diff --git a/README.md b/README.md index 3db44ce..0d259a0 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,8 @@ If you are new to Dapr, you may want to review following resources first: | [Hello TypeScript](./hello-typescript) | This sample is a version of the [hello-world](https://github.com/dapr/quickstarts/tree/master/hello-world) quickstart sample showing how to use Dapr in a TypeScript project. | | [Docker compose sample](./hello-docker-compose) | Demonstrates how to get Dapr running locally with Docker Compose | | [Dapr, Azure Functions, and KEDA](./functions-and-keda) | Shows Dapr being used with Azure Functions and KEDA to create a polygot Functions-as-a-Service application which leverages Dapr pub/sub | -| [OAuth Authorization to external service](./middleware-clientcredentials) | Demonstrates how to inject a service principal OAuth Bearer Token within a Dapr service-to-service invocation to call secured APIs | +| [Middleware OAuth to Google APIs - Interactive](./middleware-oauth-google) | Demonstrates use of Dapr middleware to enable OAuth 2.0 authorization and inject client secrets for Google APIs. | +| [Middleware OAuth to Microsoft and AAD APIs - Non Interactive](./middleware-oauth-microsoftazure) | Demonstrates use of Dapr middleware to enable OAuth 2.0 authorization and inject client secrets for Microsoft and Azure Active Directory apps. | | [Read Kubernetes Events](./read-kubernetes-events) | Shows Dapr being used with the Kubernetes Input binding to watch for events in Kubernetes cluster | | [Batch File Processing](./batch-file-processing) | This sample demonstrates an end-to-end sample for processing a batch of related text files using microservices and Dapr. Through this sample you will learn about Dapr's state management, bindings, Pub/Sub, and end-to-end tracing. | | [Dapr integration in Azure APIM](./dapr-apim-integration) | Dapr configuration in Azure API Management service using self-hosted gateway on Kubernetes. Illustrates exposing Dapr API for service method invocation, publishing content to a Pub/Sub topic, and binding invocation with request content transformation. | @@ -30,6 +31,7 @@ If you are new to Dapr, you may want to review following resources first: | [Pub-sub routing](./pub-sub-routing) | Demonstrates how to use Dapr to enable pub-sub applications with message routing. | | [Distributed Calculator with Knative Serving](./knative-distributed-calculator) | Demonstrates how to use Dapr and Knative Serving using distributed calculator from quickstarts. | + ## External samples | Sample | Details | diff --git a/middleware-clientcredentials/msgraphapp/package-lock.json b/middleware-clientcredentials/msgraphapp/package-lock.json deleted file mode 100644 index d56d58e..0000000 --- a/middleware-clientcredentials/msgraphapp/package-lock.json +++ /dev/null @@ -1,514 +0,0 @@ -{ - "name": "graphapp", - "version": "1.0.0", - "lockfileVersion": 1, - "requires": true, - "dependencies": { - "accepts": { - "version": "1.3.7", - "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.7.tgz", - "integrity": "sha512-Il80Qs2WjYlJIBNzNkK6KYqlVMTbZLXgHx2oT0pU/fjRHyEp+PEfEPY0R3WCwAGVOtauxh1hOxNgIf5bv7dQpA==", - "requires": { - "mime-types": "~2.1.24", - "negotiator": "0.6.2" - } - }, - "array-flatten": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", - "integrity": "sha1-ml9pkFGx5wczKPKgCJaLZOopVdI=" - }, - "body-parser": { - "version": "1.19.0", - "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.19.0.tgz", - "integrity": "sha512-dhEPs72UPbDnAQJ9ZKMNTP6ptJaionhP5cBb541nXPlW60Jepo9RV/a4fX4XWW9CuFNK22krhrj1+rgzifNCsw==", - "requires": { - "bytes": "3.1.0", - "content-type": "~1.0.4", - "debug": "2.6.9", - "depd": "~1.1.2", - "http-errors": "1.7.2", - "iconv-lite": "0.4.24", - "on-finished": "~2.3.0", - "qs": "6.7.0", - "raw-body": "2.4.0", - "type-is": "~1.6.17" - }, - "dependencies": { - "debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", - "requires": { - "ms": "2.0.0" - } - }, - "ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" - } - } - }, - "bytes": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.0.tgz", - "integrity": "sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg==" - }, - "content-disposition": { - "version": "0.5.3", - "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.3.tgz", - "integrity": "sha512-ExO0774ikEObIAEV9kDo50o+79VCUdEB6n6lzKgGwupcVeRlhrj3qGAfwq8G6uBJjkqLrhT0qEYFcWng8z1z0g==", - "requires": { - "safe-buffer": "5.1.2" - } - }, - "content-type": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.4.tgz", - "integrity": "sha512-hIP3EEPs8tB9AT1L+NUqtwOAps4mk2Zob89MWXMHjHWg9milF/j4osnnQLXBCBFBk/tvIG/tUc9mOUJiPBhPXA==" - }, - "cookie": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.0.tgz", - "integrity": "sha512-+Hp8fLp57wnUSt0tY0tHEXh4voZRDnoIrZPqlo3DPiI4y9lwg/jqx+1Om94/W6ZaPDOUbnjOt/99w66zk+l1Xg==" - }, - "cookie-signature": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz", - "integrity": "sha1-4wOogrNCzD7oylE6eZmXNNqzriw=" - }, - "debug": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.2.0.tgz", - "integrity": "sha1-+HBX6ZWxofauaklgZkE3vFbwOdo=", - "requires": { - "ms": "0.7.1" - } - }, - "depd": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", - "integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=" - }, - "destroy": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.0.4.tgz", - "integrity": "sha1-l4hXRCxEdJ5CBmE+N5RiBYJqvYA=" - }, - "ee-first": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", - "integrity": "sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=" - }, - "encodeurl": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", - "integrity": "sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k=" - }, - "encoding": { - "version": "0.1.13", - "resolved": "https://registry.npmjs.org/encoding/-/encoding-0.1.13.tgz", - "integrity": "sha512-ETBauow1T35Y/WZMkio9jiM0Z5xjHHmJ4XmjZOq1l/dXz3lr2sRn87nJy20RupqSh1F2m3HHPSp8ShIPQJrJ3A==", - "requires": { - "iconv-lite": "^0.6.2" - }, - "dependencies": { - "iconv-lite": { - "version": "0.6.2", - "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.6.2.tgz", - "integrity": "sha512-2y91h5OpQlolefMPmUlivelittSWy0rP+oYVpn6A7GwVHNE8AWzoYOBNmlwks3LobaJxgHCYZAnyNo2GgpNRNQ==", - "requires": { - "safer-buffer": ">= 2.1.2 < 3.0.0" - } - } - } - }, - "escape-html": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz", - "integrity": "sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg=" - }, - "etag": { - "version": "1.8.1", - "resolved": "https://registry.npmjs.org/etag/-/etag-1.8.1.tgz", - "integrity": "sha1-Qa4u62XvpiJorr/qg6x9eSmbCIc=" - }, - "express": { - "version": "4.17.1", - "resolved": "https://registry.npmjs.org/express/-/express-4.17.1.tgz", - "integrity": "sha512-mHJ9O79RqluphRrcw2X/GTh3k9tVv8YcoyY4Kkh4WDMUYKRZUq0h1o0w2rrrxBqM7VoeUVqgb27xlEMXTnYt4g==", - "requires": { - "accepts": "~1.3.7", - "array-flatten": "1.1.1", - "body-parser": "1.19.0", - "content-disposition": "0.5.3", - "content-type": "~1.0.4", - "cookie": "0.4.0", - "cookie-signature": "1.0.6", - "debug": "2.6.9", - "depd": "~1.1.2", - "encodeurl": "~1.0.2", - "escape-html": "~1.0.3", - "etag": "~1.8.1", - "finalhandler": "~1.1.2", - "fresh": "0.5.2", - "merge-descriptors": "1.0.1", - "methods": "~1.1.2", - "on-finished": "~2.3.0", - "parseurl": "~1.3.3", - "path-to-regexp": "0.1.7", - "proxy-addr": "~2.0.5", - "qs": "6.7.0", - "range-parser": "~1.2.1", - "safe-buffer": "5.1.2", - "send": "0.17.1", - "serve-static": "1.14.1", - "setprototypeof": "1.1.1", - "statuses": "~1.5.0", - "type-is": "~1.6.18", - "utils-merge": "1.0.1", - "vary": "~1.1.2" - }, - "dependencies": { - "debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", - "requires": { - "ms": "2.0.0" - } - }, - "ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" - } - } - }, - "finalhandler": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.1.2.tgz", - "integrity": "sha512-aAWcW57uxVNrQZqFXjITpW3sIUQmHGG3qSb9mUah9MgMC4NeWhNOlNjXEYq3HjRAvL6arUviZGGJsBg6z0zsWA==", - "requires": { - "debug": "2.6.9", - "encodeurl": "~1.0.2", - "escape-html": "~1.0.3", - "on-finished": "~2.3.0", - "parseurl": "~1.3.3", - "statuses": "~1.5.0", - "unpipe": "~1.0.0" - }, - "dependencies": { - "debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", - "requires": { - "ms": "2.0.0" - } - }, - "ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" - } - } - }, - "follow-redirects": { - "version": "1.13.0", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.13.0.tgz", - "integrity": "sha512-aq6gF1BEKje4a9i9+5jimNFIpq4Q1WiwBToeRK5NvZBd/TRsmW8BsJfOEGkr76TbOyPVD3OVDN910EcUNtRYEA==" - }, - "forwarded": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.1.2.tgz", - "integrity": "sha1-mMI9qxF1ZXuMBXPozszZGw/xjIQ=" - }, - "fresh": { - "version": "0.5.2", - "resolved": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz", - "integrity": "sha1-PYyt2Q2XZWn6g1qx+OSyOhBWBac=" - }, - "http-errors": { - "version": "1.7.2", - "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.7.2.tgz", - "integrity": "sha512-uUQBt3H/cSIVfch6i1EuPNy/YsRSOUBXTVfZ+yR7Zjez3qjBz6i9+i4zjNaoqcoFVI4lQJ5plg63TvGfRSDCRg==", - "requires": { - "depd": "~1.1.2", - "inherits": "2.0.3", - "setprototypeof": "1.1.1", - "statuses": ">= 1.5.0 < 