You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+18-4Lines changed: 18 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -34,9 +34,11 @@ inside their root directory. This will build the docker images and register them
34
34
The registry requires an initial instance of ElasticSearch to be running.
35
35
36
36
## Authorization
37
-
This application relies on *JSON Web Tokens* (JWTs) using the *HMAC with SHA-256* (HS256) algorithm for authorization purposes. A valid, base64-encoded token must be put into the ```Authorization``` header of every HTTP request that is being issued to the registry. You can find more about JWTs [here](https://jwt.io).
38
-
39
-
To create valid JWTs for this application, the following fields have to be specified:
37
+
This application relies on *JSON Web Tokens* (JWTs) using the *HMAC with SHA-256* (HS256) algorithm for authorization purposes. A valid, base64-encoded token must be put into the ```Authorization``` header of every HTTP request that is being issued to the registry. The HTTP header must look like this:
38
+
```
39
+
Authorization: Bearer <JWT>
40
+
```
41
+
You can find more about JWTs [here](https://jwt.io). To create valid JWTs for this application, the following fields have to be specified:
40
42
41
43
|Attribute | Type | Explanation |
42
44
| :---: | :---: | :--- |
@@ -46,9 +48,21 @@ To create valid JWTs for this application, the following fields have to be speci
46
48
|```user_id```|```String```| Id of the user this token was issued to.|
47
49
|```user_type```|```String```| Type of user that this token was issued to. Valid values are ```Admin``` (full access), ```User``` (read access) and ```Component``` (access to report operations).|
48
50
51
+
Please note that values of type ```Int``` must **not** be surrounded by quotation marks.
52
+
49
53
The secret key that is used for validating the tokens can either be set in the configuration file (see section below), or by setting the envirnment variable ```JWT_SECRET```. The default value is ```changeme``` and **has to be replaced for productive use!**
50
54
51
-
You can create tokens for development purposes using the JWT debugger at [jwt.io](https://jwt.io).
55
+
You can create tokens for development purposes using the JWT debugger at [jwt.io](https://jwt.io). The following token is valid for the default key ```changeme``` until end of march, and belongs to a user called ```DebugUser``` of user type ```Admin```. **Only use it for development purposes!**
Using the above token, a valid call to the registry at ```localhost:8087``` using *curl* looks like this:
62
+
63
+
```
64
+
curl -X POST -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1NDcxMDYzOTksIm5iZiI6MTU0NzEwNjM5OSwiZXhwIjoxNTU0MDE0Nzk5LCJ1c2VyX2lkIjoiRGVidWdVc2VyIiwidXNlcl90eXBlIjoiQWRtaW4ifQ.TeDa8JkFANVEufPaxXv3AXSojcaiKdOlBKeU5cLaHpg" localhost:8087/deploy?ComponentType=WebApi
65
+
```
52
66
53
67
## Adapt the configuration file
54
68
Before you can start the application, you have to make sure your configuration file contains valid data. The file can be found at *src/main/scala/de/upb/cs/swt/delphi/instanceregistry/Configuration.scala*, and most of its attributes are string or integer values. The following table describes the attributes in more detail.
0 commit comments