ungleich-public/uotp
6
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
No description
9 commits 1 branch 0 tags 65 KiB
Python 100%
Find a file
meow e4034813a2 Added client.py for cli usage. 
README.md updated to show cli usage.
Account Creation message made more appropriate for consumption.
Bug Fixed in scripts/get-admin.py
2019-11-20 15:53:05 +05:00
scripts Added client.py for cli usage. 2019-11-20 15:53:05 +05:00
tests Fixed misconseption: Same name but different realm represent different people 2019-11-11 22:48:20 +05:00
.env.sample PORT added in .env.sample 2019-11-11 22:51:57 +05:00
.gitignore Added client.py for cli usage. 2019-11-20 15:53:05 +05:00
app.py Added client.py for cli usage. 2019-11-20 15:53:05 +05:00
client.py Added client.py for cli usage. 2019-11-20 15:53:05 +05:00
config.py initial commit 2019-10-07 22:13:42 +05:00
helper.py Fixed misconseption: Same name but different realm represent different people 2019-11-11 22:48:20 +05:00
Pipfile installation instructino added 2019-11-20 14:46:36 +05:00
Pipfile.lock installation instructino added 2019-11-20 14:46:36 +05:00
README.md Added client.py for cli usage. 2019-11-20 15:53:05 +05:00
schemas.py Fixed misconseption: Same name but different realm represent different people 2019-11-11 22:48:20 +05:00

README.md

uotp

uotp is a full blown authentication and authorisation service made for micro services. The basic idea is that every micro service has a (long term) triple constisting of (name, realm, seed) and creates time based tokens. This basically revamps Kerberos in a simple way into the web area. uotp has been created and is maintained by ungleich.

Technologies Used

  • Flask
  • PyOTP
  • Etcd

Installation

Alpine

# Update and Upgrade 
cat > /etc/apk/repositories << EOF
https://mirror.ungleich.ch/mirror/packages/alpine/edge/main
https://mirror.ungleich.ch/mirror/packages/alpine/edge/community
https://mirror.ungleich.ch/mirror/packages/alpine/edge/testing
EOF
apk update
apk upgrade

# Install Dependencies
apk add python3 git etcd etcd-ctl py3-grpcio
pip3 install pipenv

# Start etcd
# etcd don't start using `service etcd start` as its package have some issue
start-stop-daemon -b etcd

# Clone Repo
git clone https://code.ungleich.ch/ungleich-public/uotp.git
cd uotp

pipenv --three --site-packages
pipenv install 
cp .env.sample .env
pipenv run python app.py

Arch

# Install Dependencies
pacman -S python3 git
pamac build etcd
pip3 install pipenv

# Start etcd
systemctl start etcd

# Clone Repo
git clone https://code.ungleich.ch/ungleich-public/uotp.git
cd uotp

pipenv --three
pipenv install 
cp .env.sample .env
pipenv run python app.py

By default, it would run at port 8000.

Usage

Get Admin Credentials

Run the following commands in your uotp directory

pipenv run python scripts/get-admin.py

Create Auth Account (or any account)

Run the following command in your uotp directory:

pipenv run python client create \
    --name auth --realm ungleich-auth \
    --admin-name admin --admin-realm ungleich-admin \
    --admin-seed admin_seed_here

In response, you would get a JSON object containing Message and Credentials of newly created account.

List All Accounts with credentials

pipenv run python client.py list \
    --admin-name admin_name_jere --admin-realm admin_realm_here \
    --admin-seed admin_seed_here

Verify OTP Credentials

pipenv run python client.py verify \
    --name user_name_here --realm user_realm_here \
    --seed user_seed_here --auth-name auth_name_here \
    --auth-realm auth_realm_here --auth-seed auth_seed_here

Delete OTP Account