Skip to content

The one-stop place to learn/experience the examples, use-cases, demonstrations, and resources related to microservices security patterns with Ballerina, which is an open-source programming language for the cloud that makes it easier to use, combine, and create network services.

License

Notifications You must be signed in to change notification settings

ldclakmal/ballerina-security

Repository files navigation

Official Website: https://ldclakmal.me/ballerina-security

Ballerina-Security

The one-stop place to learn/experience the examples, use-cases, demonstrations, and resources related to microservices security patterns with Ballerina, which is an open-source programming language for the cloud that makes it easier to use, combine, and create network services.

Summary

Ballerina is an open-source programming language for the cloud that makes it easier to use, combine, and create network services. Ballerina has first-class support for a whole bunch of security features from transport layer security like SSL/TLS, mTLS to application layer security like Basic Auth, JWT Auth, OAuth2, etc.

Ballerina standard library has Auth, JWT, and OAuth2 packages which provide the authentication and authorization framework to secure the APIs of microservices written with HTTP, WebSocket, GraphQL, gRPC, and WebSub protocols. The Crypto package facilitates APIs to perform cryptographic operations like hashing, HMAC generation, checksum generation, encryption, decryption, signing data digitally, verifying digitally signed data, etc., with different cryptographic algorithms. The URL module facilitates APIs to encode and decode a URL or part of a URL. The Kafka, RabbitMQ, NATS, STAN, Email, FTP, TCP, and UDP packages have their ways of securing APIs which are protocol-dependent.

This website is the latest deployed version of this Ballerina Security GitHub Repository, which contains all the examples, use-cases, demonstrations, and resources related to Ballerina Security in one place. So, this is the one-stop place to learn/experience Ballerina Security.

Dashboard

Security Packages Status

This section demonstrates the current status of the security-specific packages of the Ballerina Platform. All of these repositories are categorized under the Ballerina Standard Library packages.

Package Latest
Release
Package Status Test Status Bugs Open
PRs
API Docs & Package
auth tag build
codecov
trivy
loadtest
bugs pulls docs
package
jwt tag build
codecov
trivy
loadtest
bugs pulls docs
package
oauth2 tag build
codecov
trivy
loadtest
bugs pulls docs
package
crypto tag build
codecov
trivy bugs pulls docs
package
url tag build
codecov
trivy bugs pulls docs
package

Release Compatibility Status

This section demonstrates the current status of the Ballerina programs that are executed against the latest (pre-release/release) Ballerina version which is configurable with individual GitHub actions. Mostly, these actions are used to test the compatibility of existing programs during the RC period of a release.

BBEs Examples Scenarios

Ballerina by Examples (BBEs)

This section demonstrates the security related Ballerina by examples (BBEs).

Note These examples are validated against the provided latest Ballerina version with an automated test-suite. BBEs

Category BBE
REST API Security Service - SSL/TLS
Service - Mutual SSL
Service - Basic Auth File User Store
Service - Basic Auth LDAP User Store
Service - JWT Auth
Service - OAuth2
Client - SSL/TLS
Client - Mutual SSL
Client - Basic Auth
Client - Bearer Token Auth
Client - Self Signed JWT Auth
Client - OAuth2 Client Credentials Grant Type
Client - OAuth2 Password Grant Type
Client - OAuth2 Refresh Token Grant Type
Client - OAuth2 JWT Bearer Grant Type
WebSocket Security Service - SSL/TLS
Service - Mutual SSL
Service - Basic Auth File User Store
Service - Basic Auth LDAP User Store
Service - JWT Auth
Service - OAuth2
Client - SSL/TLS
Client - Mutual SSL
Client - Basic Auth
Client - Bearer Token Auth
Client - Self Signed JWT Auth
Client - OAuth2 Client Credentials Grant Type
Client - OAuth2 Password Grant Type
Client - OAuth2 Refresh Token Grant Type
Client - OAuth2 JWT Bearer Grant Type
GraphQL Security Service - SSL/TLS
Service - Mutual SSL
Service - Basic Auth File User Store
Service - Basic Auth LDAP User Store
Service - JWT Auth
Service - OAuth2
gRPC Security Service - SSL/TLS
Service - Mutual SSL
Service - Basic Auth File User Store
Service - Basic Auth LDAP User Store
Service - JWT Auth
Service - OAuth2
Client - SSL/TLS
Client - Mutual SSL
Client - Basic Auth
Client - Bearer Token Auth
Client - Self Signed JWT Auth
Client - OAuth2 Client Credentials Grant Type
Client - OAuth2 Password Grant Type
Client - OAuth2 Refresh Token Grant Type
Client - OAuth2 JWT Bearer Grant Type
Kafka Security SASL Authentication - Consumer
SASL Authentication - Producer
RabbitMQ Security Secured Connection - Producer & Consumer
NATS Security Secured Connection - Publisher & Subscriber
STAN Security Secured Connection - Publisher & Subscriber
FTP Security Listener - SFTP
Client - SFTP
TCP Security TCP Transport Security
Security Cryptographic Operations
JWT Issue & Validate
URL URL Encode & Decode

Examples

This section demonstrates the security examples with authentication and authorization for different protocols supported by Ballerina.

Note These examples are validated against the provided latest Ballerina version with an automated test-suite. Examples

  1. HTTP
  2. WebSocket
  3. GraphQL
  4. gRPC
  5. WebSub
  6. Kafka
  7. RabbitMQ
  8. NATS
  9. STAN
  10. Email
  11. FTP
  12. TCP
  13. UDP (Pending)

Scenarios

This section demonstrates the real-world scenarios which have authentication and authorization requirements and how that can be supported with Ballerina.

Note These scenarios are validated against the provided latest Ballerina version with an automated test-suite. Scenarios

  1. Ballerina Secure Token Service (STS)
  2. E-Commerce system
  3. Secured Order Management Service with JWT Auth
  4. Secured Order Management Service with OAuth2

References

This section has a collection of important resources which were created/referred for the design and implementation of the current Ballerina Security architecture and its related components. All the resources are open source and publicly available.

Specifications

IETF RFCs

Blogs

Research & Design

GitHub Pull Requests

YouTube Videos

Books

Guides

Policies

[Internal]


linkedin   github   medium   twitter   stackoverflow   google-scholar   flickr

About

The one-stop place to learn/experience the examples, use-cases, demonstrations, and resources related to microservices security patterns with Ballerina, which is an open-source programming language for the cloud that makes it easier to use, combine, and create network services.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published