Skip to content
/ accounts Public

Example Go service that uses OPA for API authorization

License

Apache-2.0 license
2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ronenl1/accounts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

45 Commits
cmd
cmd
 
 
config/opa
config/opa
 
 
pkg/authorizer
pkg/authorizer
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

accounts

This repository includes a go service called accounts that using embedded OPA for policy decisions.

Download & Run

  • Clone the repo sources and run the service using Go CLI:
git clone https://github.com/ronenl1/accounts.git

Run the following command from the root of the repo:

go run ./cmd/main.go

When the service is ready to accept requests you will see: "OPA engine is up!"

The service uses data.json as the source of truth, if you want to add more accounts just edit this file and restart the service.

The service will listen on port :7777 in /accounts/{id}. You will get response only from account IDs that specified in data.json.

The policies will allow users to access their own account ID or any user with costumer-service role only to the accounts in his region.

Example for authorized request:

curl -H username:alice -H region:EU -H roles:customer-service http://localhost:7777/accounts/2

Example for unauthorized request:

curl -H username:bob -H region:US http://localhost:7777/accounts/3

About

Example Go service that uses OPA for API authorization

Resources

Readme

License

Apache-2.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

1 tags

Contributors 2

  •  
  •  

Languages