Ballerina Security

Ballerina-Security

Ballerina Security repository contains the examples, use-cases, demos, resources related to microservices security patterns with Ballerina, which is an open-source programming language for the cloud that makes it easier to use, combine, and create network services.

Summary

Ballerina standard library has Auth, JWT, and OAuth2 modules which provide the authentication and authorization framework to secure the APIs of microservices written with HTTP, WebSocket, GraphQL, gRPC, and WebSub protocols. The Crypto module facilitates APIs to perform cryptographic operations like hashing, HMAC generation, checksum generation, encryption, decryption, signing data digitally, verifying digitally signed data, etc., with different cryptographic algorithms. The URL module facilitates APIs to encode and decode a URL or part of a URL.

The NATS, STAN, RabbitMQ, Kafka, Email, FTP, TCP, and UDP modules have their ways of securing APIs which are protocol-dependent.

Dashboard

This section demonstrates the current status of the security modules of the Ballerina standard library followed by the official references for all the security examples aka Ballerina by examples (BBEs).

Module Latest Release Status Issues & PRs Docs & Package
auth tag build
codecov
issues
pulls
docs
package
jwt tag build
codecov
issues
pulls
docs
package
oauth2 tag build
codecov
issues
pulls
docs
package
crypto tag build
codecov
issues
pulls
docs
package
url tag build
codecov
issues
pulls
docs
package
Category BBE
REST API Security Service - SSL/TLS
Service - Mutual SSL
Service - Basic Auth File User Store
Service - Basic Auth LDAP User Store
Service - JWT Auth
Service - OAuth2
Client - SSL/TLS
Client - Mutual SSL
Client - Basic Auth
Client - Bearer Token Auth
Client - Self Signed JWT Auth
Client - OAuth2 Client Credentials Grant Type
Client - OAuth2 Password Grant Type
Client - OAuth2 Refresh Token Grant Type
GraphQL Security Service - SSL/TLS
Service - Mutual SSL
Service - Basic Auth File User Store
Service - Basic Auth LDAP User Store
Service - JWT Auth
Service - OAuth2
WebSocket Security Service - SSL/TLS
Service - Mutual SSL
Service - Basic Auth File User Store
Service - Basic Auth LDAP User Store
Service - JWT Auth
Service - OAuth2
Client - SSL/TLS
Client - Mutual SSL
Client - Basic Auth
Client - Bearer Token Auth
Client - Self Signed JWT Auth
Client - OAuth2 Client Credentials Grant Type
Client - OAuth2 Password Grant Type
Client - OAuth2 Refresh Token Grant Type
Security Cryptographic Operations
JWT Issue & Validate
URL URL Encode & Decode

Examples

This section demonstrates the examples with authentication and authorization for different protocols supported by Ballerina. They are HTTP, WebSocket, GraphQL, gRPC, WebSub, NATS, STAN, RabbitMQ, Kafka, Email, FTP, TCP, and UDP. Refer to the examples page for more information.

Examples

Scenarios

This section demonstrates the real-world scenarios which have authentication and authorization requirements and how that can be supported with Ballerina. Refer to the scenarios page for more information.

Test Suite

This section demonstrates an automated Ballerina security test-suite which contains authentication and authorization related integration scenarios and Ballerina by examples (BBEs). These tests run on-demand with the provided Ballerina version in GitHub secrets. Refer to the test suite page for more information.

BBE Integration

Issues

This section summarizes the issues related to the security aspects of Ballerina standard libraries. These issues are further categorized as bugs, improvements, new features, and tasks. Refer to the issues page for more information.


The following sections have important references which were used for the design and implementation of the current Ballerina Security model and its related components. All the references are open source and publicly available.

User Guides

Research & Design

GitHub Pull Requests

Specifications

Guides


About me - https://ldclakmal.me

linkedin   github   medium   twitter   stackoverflow   google-scholar   flickr