2", - "toidentifier": "1.0.0" - } - }, - "iconv-lite": { - "version": "0.4.24", - "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", - "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==", - "requires": { - "safer-buffer": ">= 2.1.2 < 3" - } - }, - "inherits": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz", - "integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=" - }, - "ipaddr.js": { - "version": "1.9.1", - "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz", - "integrity": "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==" - }, - "is-stream": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", - "integrity": "sha1-EtSj3U5o4Lec6428hBc66A2RykQ=" - }, - "isomorphic-fetch": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/isomorphic-fetch/-/isomorphic-fetch-2.2.1.tgz", - "integrity": "sha1-YRrhrPFPXoH3KVB0coGf6XM1WKk=", - "requires": { - "node-fetch": "^1.0.1", - "whatwg-fetch": ">=0.10.0" - } - }, - "media-typer": { - "version": "0.3.0", - "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz", - "integrity": "sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=" - }, - "merge-descriptors": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.1.tgz", - "integrity": "sha1-sAqqVW3YtEVoFQ7J0blT8/kMu2E=" - }, - "methods": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz", - "integrity": "sha1-VSmk1nZUE07cxSZmVoNbD4Ua/O4=" - }, - "mime": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/mime/-/mime-1.6.0.tgz", - "integrity": "sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg==" - }, - "mime-db": { - "version": "1.44.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz", - "integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==" - }, - "mime-types": { - "version": "2.1.27", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.27.tgz", - "integrity": "sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==", - "requires": { - "mime-db": "1.44.0" - } - }, - "ms": { - "version": "0.7.1", - "resolved": "https://registry.npmjs.org/ms/-/ms-0.7.1.tgz", - "integrity": "sha1-nNE8A62/8ltl7/3nzoZO6VIBcJg=" - }, - "negotiator": { - "version": "0.6.2", - "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.2.tgz", - "integrity": "sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw==" - }, - "node-fetch": { - "version": "1.7.3", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-1.7.3.tgz", - "integrity": "sha512-NhZ4CsKx7cYm2vSrBAr2PvFOe6sWDf0UYLRqA6svUYg7+/TSfVAu49jYC4BvQ4Sms9SZgdqGBgroqfDhJdTyKQ==", - "requires": { - "encoding": "^0.1.11", - "is-stream": "^1.0.1" - } - }, - "node-rest-client": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/node-rest-client/-/node-rest-client-3.1.0.tgz", - "integrity": "sha1-4L623aeyDMC2enhHzxLF/EGcN8M=", - "requires": { - "debug": "~2.2.0", - "follow-redirects": ">=1.2.0", - "xml2js": ">=0.2.4" - } - }, - "on-finished": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.3.0.tgz", - "integrity": "sha1-IPEzZIGwg811M3mSoWlxqi2QaUc=", - "requires": { - "ee-first": "1.1.1" - } - }, - "parseurl": { - "version": "1.3.3", - "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz", - "integrity": "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ==" - }, - "path-to-regexp": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", - "integrity": "sha1-32BBeABfUi8V60SQ5yR6G/qmf4w=" - }, - "proxy-addr": { - "version": "2.0.6", - "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.6.tgz", - "integrity": "sha512-dh/frvCBVmSsDYzw6n926jv974gddhkFPfiN8hPOi30Wax25QZyZEGveluCgliBnqmuM+UJmBErbAUFIoDbjOw==", - "requires": { - "forwarded": "~0.1.2", - "ipaddr.js": "1.9.1" - } - }, - "qs": { - "version": "6.7.0", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.7.0.tgz", - "integrity": "sha512-VCdBRNFTX1fyE7Nb6FYoURo/SPe62QCaAyzJvUjwRaIsc+NePBEniHlvxFmmX56+HZphIGtV0XeCirBtpDrTyQ==" - }, - "range-parser": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", - "integrity": "sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg==" - }, - "raw-body": { - "version": "2.4.0", - "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.4.0.tgz", - "integrity": "sha512-4Oz8DUIwdvoa5qMJelxipzi/iJIi40O5cGV1wNYp5hvZP8ZN0T+jiNkL0QepXs+EsQ9XJ8ipEDoiH70ySUJP3Q==", - "requires": { - "bytes": "3.1.0", - "http-errors": "1.7.2", - "iconv-lite": "0.4.24", - "unpipe": "1.0.0" - } - }, - "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" - }, - "safer-buffer": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", - "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" - }, - "sax": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz", - "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" - }, - "send": { - "version": "0.17.1", - "resolved": "https://registry.npmjs.org/send/-/send-0.17.1.tgz", - "integrity": "sha512-BsVKsiGcQMFwT8UxypobUKyv7irCNRHk1T0G680vk88yf6LBByGcZJOTJCrTP2xVN6yI+XjPJcNuE3V4fT9sAg==", - "requires": { - "debug": "2.6.9", - "depd": "~1.1.2", - "destroy": "~1.0.4", - "encodeurl": "~1.0.2", - "escape-html": "~1.0.3", - "etag": "~1.8.1", - "fresh": "0.5.2", - "http-errors": "~1.7.2", - "mime": "1.6.0", - "ms": "2.1.1", - "on-finished": "~2.3.0", - "range-parser": "~1.2.1", - "statuses": "~1.5.0" - }, - "dependencies": { - "debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", - "requires": { - "ms": "2.0.0" - }, - "dependencies": { - "ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" - } - } - }, - "ms": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz", - "integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg==" - } - } - }, - "serve-static": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-1.14.1.tgz", - "integrity": "sha512-JMrvUwE54emCYWlTI+hGrGv5I8dEwmco/00EvkzIIsR7MqrHonbD9pO2MOfFnpFntl7ecpZs+3mW+XbQZu9QCg==", - "requires": { - "encodeurl": "~1.0.2", - "escape-html": "~1.0.3", - "parseurl": "~1.3.3", - "send": "0.17.1" - } - }, - "setprototypeof": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.1.1.tgz", - "integrity": "sha512-JvdAWfbXeIGaZ9cILp38HntZSFSo3mWg6xGcJJsd+d4aRMOqauag1C63dJfDw7OaMYwEbHMOxEZ1lqVRYP2OAw==" - }, - "statuses": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/statuses/-/statuses-1.5.0.tgz", - "integrity": "sha1-Fhx9rBd2Wf2YEfQ3cfqZOBR4Yow=" - }, - "toidentifier": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.0.tgz", - "integrity": "sha512-yaOH/Pk/VEhBWWTlhI+qXxDFXlejDGcQipMlyxda9nthulaxLZUNcUqFxokp0vcYnvteJln5FNQDRrxj3YcbVw==" - }, - "type-is": { - "version": "1.6.18", - "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", - "integrity": "sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==", - "requires": { - "media-typer": "0.3.0", - "mime-types": "~2.1.24" - } - }, - "unpipe": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz", - "integrity": "sha1-sr9O6FFKrmFltIF4KdIbLvSZBOw=" - }, - "utils-merge": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz", - "integrity": "sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM=" - }, - "vary": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz", - "integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw=" - }, - "whatwg-fetch": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/whatwg-fetch/-/whatwg-fetch-3.4.0.tgz", - "integrity": "sha512-rsum2ulz2iuZH08mJkT0Yi6JnKhwdw4oeyMjokgxd+mmqYSd9cPpOQf01TIWgjxG/U4+QR+AwKq6lSbXVxkyoQ==" - }, - "xml2js": { - "version": "0.4.23", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.4.23.tgz", - "integrity": "sha512-ySPiMjM0+pLDftHgXY4By0uswI3SPKLDw/i3UXbnO8M/p28zqexCUoPmQFrYD+/1BzhGJSs2i1ERWKJAtiLrug==", - "requires": { - "sax": ">=0.6.0", - "xmlbuilder": "~11.0.0" - } - }, - "xmlbuilder": { - "version": "11.0.1", - "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz", - "integrity": "sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA==" - } - } -} diff --git a/middleware-oauth-google/README.md b/middleware-oauth-google/README.md new file mode 100644 index 0000000..8f82f55 --- /dev/null +++ b/middleware-oauth-google/README.md @@ -0,0 +1,149 @@ +# Dapr Middleware (Interactive OAuth Authorization) + +## Sample info +| Attribute | Details | +|--------|--------| +| Dapr runtime version | 1.5.0 | +| Language | Javascript | +| Environment | Kubernetes | + +## Overview +This tutorial shows a real use case of the Dapr [middleware](https://docs.dapr.io/concepts/middleware-concept/) building block. It walks you through the steps of setting up the OAuth middleware to enable OAuth authorization on a Web API without modifying the application. This design separates authentication/authorization concerns from the application, so that application operators can adopt and configure authentication/authorization providers without impacting the application code. + +![Architecture Diagram](./img/Architecture_Diagram.png) + +> **NOTE**: This sample uses Google Account as an example. + +## Prerequisites + +- [Dapr enabled Kubernetes cluster](https://docs.dapr.io/operations/hosting/kubernetes/kubernetes-deploy/) +- [Node.js version 8 or greater](https://nodejs.org/en/) +- [Docker](https://docs.docker.com/) +- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) +- [Helm](https://github.com/helm/helm) +- A working [Google Account](https://accounts.google.com) + +This sample uses Nginx as the ingress controller. You can use the following Helm chart to add Nginx to your cluster: + +```bash +helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx +helm install my-release