/fiware-idm

Identity Manager - Keyrock

Primary LanguageJavaScriptMIT LicenseMIT

Identity Manager - Keyrock

FIWARE Security License: MIT Documentation Docker badge Support badge Status


Introduction

This project is part of FIWARE. You will find more information about this FIWARE GE here.

  • You will find the source code of this project in GitHub here
  • You will find the documentation of this project in Read the Docs here

Welcome to the main repository for the UPM's implementation of the FIWARE Identity Management Generic Enabler. Thanks to this component and together with PEP Proxy and Authorization PDP GEs, you will add authentication and authorization security to your services and applications.

Software requirements

This GE is based on a javascript environment and SQL databases. In order to run the identity manager the following requirements must be installed:

  • node.js
  • npm
  • mysql-server (^5.7)
  • build-essential

How to Build & Install

  1. Clone Proxy repository:
git clone https://github.com/ging/fiware-idm.git
  1. Install the dependencies:
cd fiware-idm/
npm install
  1. Duplicate config.template in config.js:
cp config.js.template config.js
  1. Configure data base access credentials:
config.database = {
    host: 'localhost',           // default: 'localhost'
    password: 'idm',             // default: 'idm'
    username: 'root',            // default: 'root'
    database: 'idm',             // default: 'idm'
    dialect: 'mysql'             // default: 'mysql'
}
  1. To configure the server to listen HTTPs requests, generate certificates OpenSSL and configure config.js:
./generate_openssl_keys.sh
config.https = {
    enabled: true, 		//default: 'false'
    cert_file: 'certs/idm-2018-cert.pem',
    key_file: 'certs/idm-2018-key.pem',
    port: 443
}
  1. Create database, run migrations and seeders:
npm run-script create_db
npm run-script migrate_db
npm run-script seed_db
  1. Start server with admin rights (server listens in 3000 port by default or in 443 if HTTPs is enabled).
sudo npm start

You can test the Identity manager using the default user:

  • Email: admin@test.com
  • Password: 1234

Docker

We also provide a Docker image to facilitate you the building of this GE.

  • Here you will find the Dockerfile and the documentation explaining how to use it.
  • In Docker Hub you will find the public image.

Changes Introduced in 7.x

They biggest change introduced in 7.x is that the identity manager no longer depends on Openstack components Keystone and Horizon. Now is fully implemented in Node JS. Another remarkable changes have been made:

  1. A driver has been implemented in order to make authentication against another database different from the default one.+
  2. The appearance of the web portal can be easily modified though configurable themes.
  3. Now users don't need to switch session in order to create an application that will belong to an organization.
  4. Permissions of an application can be edited or deleted.

API Overview

Several resources could be managed through the API like users, applications or organizations. Further information could be found in the API section.

Finally, one of the main uses of this Generic Enabler is to allow developers to add identity management (authentication and authorization) to their applications based on FIWARE identity. This is posible thanks to OAuth2 protocol. For more information check the OAuth2 API.

Advanced Documentation


License

MIT © 2018 Universidad Politécnica de Madrid.