Using passport-http on Hyperledger composer REST API

Question

I would like to know if it is possible to use passport-http to secure the REST API of Hyperledger Composer generated with the composer-rest-server and what would be the export COMPOSER_PROVIDERS='{}' configuration.

The idea is to use the identities previously generated and assigned to participants with the composer to authenticate the GET and POST requests on the API.

If it were possible, how would the userID and userSecret be passed, as a special http header, in the body or as a simple basic auth header?

Were you able to get the `passport-http` strategy working on `composer-rest-server` ? — Rohit Khatri, Jun 07 '18 at 03:08

score 1 · Accepted Answer · answered Aug 17 '17 at 14:57

1

I've not tried, but it should be able to. The Composer REST server uses the open source Passport authentication middleware, its a matter of configuration. Multiple Passport strategies can be selected, allowing clients of the REST server to select a preferred authentication mechanism.

The strategy for passport-http is here -> https://github.com/jaredhanson/passport-http

You can try something like:


  export COMPOSER_PROVIDERS='{
  "basic": {
    "provider": "basic",
    "module": "passport-http",
    "clientID": "REPLACE_WITH_CLIENT_ID",
    "clientSecret": "REPLACE_WITH_CLIENT_SECRET",
    "authPath": "/auth/local",
    "callbackURL": "/auth/local/callback",
    "successRedirect": "/",
    "failureRedirect": "/login" 
     }
    }'

I assume you know how to configure your passport-http strategy. and check out RESTful Node.js Application with passport-http - and see an example (right near the end) of an app consuming REST Endpoints right near the end.

answered Aug 17 '17 at 14:57

Paul O'Mahony

6,740
1
10
15

I'm getting an error while trying your export, I think there is a missing field regarding the strategy used (basic or digest). Thank you very much for your answer. – arkandas Aug 17 '17 at 15:36
The error: TypeError: AuthStrategy is not a constructor at PassportConfigurator.configureProvider (/home/fabric/.nvm/versions/node/v6.11.2/lib/node_modules/composer-rest-server/node_modules/loopback-component-passport/lib/passport-configurator.js:280:18) at Promise.then (/home/fabric/.nvm/versions/node/v6.11.2/lib/node_modules/composer-rest-server/server/server.js:131:38) at process._tickCallback (internal/process/next_tick.js:109:7) – arkandas Aug 17 '17 at 15:36
OK so now your problem is configuring the strategy. The answer I provided was merely a template - either you've not specified a strategy properly or its missing. eg. as shown here -> https://loopback.io/doc/en/lb2/Configuring-providers.json.html - some have 'strategy' appointed and perhaps you need to specify? – Paul O'Mahony Aug 18 '17 at 09:07
Yes, I'm sure the problem is the configuration of the strategy. I tried the passport-google-oauth strategy with a providers.json file based on their example and everything works perfectly. My only problem is with the passport-http one as I cannot find any providers.json file that will work and don't even know if this one is supported. – arkandas Aug 18 '17 at 09:30
Having same issue `TypeError: AuthStrategy is not a constructor at PassportConfigurator.configureProvider (/usr/local/lib/node_modules/composer-rest-server/node_modules/loopback-component-passport/lib/passport-configurator.js:439:18) at Promise.then (/usr/local/lib/node_modules/composer-rest-server/server/server.js:147:38) at at process._tickCallback (internal/process/next_tick.js:188:7)` – Rohit Khatri Jun 06 '18 at 14:27

Using passport-http on Hyperledger composer REST API

1 Answers1

Linked