ingress-nginx/ingress-nginx +``` + +## Step 1 - Clone the sample repository + +1. Clone the samples repo, then navigate to the middleware sample: + +```bash +git clone [-b ] https://github.com/dapr/samples.git +cd samples/middleware-oauth-google +``` + +1. Examine the ```echoapp/app.js``` file. You'll see this is a simple Node.js Express web server with a single ```/echo``` route that returns the ```authorization``` header and the ```text``` parameter client passes in: + +```javascript +app.get('/echo', (req, res) => { + var text = req.query.text; + console.log("Echoing: " + text); + res.send("Access token: " + req.headers["authorization"] + " Text: " + text) +}); + +``` + +## Step 2 - Register your application with the authorization server + +In order for Dapr to acquire access token on your application's behalf, your application needs to be registered with the authorization server of your choice. + +For example, to register with Google APIs, you should visit [Google APIs Console](https://console.developers.google.com) to register your application: + +1. Log in to [Google APIs Console](https://console.developers.google.com) using your Google account. +2. If you don't have a project yet, you need to create a project first. +3. On Google API Console, click on the **Credentials** link to the left. Then, click on the **CREATE CREDENTIAL** link at the top. And finally, click on the **OAuth client ID** option: + ![API console](img/google-console.png) +4. Select the **Web application** type. Give a name to your account, and click on the **Create** button to create the client ID. +5. Once the client ID is created, note down the **Client ID** and **Client Secret** - you'll need to enter these into the middleware configuration later. +6. Edit the client ID settings and make sure is added as one of the authorized redirect URIs: + ![Dummy.com](img/google-dummy.png) + +> **NOTE:** For this exercise, you'll set the ```Redirect URL``` to ```http://dummy.com```. This requires you to add a hostname entry to the computer on which you'll test out the scenario. In a production environment, you need to set the ```Redirect URL``` to the proper DNS name associated with your load balancer or ingress controller. + +## Step 3 - Define custom pipeline + +To define a custom pipeline with the OAuth middleware, you need to create a middleware component definition as well as a configuration that defines the custom pipeline. + +1. Edit ```deploy\oauth2.yaml``` file to enter your ```client ID``` and ```client Secret```. You can leave everything else unchanged. +2. Change the directory to root and apply the manifests - ```oauth2.yaml``` defines the OAuth middleware and ```pipeline.yaml``` defines the custom pipeline: + +```bash +cd .. +kubectl apply -f deploy/oauth2.yaml +kubectl apply -f deploy/pipeline.yaml +``` + +## Step 4 - Deploy the application + +Next, you'll deploy the application and define an ingress rule that routes to the ```-dapr``` service that gets automatically created when you deploy your pod. In this case, all traffic is routed to the Dapr sidecar, which can reinforce various policies through middleware. + +>**Note:** 'dapr.io/sidecar-listen-addresses' annotation is added to echoapp deployment to allow external connections. Be cautious of using it in a production environment. To read more on this annotation see [Dapr arguments and annotations for daprd, CLI, and Kubernetes](https://docs.dapr.io/reference/arguments-annotations-overview/) + +1. Deploy the application and the ingress rule: + +```bash +kubectl apply -f deploy/echoapp.yaml +kubectl apply -f deploy/ingress.yaml +``` + +>**Note:** minikube users have to enable ingress as it's not supported by default. + +```bash +minikube addons enable ingress +``` + +## Step 5 - Test + +1. Add a hostname entry to your local hosts file(`/etc/hosts` in linux and `c:\windows\system32\drivers\etc\hosts` in windows) to allow the ```dummy.com``` to be resolved to the public IP associated with your ingress controller: + +```bash + dummy.com +``` + +2. Open a browser and try to invoke the ```/echo``` API through Dapr: + +``` +http://dummy.com/v1.0/invoke/echoapp/method/echo?text=hello +``` + +3. If you haven't logged on to Google, you'll be redirected to the login page. Then, you'll be redirected to the consent screen to confirm access. + +4. The browser redirects back to your application with the access token extracted from a (configurable) ```authorization``` header: + +![Web Page](./img/webpage.png) + +## Step 6 - Cleanup + +1. Spin down kunernetes resources: + +```bash +kubectl delete -f deploy/. +``` + +2. Delete Nginx ingress from the cluster: + +```bash +helm uninstall