This microservice is used to authenticate services across HMCTS.
To build the project execute the following command:
$ ./gradlew buildIn order to setup Service Auth Provider to work with a client service, you need to do the following:
- In the Azure Key Vault named
s2s-{environment}add the service's secret used for generating OTPs (one-time passwords). This has to be done in each environment the service is going to be deployed to. Service Auth Provider will use that secret for validating OTPs. It has to be a BASE32-encoded sequence of ten random bytes (16 characters after encoding). By convention, the Azure Key Vault secret's name should follow this format:microservicekey-{service-name}. Here's how to generate it. - Add the client service to
local.microservice_key_namesmap in main.tf. The key has to be the service name (as in HTTP requests) and the value must be the name of the Azure Key Vault secret created in the previous step. For example, service namedtest_servicewould be configured like this:
microservice_key_names = {
...
"TEST_SERVICE" = "microservicekey-test-service"
...
}
Here's a sample Java snippet to generate a microservice secret:
byte[] bytes = new byte[10];
SecureRandom.getInstanceStrong().nextBytes(bytes);
String secret = new Base32().encodeAsString(bytes);
Sample Python code to generate that secret:
import os
import base64
base64.b32encode(os.urandom(10))
To run the app execute:
$ ./gradlew bootRunYou can also run the app on docker.
To build:
$ docker-compose buildAnd to run:
$ docker-compose upDockerized app comes with preconfigured sample service. See docker-compose.yml for details.
API documentation is provided with Swagger.
Json spec is available under standard /v2/api-docs route.
Flow diagram can be found here
To run all unit tests execute the following command:
$ ./gradlew testThis project is licensed under the MIT License - see the LICENSE file for details.