Giter Site home page Giter Site logo

nginx-akamai-token-validate-module's Introduction

Akamai token validation module for Nginx

Validates Akamai v2 query string tokens

Installation

Add --add-module when configuring nginx:

./configure --add-module=$PATH_TO_AKAMAI_TOKEN_VALIDATE

Requires OpenSSL.

Configuration

akamai_token_validate

  • syntax: akamai_token_validate token
  • default: off
  • context: http, server, location

Sets the value of the token that should be validated. The parameter value can contain variables, e.g. $arg_token.

akamai_token_validate_key

  • syntax: akamai_token_validate_key key_hex
  • default: empty
  • context: http, server, location

Sets the secret key

akamai_token_validate_uri_filename_prefix

  • syntax: akamai_token_validate_uri_filename_prefix prefix
  • default: none
  • context: http, server, location

Defines a set of prefixes that will be matched against the URI file name, only URIs whose file name starts with one of the defined prefixes will require a token

akamai_token_validate_strip_token

  • syntax: akamai_token_validate_strip_token param_name
  • default: none
  • context: http, server, location

This setting can be used to strip query parameters, set it to the name of the parameter to strip. The default behavior is not to strip any query parameters. This setting is useful when the validated requests are proxied to some upstream server (using proxy_pass) - it can be used to remove the token from the upstream request

Sample configuration

The following configuration requires a token parameter named token, either as a query string parameter or as a cookie:

http {

	server {

		if ($arg_token) {
			set $test_token $arg_token;
		}

		if ($cookie_token) {
			set $test_token $cookie_token;
		}

		location /protected/ {
			akamai_token_validate $test_token;
			akamai_token_validate_key 1234;
		}
	}
}

A protected URL may look something like: http://domain/protected/?token=st=1498386079~exp=1498386379~acl=/protected/*~hmac=3fea342b4b69149f8a34ff709913ad8676a3495172e4ac3f387b23554aa3a761

Few more samples can be found here: https://github.com/kaltura/nginx-secure-token-module#sample-configurations

Copyright & License

All code in this project is released under the AGPLv3 license unless a different license for a particular library is specified in the applicable library path.

Copyright © Kaltura Inc. All rights reserved.

nginx-akamai-token-validate-module's People

Contributors

erankor avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.