Simple Single Sign-On, written in Go
Você não pode selecionar mais de 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
maride f71a097ab9 Add LDAP support 4 meses atrás
src Add LDAP support 4 meses atrás
Dockerfile Add Dockerfile 4 meses atrás
README.md Add docker-compose and update README with example requests 4 meses atrás
docker-compose.yml Add docker-compose and update README with example requests 4 meses atrás
traefik.toml Add docker-compose and update README with example requests 4 meses atrás

README.md

multipass

Korben Dallas, Multipass!” -- Leeloo Minai

Purpose

The purpose of multipass is to make SSO possible in a microservices environment. The services don’t need to validate the authenticity of a user; multipass does this.

This is done by chaining multipass and traefik together, with the Forward Authentication feature.

I want to use it and …

… I’m a backend microservice developer

It’s simple. multipass adds two header values to the request of the browser:

  • X-Multipass-User, which contains the username if the request is authenticated or "" (empty string) if it’s not authenticated
  • X-Multipass-Authenticated, which contains either AUTHENTICATED or UNAUTHENTICATED.

Go ahead and use these values in your application. They can’t be injected by the browser, multipass ensures that :)

Example: An unauthenticated request, as seen from the backend service (with hostname whoami). Please note that the other X- headers were added by traefik.

HEAD / HTTP/1.1
Host: whoami
User-Agent: curl/7.58.0
Accept: */*
X-Forwarded-For: 172.19.0.1
X-Forwarded-Host: whoami
X-Forwarded-Port: 80
X-Forwarded-Proto: http
X-Forwarded-Server: 62295596b214
X-Multipass-Authenticated: UNAUTHENTICATED
X-Multipass-User: 
X-Real-Ip: 172.19.0.1

Example: An authenticated request (by user maride), as seen from the backend service.

HEAD / HTTP/1.1
Host: whoami
User-Agent: curl/7.58.0
Accept: */*
Cookie: multipass-token=VVVXYZ123
X-Forwarded-For: 172.19.0.1
X-Forwarded-Host: whoami
X-Forwarded-Port: 80
X-Forwarded-Proto: http
X-Forwarded-Server: 62295596b214
X-Multipass-Authenticated: AUTHENTICATED
X-Multipass-User: maride
X-Real-Ip: 172.19.0.1