Skip to content
/ fga-demo-api Public

A simple Google Drive style API, using OpenFGA, written in Go

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Sambego/fga-demo-api

BranchesTags

Repository files navigation

A Google Drive style API, using OpenFGA, written in Go

Start your FGA Server

More info on openfga.dev

The FGA Server needs to be running before this Go server, cause on start it will create a new model and populate it with the model in fga-model.json.

docker run -p 8080:8080 -p 8081:8081 -p 3000:3000 openfga/openfga run

Add your environment variables

cp .env.sample .env

Start your Go server

go run main.go

API Endpoints

Method Endpoint Description
GET /documents/:id Get a document
POST /documents Create a new document, the JSON body accepts name and content
POST /documents/:id/share Share a document, the JSON body accepts relation and user. You can also use this endpoint to add a file to a parent folder by setting the relation to parent and the user to folder:<id>
GET /folders/:id Get a folder
POST /folders Create a new folder, the JSON body accepts name
POST /folderws/:id/share Share a folder, the JSON body accepts relation and user. You can also use this endpoint to add a folder to a parent folder by setting the relation to parent and the user to folder:<id>
GET /documents Get all documents. This endpoint is included for debugging, no FGA check is done here
GET /folders Get all folder. This endpoint is included for debugging, no FGA check is done here

Test tokens (These don't work anywhere else).

The API uses the subject (sub) from the JWT formatted Access Token persented as Bearer token in the Authorization header. This is a demo, and therefor not all necessary checks are in place. Please don't use this in production!

Sam

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJzYW1Ab2t0YS5jb20iLCJuYW1lIjoiU2FtIEJlbGxlbiIsImlhdCI6MTUxNjIzOTAyMn0.UgLEipGU-69_dKuhgCsV7mrBcCvRJBV880kuMJbLBy8

Chiara

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJjaGlhcmFAb2t0YS5jb20iLCJuYW1lIjoiQ2hpYXJhIiwiaWF0IjoxNTE2MjM5MDIyfQ.-mbo6VBG1xZzK-T7bEuKqUQR1B-eu-ACRIKrtai1JEU

Test scenario

1 Create a new document for user Sam

POST /documents/

{
  "name": "Test document",
  "content": "Test content"
}

2 User Sam should be able to see the document

GET /documents/:id

3 User Chiara should NOT be able to see the document

GET /documents/:id

4 Create a new folder for user Sam

POST /folders

{
  "name": "Test Folder",
}

5 User Sam should be able to see the folder

GET /folders/:id

6 User Chiara should NOT be able to see the document

GET /folders/:id

7 Add the document to the folder for user Sam

POST /documents/:id/share

{
  "relation": "parent",
  "user": "folder:id
}

8 Share the folder with user Chiara

POST /folders/:id/share

{
  "relation": "viewer",
  "user": "user:chiara@okta.com
}

About

A simple Google Drive style API, using OpenFGA, written in Go

Resources

Readme
Activity

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages