Skip to content

Quorum Security Plugin to provide TLS configuration and enable OAuth2-compliant resource server for JSON RPC

License

Notifications You must be signed in to change notification settings

Consensys/quorum-security-plugin-enterprise

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Quorum Enterprise Security Plugin

This is to provide a backend support for geth JSON RPC servers by implementing services from security plugin interface:

  • TLSConfigurationSource to provide TLS configuration for HTTP and WS RPC servers
  • AuthenticationManager to enable RPC servers being OAuth2-compliant resource servers that support both JSON Web Token (JWT) and opaque access token format

Prerequisites

  • Go 1.13.x

Quick Start

$ make
$ PLUGIN_DEST_PATH=<path to store plugin distribution zip file> make dist-local

Configuration

Refer to the official documentation here for more details

Token Validation

Access token is validated by one of the following methods when configured:

  • JSON Web Signature: The JSON Web Key Set (JWKS) is a set of keys which contains the public keys used to verify the JSON Web Token (JWT) issued by the authorization server. JWKS is retrieved via a preconfigured endpoint.
  • OAuth2 Token Introspection: support HTTP Basic Authentication and Form Authentication to access the protected introspection endpoint. Other authentication methods may be supported in the future.

About

Quorum Security Plugin to provide TLS configuration and enable OAuth2-compliant resource server for JSON RPC

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published