Border Patrol is a type-safe, immutable, functional Scala library built on top of Finagle that provides modular components useful for session management and authentication. This library is used at Lookout for single sign on with support for multiple authentication backends.
The original version (as a server) can be found here (nginx+lua): ngx_borderpatrol
Border Patrol uses a multi-project structure and contains the following modules:
core- the core classes/functionsexample- the demo app showing sessions and authentication for multiple servicesauth- different authentication plugins for core authsecurity- different security plugins, e.g. CSRF protectionserver- a server composing these modules that can be configured
Every Border Patrol module is published at Bintray and SNAPSHOT builds are published to JFrog.
- stable release (not officially available yet):
libraryDependencies ++= Seq(
"com.lookout.borderpatrol" %% "[borderpatrol-module]" % "0.1.0"
)SNAPSHOTrelease:
libraryDependencies ++= Seq(
"com.lookout.borderpatrol" %% "[borderpatrol-module]" % "0.1.0-SNAPSHOT" changing()
)To build Border Patrol you should have sbt
installed (prefer v0.13.8+). Run sbt, and then use any of the following commands:
compile: compile the codeproject [project]: to switch projects, e.g. "project example"console: launch a REPLtest: run the testsunidoc: generate the documentationscalastyle: run the style-checker on the codevalidate: run tests, style-checker, and doc generation
secretStore: Secret Store. It can be configured usingtypeasInMemoryStoreorConsulSecretStore."secretStore" : { "type" : "InMemorySecretStore", } "secretStore" : { "type" : "ConsulSecretStore", "hosts" : "localhost:1234" }
sessionStore: Session Store. It can be configured usingtypeasInMemorySecretStoreorMemcachedStore."sessionStore" : { "type" : "InMemoryStore", } "sessionStore" : { "type" : "MemcachedStore", "hosts" : "localhost:123" }
accessManagers: A list of ACCESSManagers. Access endpoints authorize access to protected endpoints.identityManagers: A list of IDENTITYManagers. Identity managers perform authentication and provisioningManager: Ahosts: A list of upstream URLs (Format:[<http[s]>://<host>:[port]]+)path: A path serviced by the upstream manager (i.e. Keymaster IDP endpoint or Keymaster AccesIssuer endpoint)name: A unique name that identifies this Manager
loginManagers: A list of LOGINManagersloginManager: It defines ahosts: A list of upstream URLs (Format:[<http[s]>://<host>:[port]]+)path: A path serviced by the upstream host (i.e. login provider host). It typically services the un-authenticated web servicesname: unique name that identifies this Login ManageridentityManager: Identity manager name used by this Login ManageraccessManager: Access Issuer used by this Login ManagerloginPath: The path at which login form posts the login response
serviceIdentifiers: A list of protected service endpointsserviceIdentifier: A protected service endpoint. The combination of subdomain and path uniqully identifies service.hosts: A list of upstream URLs (Format:[<http[s]>://<host>:[port]]+)name: A unique name that identifies this Service IdentifierloginManager: Login Manager used by this Service Identifierpath: A path serviced by the protected endpointsubdomain: A subdomain of the protected endpoint
$ sbt
> project example
> run
- Scaladoc is available at http://lookout.github.io/borderpatrol/docs
- Markdown documents are available here. The code examples are fully runnable in a Scala REPL verified with tut. Use
sbt tutto compile example code in markdown (docs/src/main/tut) which outputs totarget/scala-N.NN/tut
We would love to make this better, so please help us!
- Submit a PR including an issue label "easy"
- Write ScalaDoc comments
- Write tutorials and examples
- Improve tests
- Help with code review
- Give it a star
- Join us on IRC
#borderpatrolon Freenode
We use the MIT License License