From 44ad2cca852adc6a344f4b357ff7727bb72c3a6c Mon Sep 17 00:00:00 2001 From: mo khan Date: Wed, 5 Mar 2025 17:40:06 -0700 Subject: docs: add architecture diagram to README --- README.md | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/README.md b/README.md index 5e24c3b..ebab0c5 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,54 @@ Below is a recording of a SAML based service provider initiated login, displayin ![SAML Login](./screencast.webm) +## Architecture + +```plaintext + ------------- + | user-agent | + ------------- + | + | + V +----------------|:8080|---------------------------------------- + | + V + --------------- + | API Gateway | (use casbin to evict early) + --------------- + | + |---------|------| (reverse proxy and injects context headers) + | | + | V ----- + | -------------------- (_____) + | | IdP (saml, oidc) | ------- | db | + | | | ----- + | -------------------- + | | :http | :grpc | (use declarative_policy) + | -------------------- + | A + -------------- | + | | | + V V | + ------ ------------ | + | UI | | REST API |-------| + ------ ------------ + | + V + _____ + (_____) + | db | + ------- + +[UI]: ui.example.com +[REST API]: api.example.com +[IdP]: idp.example.com +``` + +I have ommitted TLS, RS256 from the prototype to offload the decision of key +management and rotation. See [smallstep](https://smallstep.com/docs/step-cli/) +for PKI management. + ## Getting Started 1. Install tools: -- cgit v1.2.3