Skip to content

Commit

Permalink
improvements on documentation and test name on GHA WF
Browse files Browse the repository at this point in the history
Signed-off-by: Alfredo Gutierrez <[email protected]>
  • Loading branch information
AlfredoG87 committed Mar 28, 2024
1 parent fff4e0e commit 8b43fa0
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 3 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/proxy-tests.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Tests
name: Auth Layer Proxy Tests

on:
pull_request:
Expand Down
9 changes: 7 additions & 2 deletions auth-layer-proxy/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Readme

This is a token verification auth-layer-proxy for Hedera-The-Graph implementation that will allows a node operator to publish a secured `admin port` of the-graph deployment for hedera.
This is a token verification auth-layer-proxy for Hedera-The-Graph implementation that will allow a node operator to publish a secured `admin port` of the-graph deployment for Hedera.

Uses EnvoyProxy as a reverse proxy that handles the token verification. The token is verified using the OAuth 2.0 token server and the token claims are validated for the required roles and subgraph access.

Expand Down Expand Up @@ -44,6 +44,11 @@ So make sure to have a token server running that is previously configured with a
### Token structure

Make sure that the access token has the following claims:
- realm_access.roles: A list of roles that the user has. The roles are used to determine the access level of the user.
- subgraph_access: A list of subgraph names that the user has access to. The subgraph names are used to determine the access level of the user.
- active: A boolean value that indicates if the user is active or not.
- email_verified: A boolean value that indicates if the user's email is verified or not.
- email: The email of the user.

```json
{
Expand Down Expand Up @@ -81,7 +86,7 @@ Make sure that the access token has the following claims:
}
```

For instructions on how to set-up the Auth Provider using KeyCloak, refer to the `Auth-Layer-Server` [README](link)
For instructions on how to set-up the Auth Provider using KeyCloak, refer to the `Auth-Layer-Server` [README](https://github.com/hashgraph/hedera-the-graph/tree/main/charts/auth-layer-server)

## Usage

Expand Down

0 comments on commit 8b43fa0

Please sign in to comment.