my-release +``` + +3. Disable ingress addon: + +```bash +minikube addons disable ingress +``` + +4. Delete the credential created in the authorization server. + +## Related links +- Learn more about [Dapr middleware](https://docs.dapr.io/concepts/middleware-concept/) +- How to [configure API authorization with OAuth](https://docs.dapr.io/operations/security/oauth/) + +## Next steps +- Explore additional [samples](../README.md) diff --git a/middleware-oauth-google/deploy/echoapp.yaml b/middleware-oauth-google/deploy/echoapp.yaml new file mode 100644 index 0000000..e87f9de --- /dev/null +++ b/middleware-oauth-google/deploy/echoapp.yaml @@ -0,0 +1,28 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: echoapp + labels: + app: echo +spec: + replicas: 1 + selector: + matchLabels: + app: echo + template: + metadata: + labels: + app: echo + annotations: + dapr.io/enabled: "true" + dapr.io/app-id: "echoapp" + dapr.io/app-port: "3000" + dapr.io/config: "pipeline" + dapr.io/sidecar-listen-addresses: "0.0.0.0" + spec: + containers: + - name: echo + image: dapriosamples/middleware-echoapp:latest + ports: + - containerPort: 3000 + imagePullPolicy: Always diff --git a/middleware-oauth-google/deploy/ingress.yaml b/middleware-oauth-google/deploy/ingress.yaml new file mode 100644 index 0000000..109bb67 --- /dev/null +++ b/middleware-oauth-google/deploy/ingress.yaml @@ -0,0 +1,14 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + kubernetes.io/ingress.class: nginx + name: echo-ingress +spec: + rules: + - http: + paths: + - backend: + serviceName: echoapp-dapr + servicePort: 80 + path: / diff --git a/middleware-oauth-google/deploy/oauth2.yaml b/middleware-oauth-google/deploy/oauth2.yaml new file mode 100644 index 0000000..8ed1722 --- /dev/null +++ b/middleware-oauth-google/deploy/oauth2.yaml @@ -0,0 +1,22 @@ +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: oauth2 +spec: + type: middleware.http.oauth2 + version: v1 + metadata: + - name: clientId + value: "" + - name: clientSecret + value: "" + - name: scopes + value: "https://www.googleapis.com/auth/userinfo.email" + - name: authURL + value: "https://accounts.google.com/o/oauth2/v2/auth" + - name: tokenURL + value: "https://accounts.google.com/o/oauth2/token" + - name: redirectURL + value: "http://dummy.com" + - name: authHeaderName + value: "authorization" \ No newline at end of file diff --git a/middleware-oauth-google/deploy/pipeline.yaml b/middleware-oauth-google/deploy/pipeline.yaml new file mode 100644 index 0000000..bcd9849 --- /dev/null +++ b/middleware-oauth-google/deploy/pipeline.yaml @@ -0,0 +1,13 @@ +apiVersion: dapr.io/v1alpha1 +kind: Configuration +metadata: + name: pipeline +spec: + tracing: + samplingRate: "1" + zipkin: + endpointAddress: "http://zipkin.default.svc.cluster.local:9411/api/v2/spans" + httpPipeline: + handlers: + - type: middleware.http.oauth2 + name: oauth2 diff --git a/middleware-oauth-google/echoapp/Dockerfile b/middleware-oauth-google/echoapp/Dockerfile new file mode 100644 index 0000000..939caef --- /dev/null +++ b/middleware-oauth-google/echoapp/Dockerfile @@ -0,0 +1,6 @@ +FROM node:17-alpine +WORKDIR /usr/src/app +COPY . . +RUN npm install +EXPOSE 3000 +CMD [ "node", "app.js" ] \ No newline at end of file diff --git a/middleware-oauth-google/echoapp/app.js b/middleware-oauth-google/echoapp/app.js new file mode 100644 index 0000000..44aeeaf --- /dev/null +++ b/middleware-oauth-google/echoapp/app.js @@ -0,0 +1,20 @@ +// ------------------------------------------------------------ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. +// ------------------------------------------------------------ + +const express = require('express'); +const bodyParser = require('body-parser'); +const app = express(); +app.use(bodyParser.json()); + +const daprPort = process.env.DAPR_HTTP_PORT || 3500; +const port = 3000; + +app.get('/echo', (req, res) => { + var text = req.query.text; + console.log("Echoing: " + text); + res.send("Access token: " + req.headers["authorization"] + " Text: " + text); +}); + +app.listen(port, () => console.log(`Node App listening on port ${port}!`)); \ No newline at end of file diff --git a/middleware-oauth-google/echoapp/package.json b/middleware-oauth-google/echoapp/package.json new file mode 100644 index 0000000..abca7f6 --- /dev/null +++ b/middleware-oauth-google/echoapp/package.json @@ -0,0 +1,17 @@ +{ + "name": "echoapp", + "version": "1.0.0", + "private": true, + "description": "", + "main": "app.