Skip to content

IO42630/ace

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

78 Commits

ace

ace

 
 

examples

examples

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

edhoc_dump.pcapng

edhoc_dump.pcapng

 
 

requirements.txt

requirements.txt

 
 

setup.py

setup.py

 
 

Repository files navigation

ACE - Authentication and Authorization for Constrained Environments

This repository encompasses Python implementations for the three ACE entities authorization server, resource server and client proposed in the IETF draft https://tools.ietf.org/pdf/draft-ietf-ace-oauth-authz-12.pdf.

Authorization Server

The authorization server can be run using

python examples/authz_server.py

It binds to port number 8080 and issues CBOR Web Token (CWTs) access tokens. No security profile is implemented for the communication with the authorization server, therefore, HTTPS shoud be used.

Resource Server

The resource server hosts some sample protected resources such as a simulated temperature sensor value as well as an LED value that can be controlled via a request. The resource server can be run using

python examples/rs_http.py

The RS will bind to port 8081.

Resources

[GET] /temperature
[POST] /led

Security Profile

The implemented security profile between the RS and client is based on the EDHOC (Ephemeral Diffie-Hellman over COSE) IETF draft: https://tools.ietf.org/pdf/draft-selander-ace-cose-ecdhe-08.pdf

Client

The client requests an access token from the AS and uses the issued token to access the protected resources on the RS. The client can be run using

python examples/client_http.py

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%