Security News
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security Demands
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
By Sarah Gooding - Sep 20, 2024
extoauth
Sample plugin to integrate Apigee Microgateway with an external OAuth Auth Server
extoauth
extoauth Apigee Edge Microgateway plugin allows Apigee Edge to integrate with external OAuth providers
Support
This is an open-source project of the Apigee Corporation. It is not covered by Apigee support contracts. However, we will support you as best we can. For help, please open an issue in this GitHub project. You are also always welcome to submit a pull request
Install
npm install extoauth
Enable
In the Microgateway configuration file, enable the plugin as follows:
plugins:
sequence:
- extoauth
- oauth
NOTE: The extoauth plugin requires the oauth plugin and must appear in sequence before it.
Configure
The plugin supports the following configuration parameters:
publickey_url: Must point to an endpoint that returns an array of JWK, a PEM file or a list of PEM file (like OAuthv2 version1 Google Cloud)client_id: Specify where in the JWT the Aoigee API Key (aka Client ID) will be found. For example, Azure usesazpexp: Enable or disable checking expiry of the JWT token.keyType: This is set tojwkorpem. Default isjwk.
How does it work?
The microgateway plugin validates the JWT, extracts the client_id claim and passes it to the API Key verification plugin (the OAuth plugin doubles as an API Key verification plugin also).
FAQs
Sample plugin to integrate Apigee Microgateway with an external OAuth Auth Server
The npm package extoauth receives a total of 1 weekly downloads. As such, extoauth popularity was classified as not popular.
We found that extoauth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 04 Nov 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Understanding License Exceptions: What Developers Need to Know
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.
By Sarah Gooding - Sep 20, 2024
Security News
Developer Accuses Tencent of Copyright Violation After Python Utility’s License Changed from GPLv3 to BSD
A developer is accusing Tencent of violating the GPL by modifying a Python utility and changing its license to BSD, highlighting the importance of copyleft compliance.
By Sarah Gooding - Sep 18, 2024