -compact -sign -)
$ echo ${ADMIN_TOKEN}
eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJwZXJtaXNzaW9ucyI6eyJwdWJsaXNoIjpbIlx1MDAzZSJdLCJzdWJzY3JpYmUiOlsiXHUwMDNlIl19LCJ1c2VyIjoiYWRtaW4ifQ.RYBsHJ4OGfvqzA2u9FOkb5oaaiiuLHKSjI4jzDN-kY9cD4yDrl0QHzI-e3E51-w9-2wJRGacdCFnizw95GrM8Q

$ REQ_TOKEN=$(cat testdata/req.json | go run $GOPATH/src/github.com/dgrijalva/jwt-go/cmd/jwt/*.go -key testdata/sign-key.pem -alg ES256 -compact -sign -)
$ echo ${REQ_TOKEN}
eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJwZXJtaXNzaW9ucyI6eyJwdWJsaXNoIjpbInJlcS5mb28iLCJyZXEuYmFyIl0sInN1YnNjcmliZSI6WyJfSU5CT1guKi4qIl19LCJ1c2VyIjoicmVxIn0.7_w9gOtJH2RfaZPFMXeAANLLo_uGcCWwznRnhUFJ55_aAvqmPDeggmHQb1fTAn0gYO1j9RA0PM7oR6tmeD3-cQ

Token for admin

eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJwZXJtaXNzaW9ucyI6eyJwdWJsaXNoIjpbIlx1MDAzZSJdLCJzdWJzY3JpYmUiOlsiXHUwMDNlIl19LCJ1c2VyIjoiYWRtaW4ifQ.RYBsHJ4OGfvqzA2u9FOkb5oaaiiuLHKSjI4jzDN-kY9cD4yDrl0QHzI-e3E51-w9-2wJRGacdCFnizw95GrM8Q

Token for requestor

eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJwZXJtaXNzaW9ucyI6eyJwdWJsaXNoIjpbInJlcS5mb28iLCJyZXEuYmFyIl0sInN1YnNjcmliZSI6WyJfaW5ib3guXHUwMDNlIl19LCJ1c2VyIjoicmVxIn0.xzP29EnE97utwx19OT2Li2vpv3PEuWNgYWLwnFwPPckcnbjhTX2_GjMbMUqdmz8nxz0twkfjsKbAzwLgsLtt7g

# subscribe invliad topic using reqeuestor
$ go run $GOPATH/src/github.com/nats-io/go-nats/examples/nats-rply.go -s nats://${REQ_TOKEN}@127.0.0.1:4222 -t req.foo world
nats: permissions violation for subscription to "req.foo"
exit status 1

# subscribe using admin
$ go run $GOPATH/src/github.com/nats-io/go-nats/examples/nats-rply.go -s nats://${ADMIN_TOKEN}@127.0.0.1:4222 -t req.foo world
Listening on [req.foo]

# in another terminall, publish using requestor
go run $GOPATH/src/github.com/nats-io/go-nats/examples/nats-req.go -s nats://${REQ_TOKEN}@127.0.0.1:4222 req.foo hello
Published [req.foo] : 'hello'
Received [_INBOX.7w2XpYeWwiYRzR3aUri5aj.7w2XpYeWwiYRzR3aUri5fi] : 'world'

gnatsd-jwt's People

Contributors

antmanler avatar

Stargazers

avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

dpgmediamagazines kissthink

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.