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "author": "", + "license": "ISC", + "dependencies": { + "body-parser": "^1.18.3", + "express": "^4.16.4", + "isomorphic-fetch": "^2.2.1" + } +} diff --git a/middleware-oauth-google/img/Architecture_Diagram.png b/middleware-oauth-google/img/Architecture_Diagram.png new file mode 100644 index 0000000..5c36310 Binary files /dev/null and b/middleware-oauth-google/img/Architecture_Diagram.png differ diff --git a/middleware-oauth-google/img/google-console.png b/middleware-oauth-google/img/google-console.png new file mode 100644 index 0000000..04aa5d5 Binary files /dev/null and b/middleware-oauth-google/img/google-console.png differ diff --git a/middleware-oauth-google/img/google-dummy.png b/middleware-oauth-google/img/google-dummy.png new file mode 100644 index 0000000..9f87bac Binary files /dev/null and b/middleware-oauth-google/img/google-dummy.png differ diff --git a/middleware-oauth-google/img/webpage.png b/middleware-oauth-google/img/webpage.png new file mode 100644 index 0000000..1364385 Binary files /dev/null and b/middleware-oauth-google/img/webpage.png differ diff --git a/middleware-oauth-google/makefile b/middleware-oauth-google/makefile new file mode 100644 index 0000000..e215ec1 --- /dev/null +++ b/middleware-oauth-google/makefile @@ -0,0 +1,4 @@ +DOCKER_IMAGE_PREFIX ?=middleware- +APPS ?=echoapp + +include ../docker.mk \ No newline at end of file diff --git a/middleware-clientcredentials/README.md b/middleware-oauth-microsoftazure/README.md similarity index 94% rename from middleware-clientcredentials/README.md rename to middleware-oauth-microsoftazure/README.md index 04f380e..05d2ab2 100644 --- a/middleware-clientcredentials/README.md +++ b/middleware-oauth-microsoftazure/README.md @@ -1,4 +1,4 @@ -# OAuth Authorization to external service (non interactive) +# OAuth Authorization to External Service (Non Interactive) ## Sample info | Attribute | Details | @@ -9,7 +9,7 @@ ## Overview -This tutorial walks you through the steps of setting up the OAuth middleware to enable a service to interact with external services requiring authentication. This design seperates the concerns authentication/authorization concerns from the application. +This tutorial walks you through the steps of setting up the OAuth middleware to enable a service to interact with external services requiring authentication. This design seperates the authentication/authorization concerns from the application. ![Architecture Diagram](img/architecture_diagram.png) @@ -32,7 +32,7 @@ This tutorial walks you through the steps of setting up the OAuth middleware to 1. Clone the sample repo, then navigate to the middleware sample: ```bash git clone https://github.com/dapr/samples.git -cd samples/middleware-clientcredentials/msgraphapp +cd samples/middleware-oauth-microsoftazure/msgraphapp ``` 2. Examine the ```app.js``` file. You'll see this is a simple Node.js Express web server with a single ```/users``` route that returns the Microsoft Graph API result based on the input query parameter ```displayName```. Also you can see that the token saved in the request header called `msgraph-token` will be forwarded as the `Authorization` header in the request towards the MS Graph API. @@ -118,7 +118,7 @@ kubectl apply -f deploy/msgraphpipeline.yaml ### Step 4 - Deploy the application Next, you'll deploy the application. This example has no public ingress endpoint due to the confidentiallity of the returned data by the service. -> **NOTE:** In general this middleware component should be used to inject external service authentication tokens to your services, in order to use/pass them to the called external services. It is not meant for public endpoint authentication. Please see [middleware sample](https://github.com/dapr/quickstarts/tree/master/middleware) for intractive public endpoint authentication flow. +> **NOTE:** In general this middleware component should be used to inject external service authentication tokens to your services, in order to use/pass them to the called external services. It is not meant for public endpoint authentication. Please see [middleware sample](https://github.com/dapr/samples/tree/master/middleware-oauth-google) for intractive public endpoint authentication flow. 1. Deploy the application: ```bash diff --git a/middleware-clientcredentials/deploy/msgraphapp.yaml b/middleware-oauth-microsoftazure/deploy/msgraphapp.yaml similarity index 100% rename from middleware-clientcredentials/deploy/msgraphapp.yaml rename to middleware-oauth-microsoftazure/deploy/msgraphapp.yaml diff --git a/middleware-clientcredentials/deploy/msgraphpipeline.yaml b/middleware-oauth-microsoftazure/deploy/msgraphpipeline.yaml similarity index 100% rename from middleware-clientcredentials/deploy/msgraphpipeline.yaml rename to middleware-oauth-microsoftazure/deploy/msgraphpipeline.yaml