The Co-Auth: Your Guard after authentication

Co-Auth is a unified auth platform but after your primary authentication. Means one can use co-auth from second factor to nth factor for verification,in many applications without the need to duplicate

Comment

Inspiration

Authentication can protect you by allowing only those are authorized to access. But not during the session which lasts for 15-30 mins on most applications. If the applications are intranet based, then for the life time of logged-in session.

Therefore for

Now any organization have several custom applications developed or you may want to move an intranet system outside with more protection. This means you are re-writing tons of repeat logic everywhere. If you chose to have switchable verifications modes, rebuild it again! Also, should be protect these post authentication methods with a different system? or should we let the primary systems have all the verifications codes in it?

More on the Philosophy here documentation

What it does

Introducing Co Auth! Your guard after authentication! With Co Auth you have a single unified interface to guard sensitive transactions across application without the hassle of rebuilding everywhere.

Third party application can integrate with these simple steps. first you decide how you want to onboard, either with Co-Auth self onboarding plugin or your backend systems pushing the customer data. Second, Configure which modules you want to present to customer. Third, Server to Server call to initiate transaction. Fourth, Add the co auth web plugin. Fifth, Server to Server call to verify transaction status.

Co-Auth has an ambitious aim of being the Key cloak for post authentication verifications.

How we built it

With the conceptual knowledge that I have on Kubernetes, the opportunity of RedHat OpenShift platform made deployments on the kubernetes platform a breeze.

The application involves several technologies including, Quarkus, Spring Cloud gateway, Postgres, Infinispan Data grid, (Vuejs. Tailwindcss, Flowbite for the frontend).

Extensive documentation is on its way. Feel free to visit documentation

Challenges we ran into

Setting up OpenShift on my limited hardware was a challenge. Where-in the developer sandbox helps to get started but is missing on playing around with other components like kafka, ELK, Istio, Data grid, which are out of the box on local installation (any my favourites). However, this would be arranged and OpenShift has a generous 60days trial too per account.

While I tried to install on an AWS account, however for individuals the cores are limited to 32 CPU and needs a limit increase request.

With the aim of being cloud native applications, I ran into issues of building Quarkus native builds that don't let me connect to database (need to do more research), however a drag and drop of the jar mitigated the issue for time being. So for the moment it is the regular JDK dockers.

Deploying an html based application on Nginx image was an issue due to non root permission. For the time being it is deployed on httpd library provided on nodejs.

Accomplishments that we're proud of

Unifying the second the nth factor authentication in my experience has never been notice by many organizations.

What we learned

OpenShift just makes kubernetes onboarding way simpler than learning the standard way. With out-of-the-box operators developer and maintainer life is much relieved.

What's next for The Co-Auth: Your Guard after authentication

This hackathon gives me an opportunity to firstly have a validation and feedback from participants, secondly, exposure of audience for those willing to contribute to the project.

Co-Auth's journey is a long way with single handed development (working in part-time mode). A few fellow brains would be definitely useful. Specially also to learn working with opensource community.

Visit https://coauth.dev if you feel connected to the concept and I would be glad to have contributors and feedbacks on the idea.

Thank you for reading.

Built With

Share this project:

Updates