This is AuthX. It's named AuthX because it's an "exchange" of sorts, consolidating identities from several upstream authorities into a single identity for downstream clients. AuthX uses the OAuth2 framework in both directions, and adds a robust access control system, based on the AuthX scope spec.
Please see CONTRIBUTING.md.
This is a monorepo that contains several useful node packages:
The AuthX package contains the core application and API manages users, credentials, roles, clients, authorities, grants, and tokens.
This package includes an HTTP proxy which can be used by a client in a trusted context (such as a private network) to inject credentials into a request. This eases incremental adoption of AuthX, allowing clients to remain unaware of the authorization layer.
This package includes an HTTP proxy which can be put in front of a resource. It verifies and caches access tokens, manages public keys, and injects verified scopes directly into the proxied request.
This package includes an HTTP proxy which can be put in front of a web client. It takes on the responsibility of managing OAuth flows, and can inject credentials into the proxied requests to resources.
The AuthX Interface is a reference user interface that provides the visual components necessary for a user to authenticate herself and authorize a client to access resources on her behalf.
The small, react-powered app features a pluggable architecture that can be used to support additional authorization strategies.
This package contains a small collection of utility functions for AuthX scopes. These scopes are human-readable, fully OAuth2-compatible, and support both pattern matching and set algebra.
This package contains the email authentication strategy.
This package contains the OpenID authentication strategy.
This package contains the password authentication strategy.
This package contains a CLI and small collection of utility functions for interacting with an AuthX instance.