diff --git a/middleware-clientcredentials/deploy/oauth2clientcredentials.yaml b/middleware-oauth-microsoftazure/deploy/oauth2clientcredentials.yaml similarity index 100% rename from middleware-clientcredentials/deploy/oauth2clientcredentials.yaml rename to middleware-oauth-microsoftazure/deploy/oauth2clientcredentials.yaml diff --git a/middleware-clientcredentials/img/aad_app_registration1.png b/middleware-oauth-microsoftazure/img/aad_app_registration1.png similarity index 100% rename from middleware-clientcredentials/img/aad_app_registration1.png rename to middleware-oauth-microsoftazure/img/aad_app_registration1.png diff --git a/middleware-clientcredentials/img/aad_app_registration10.png b/middleware-oauth-microsoftazure/img/aad_app_registration10.png similarity index 100% rename from middleware-clientcredentials/img/aad_app_registration10.png rename to middleware-oauth-microsoftazure/img/aad_app_registration10.png diff --git a/middleware-clientcredentials/img/aad_app_registration2.png b/middleware-oauth-microsoftazure/img/aad_app_registration2.png similarity index 100% rename from middleware-clientcredentials/img/aad_app_registration2.png rename to middleware-oauth-microsoftazure/img/aad_app_registration2.png diff --git a/middleware-clientcredentials/img/aad_app_registration3.png b/middleware-oauth-microsoftazure/img/aad_app_registration3.png similarity index 100% rename from middleware-clientcredentials/img/aad_app_registration3.png rename to middleware-oauth-microsoftazure/img/aad_app_registration3.png diff --git a/middleware-clientcredentials/img/aad_app_registration4.png b/middleware-oauth-microsoftazure/img/aad_app_registration4.png similarity index 100% rename from middleware-clientcredentials/img/aad_app_registration4.png rename to middleware-oauth-microsoftazure/img/aad_app_registration4.png diff --git a/middleware-clientcredentials/img/aad_app_registration5.png b/middleware-oauth-microsoftazure/img/aad_app_registration5.png similarity index 100% rename from middleware-clientcredentials/img/aad_app_registration5.png rename to middleware-oauth-microsoftazure/img/aad_app_registration5.png diff --git a/middleware-clientcredentials/img/aad_app_registration6.png b/middleware-oauth-microsoftazure/img/aad_app_registration6.png similarity index 100% rename from middleware-clientcredentials/img/aad_app_registration6.png rename to middleware-oauth-microsoftazure/img/aad_app_registration6.png diff --git a/middleware-clientcredentials/img/aad_app_registration7.png b/middleware-oauth-microsoftazure/img/aad_app_registration7.png similarity index 100% rename from middleware-clientcredentials/img/aad_app_registration7.png rename to middleware-oauth-microsoftazure/img/aad_app_registration7.png diff --git a/middleware-clientcredentials/img/aad_app_registration8.png b/middleware-oauth-microsoftazure/img/aad_app_registration8.png similarity index 100% rename from middleware-clientcredentials/img/aad_app_registration8.png rename to middleware-oauth-microsoftazure/img/aad_app_registration8.png diff --git a/middleware-clientcredentials/img/aad_app_registration9.png b/middleware-oauth-microsoftazure/img/aad_app_registration9.png similarity index 100% rename from middleware-clientcredentials/img/aad_app_registration9.png rename to middleware-oauth-microsoftazure/img/aad_app_registration9.png diff --git a/middleware-clientcredentials/img/architecture_diagram.png b/middleware-oauth-microsoftazure/img/architecture_diagram.png similarity index 100% rename from middleware-clientcredentials/img/architecture_diagram.png rename to middleware-oauth-microsoftazure/img/architecture_diagram.png diff --git a/middleware-clientcredentials/makefile b/middleware-oauth-microsoftazure/makefile similarity index 100% rename from middleware-clientcredentials/makefile rename to middleware-oauth-microsoftazure/makefile diff --git a/middleware-clientcredentials/msgraphapp/Dockerfile b/middleware-oauth-microsoftazure/msgraphapp/Dockerfile similarity index 100% rename from middleware-clientcredentials/msgraphapp/Dockerfile rename to middleware-oauth-microsoftazure/msgraphapp/Dockerfile diff --git a/middleware-clientcredentials/msgraphapp/app.js b/middleware-oauth-microsoftazure/msgraphapp/app.js similarity index 100% rename from middleware-clientcredentials/msgraphapp/app.js rename to middleware-oauth-microsoftazure/msgraphapp/app.js diff --git a/middleware-clientcredentials/msgraphapp/package.json b/middleware-oauth-microsoftazure/msgraphapp/package.json similarity index 100% rename from middleware-clientcredentials/msgraphapp/package.json rename to middleware-oauth-microsoftazure/msgraphapp/package.json