MSX Security

https://github.com/CiscoDevNet/go-msx-security

Package CiscoDevNet/go-msx-security contains a simple object that can be used to validate permissions on incoming requests. The main features are:

• validate an MSX access token
• retrieve an MSX security context
• simple RBAC operations

• Install
• Usage
• Private SSO Security Clients
• Example
• License

Install

With a correctly configured Go toolchain:

go get -u github.com/CiscoDevNet/go-msx-security

Private SSO Security Clients

You will need to create a private SSO security client before you use msxsecurity. First sign in to your MSX environment then either:

• open Settings->SSO Configurations->Add SSO Clients and add a new client, or
• use the MSX Swagger documentation for IDM Microservice->Security Clients->POST /idm/api/v2/clientsecurity.

This example payload is a good starting point, but be sure to change it meet your specific requirements.

{
    "clientId": "my-private-client",
    "clientSecret": "there-are-no-secrets-that-time-does-not-reveal",
    "grantTypes": [
        "password", 
        "urn:cisco:nfv:oauth:grant-type:switch-tenant", 
        "urn:cisco:nfv:oauth:grant-type:switch-user"
    ],
    "maxTokensPerUser": -1,
    "useSessionTimeout": false,
    "resourceIds": [],
    "scopes": [
        "address",
        "read",
        "phone",
        "openid",
        "profile",
        "write",
        "email",
        "tenant_hierarchy", 
        "token_details"
    ],
    "autoApproveScopes": [
        "address",
        "read",
        "phone",
        "openid",
        "profile",
        "write",
        "email",
        "tenant_hierarchy", 
        "token_details"
    ],
    "authorities": [
        "ROLE_USER"
    ],
    "accessTokenValiditySeconds": 9000,
    "refreshTokenValiditySeconds": 18000,
    "additionalInformation": {
    }
}

Example

Checkout the example directory for a simple working example.

License

MIT licensed. See the LICENSE file for details.