MSX Security
https://github.com/CiscoDevNet/go-msx-security
Package CiscoDevNet/go-msx-security
contains a simple object that can be used to validate permissions on incoming requests. The main features are:
- validate an MSX access token
- retrieve an MSX security context
- simple RBAC operations
Install
With a correctly configured Go toolchain:
go get -u github.com/CiscoDevNet/go-msx-security
Private SSO Security Clients
You will need to create a private SSO security client before you use msxsecurity
. First sign in to your MSX environment then either:
- open
Settings->SSO Configurations->Add SSO Clients
and add a new client, or - use the MSX Swagger documentation for
IDM Microservice->Security Clients->POST /idm/api/v2/clientsecurity
.
This example payload is a good starting point, but be sure to change it meet your specific requirements.
{
"clientId": "my-private-client",
"clientSecret": "there-are-no-secrets-that-time-does-not-reveal",
"grantTypes": [
"password",
"urn:cisco:nfv:oauth:grant-type:switch-tenant",
"urn:cisco:nfv:oauth:grant-type:switch-user"
],
"maxTokensPerUser": -1,
"useSessionTimeout": false,
"resourceIds": [],
"scopes": [
"address",
"read",
"phone",
"openid",
"profile",
"write",
"email",
"tenant_hierarchy",
"token_details"
],
"autoApproveScopes": [
"address",
"read",
"phone",
"openid",
"profile",
"write",
"email",
"tenant_hierarchy",
"token_details"
],
"authorities": [
"ROLE_USER"
],
"accessTokenValiditySeconds": 9000,
"refreshTokenValiditySeconds": 18000,
"additionalInformation": {
}
}
Example
Checkout the example directory for a simple working example.
License
MIT licensed. See the LICENSE file for details.