httpsign

package
v0.0.0-...-a0b1be5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 10, 2023 License: MIT, MIT Imports: 10 Imported by: 0

README

httpsign

Run Tests codecov Go Report Card GoDoc

Signing HTTP Messages Middleware base on HTTP Signatures.

Example


package main

import (
  "github.com/gin-contrib/httpsign"
  "github.com/gin-contrib/httpsign/crypto"
  "github.com/gin-gonic/gin"
)

func main() {
  // Define algorithm
  hmacsha256 := &crypto.HmacSha256{}
  hmacsha512 := &crypto.HmacSha512{}
  // Init define secret params
  readKeyID := httpsign.KeyID("read")
  writeKeyID := httpsign.KeyID("write")
  secrets := httpsign.Secrets{
    readKeyID: &httpsign.Secret{
      Key:       "HMACSHA256-SecretKey",
      Algorithm: hmacsha256, // You could using other algo with interface Crypto
    },
    writeKeyID: &httpsign.Secret{
      Key:       "HMACSHA512-SecretKey",
      Algorithm: hmacsha512,
    },
  }

  // Init server
  r := gin.Default()

  //Create middleware with default rule. Could modify by parse Option func
  auth := httpsign.NewAuthenticator(secrets)

  r.Use(auth.Authenticated())
  r.GET("/a", a)
  r.POST("/b", b)
  r.POST("/c", c)

  r.Run(":8080")
}

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrInvalidAuthorizationHeader error when get invalid format of Authorization header
	ErrInvalidAuthorizationHeader = newPublicError("Authorization header format is incorrect")
	// ErrInvalidKeyID error when KeyID in header does not provided
	ErrInvalidKeyID = newPublicError("Invalid keyId")
	// ErrDateNotFound error when no date in header
	ErrDateNotFound = newPublicError("There is no Date on Headers")
	// ErrIncorrectAlgorithm error when Algorithm in header does not match with secret key
	ErrIncorrectAlgorithm = newPublicError("Algorithm does not match")
	// ErrHeaderNotEnough error when requirements header do not appear on header field
	ErrHeaderNotEnough = newPublicError("Header field is not match requirement")
	// ErrNoSignature error when no Signature not found in header
	ErrNoSignature = newPublicError("No Signature header found in request")
	// ErrInvalidSign error when signing string do not match
	ErrInvalidSign = newPublicError("Invalid sign")
	// ErrMissingKeyID error when keyId not in header
	ErrMissingKeyID = newPublicError("keyId must be on header")
	// ErrMissingSignature error when signature not in header
	ErrMissingSignature = newPublicError("signature must be on header")

	// ErrUnterminatedParameter err when could not parse value
	ErrUnterminatedParameter = newPublicError("Unterminated parameter")
	// ErrMisingDoubleQuote err when after character = not have double quote
	ErrMisingDoubleQuote = newPublicError(`Missing " after = character`)
	// ErrMisingEqualCharacter err when there is no character = before " or , character
	ErrMisingEqualCharacter = newPublicError(`Missing = character =`)
)

Functions

This section is empty.

Types

type Authenticator

type Authenticator struct {
	// contains filtered or unexported fields
}

Authenticator is the gin authenticator middleware.

func NewAuthenticator

func NewAuthenticator(secretKeys Secrets, options ...Option) *Authenticator

NewAuthenticator creates a new Authenticator instance with given allowed permissions and required header and secret keys.

func (*Authenticator) Authenticated

func (a *Authenticator) Authenticated() gin.HandlerFunc

Authenticated returns a gin middleware which permits given permissions in parameter.

type KeyID

type KeyID string

KeyID define type

type Option

type Option func(*Authenticator)

Option is the option to the Authenticator constructor.

func WithRequiredHeaders

func WithRequiredHeaders(headers []string) Option

WithRequiredHeaders is list of all requires HTTP headers that the client have to include in the singing string for the request to be considered valid. If not provided, the created Authenticator instance will use defaultRequiredHeaders variable.

func WithValidator

func WithValidator(validators ...validator.Validator) Option

WithValidator configures the Authenticator to use custom validator. The default validators are time based and digest.

type Secret

type Secret struct {
	Key       string
	Algorithm crypto.Crypto
}

Secret define secret key and algorithm that key use

type Secrets

type Secrets map[KeyID]*Secret

Secrets map with keyID and secret

type SignatureHeader

type SignatureHeader struct {
	// contains filtered or unexported fields
}

SignatureHeader contains basic info signature header

func NewSignatureHeader

func NewSignatureHeader(r *http.Request) (*SignatureHeader, error)

NewSignatureHeader new instance of SignatureHeader

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL