authorizer

package
v0.2.1-alpha.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 5, 2023 License: GPL-3.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source
const (
	OffChainAuthSigExpiryAgeInSec int32 = 60 * 5 // in 300 seconds
)

Variables

View Source
var (
	ErrUnsupportedAuthType = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20001, "unsupported auth op type")
	ErrMismatchSp          = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20002, "mismatched primary sp")
	ErrNotCreatedState     = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20003, "object has not been created state")
	ErrNotSealedState      = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20004, "object has not been sealed state")
	ErrPaymentState        = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20005, "payment account is not active")
	ErrNoSuchAccount       = gfsperrors.Register(module.AuthorizationModularName, http.StatusNotFound, 20006, "no such account")
	ErrNoSuchBucket        = gfsperrors.Register(module.AuthorizationModularName, http.StatusNotFound, 20007, "no such bucket")
	ErrNoSuchObject        = gfsperrors.Register(module.AuthorizationModularName, http.StatusNotFound, 20008, "no such object")
	ErrRepeatedBucket      = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20009, "repeated bucket")
	ErrRepeatedObject      = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20010, "repeated object")
	ErrNoPermission        = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20011, "no permission")

	ErrBadSignature           = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20012, "bad signature")
	ErrSignedMsgFormat        = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20013, "signed msg must be formatted as ${actionContent}_${expiredTimestamp}")
	ErrExpiredTimestampFormat = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20014, "expiredTimestamp in signed msg must be a unix epoch time in milliseconds")
	ErrPublicKeyExpired       = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20015, "user public key is expired")

	ErrConsensus = gfsperrors.Register(module.AuthorizationModularName, http.StatusInternalServerError, 25002, "server slipped away, try again later")
)

Functions

func NewAuthorizeModular

func NewAuthorizeModular(app *gfspapp.GfSpBaseApp, cfg *gfspconfig.GfSpConfig) (coremodule.Modular, error)

func Verify

func Verify(pk *PublicKey, signature, msg []byte) (bool, error)

Verify will Verify signature of a message with MiMC hash function

func VerifyEddsaSignature

func VerifyEddsaSignature(pubKey string, sig, message []byte) error

VerifyEddsaSignature EDDSA sig verification

Types

type AuthorizeModular

type AuthorizeModular struct {
	// contains filtered or unexported fields
}

func (*AuthorizeModular) GetAuthNonce

func (a *AuthorizeModular) GetAuthNonce(ctx context.Context, account string, domain string) (*spdb.OffChainAuthKey, error)

GetAuthNonce get the auth nonce for which the Dapp or client can generate EDDSA key pairs.

func (*AuthorizeModular) Name

func (a *AuthorizeModular) Name() string

func (*AuthorizeModular) ReleaseResource

func (a *AuthorizeModular) ReleaseResource(
	ctx context.Context,
	span rcmgr.ResourceScopeSpan)

func (*AuthorizeModular) ReserveResource

func (a *AuthorizeModular) ReserveResource(
	ctx context.Context,
	state *rcmgr.ScopeStat) (
	rcmgr.ResourceScopeSpan,
	error)

func (*AuthorizeModular) Start

func (a *AuthorizeModular) Start(ctx context.Context) error

func (*AuthorizeModular) Stop

func (a *AuthorizeModular) Stop(ctx context.Context) error

func (*AuthorizeModular) UpdateUserPublicKey

func (a *AuthorizeModular) UpdateUserPublicKey(ctx context.Context, account string, domain string, currentNonce int32, nonce int32, userPublicKey string, expiryDate int64) (bool, error)

UpdateUserPublicKey updates the user public key once the Dapp or client generates the EDDSA key pairs.

func (*AuthorizeModular) VerifyAuthorize

func (a *AuthorizeModular) VerifyAuthorize(
	ctx context.Context,
	authType coremodule.AuthOpType,
	account, bucket, object string) (
	bool, error)

VerifyAuthorize verifies the account has the operation's permission. TODO:: supports permission path verification and query

func (*AuthorizeModular) VerifyOffChainSignature

func (a *AuthorizeModular) VerifyOffChainSignature(ctx context.Context, account string, domain string, offChainSig string, realMsgToSign string) (bool, error)

VerifyOffChainSignature verifies the signature signed by user's EDDSA private key.

type PublicKey

type PublicKey = eddsa.PublicKey

func ParsePk

func ParsePk(pkStr string) (pk *PublicKey, err error)

ParsePk will parse eddsa public key from string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL