Git Product home page Git Product logo

simplesecure's Introduction

SimpleSecure

A simple lightweight module for securing a web app following the O'Auth 2.0 protocol (currently only client_credential grant is supported)

NOTE: The current implementation should not be used in production of web applications containing highly sensitive data, but can be very useful for limiting traffic to an API/route

Using the module

Using Swift Package Manager, add git url to Package.swift's dependencies

let package = Package(
                      name: "YourProject",
                      targets: [
                        Target(name: "YourProject", dependencies: [])
                      ],
                      dependencies: [
                        .Package(url: "https://github.com/valdirunars/SimpleSecure", majorVersion: 1, minor: 0)
                      ],
                      exclude: ["Makefile", "Package-Builder"])

You can then use the SimpleSecure module to secure your API

import SimpleSecure

let router: Router = Router()
SimpleOAuth2.sharedInstance.publicPaths = [
  "/",
  "/static/*",
]
SimpleOAuth2.sharedInstance.restrictedPaths = [
    "/adminJSON": $someScope,
    "/userJSON": "$someScope,$someOtherScope
]

SimpleOAuth2.sharedInstance.simplySecure(router: router, with: [
    SimpleCredential(clientId: $someClient, clientSecret: $someSecret, scope: $someScope),
    SimpleCredential(clientId: $someOtherClient, clientSecret: $someOtherSecret, scope: $someOtherScope)
])

Send as simple HTTP POST request to the /oauth2/authorize with the following body

{
  	"grant_type":"client_credentials",
  	"client_id": $someCient,
  	"client_secret": $someSecret,
  	"scope": $someScope
}

You will receive a token response similar to the one below:

{
    "token_type": "Bearer",
    "access_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiIxMjM0IiwiaWF0IjoxNDgzMzEyOTE5LjEwMDQyOSwiZXhwIjoxNDgzMzE0NzE5LjEwMDQ0Miwic2NvcGUiOiJhZG1pbiJ9.a8u-xUr8dui1hj-ri3eoe0qxPm2gVIHz6j8dIGgV2cLA7Y17s3zoGdu3C0R0BlZ_2pvv8cuEq5ULtMPt644WRw",
    "expires_in": "1800.0"
}

simplesecure's People

Contributors

valdirunars avatar

Stargazers

avatar

Watchers

James Cloos avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.