Categorygithub.com/m-lab/access
repository
0.0.12
Repository: https://github.com/m-lab/access.git
Documentation: pkg.go.dev
Overview
Dependencies
0
Dependents
0

# Packages

No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author

# README

Access Control

godoc go report card

Libraries and services for access control on the M-Lab platform.

Create JSON Web Keys

The m-lab/access package support JWK keys generated by jwk-keygen.

Create a signing key pair:

go get gopkg.in/square/go-jose.v2/jwk-keygen
~/bin/jwk-keygen --use=sig --alg=EdDSA --kid=1

Access Envelope Service

For new services, we want to balance access to the platform with protecting platform integrity and measurement quality.

Until a service supports access control natively, the "access envelope" service accepts access tokens, validates them, and upon acceptance, adds an iptables rule granting the client IP time to run a measurement before removing the rule again after a timeout.