authorizer

package

v0.2.2-test.8 Latest Latest Go to latest Published: Jun 13, 2023 License: GPL-3.0 Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bnb-chain/greenfield-storage-provider

Documentation ¶

Index ¶

Constants
Variables
func NewAuthorizeModular(app *gfspapp.GfSpBaseApp, cfg *gfspconfig.GfSpConfig) (coremodule.Modular, error)
func Verify(pk *PublicKey, signature, msg []byte) (bool, error)
func VerifyEddsaSignature(pubKey string, sig, message []byte) error
type AuthorizeModular
type PublicKey
- func ParsePk(pkStr string) (pk *PublicKey, err error)

Constants ¶

View Source

const (
	OffChainAuthSigExpiryAgeInSec int32 = 60 * 5 // in 300 seconds
)

Variables ¶

View Source

var (
	ErrUnsupportedAuthType = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20001, "unsupported auth op type")
	ErrMismatchSp          = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20002, "mismatched primary sp")
	ErrNotCreatedState     = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20003, "object has not been created state")
	ErrNotSealedState      = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20004, "object has not been sealed state")
	ErrPaymentState        = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20005, "payment account is not active")
	ErrNoSuchAccount       = gfsperrors.Register(module.AuthorizationModularName, http.StatusNotFound, 20006, "no such account")
	ErrNoSuchBucket        = gfsperrors.Register(module.AuthorizationModularName, http.StatusNotFound, 20007, "no such bucket")
	ErrNoSuchObject        = gfsperrors.Register(module.AuthorizationModularName, http.StatusNotFound, 20008, "no such object")
	ErrRepeatedBucket      = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20009, "repeated bucket")
	ErrRepeatedObject      = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20010, "repeated object")
	ErrNoPermission        = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20011, "no permission")

	ErrBadSignature           = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20012, "bad signature")
	ErrSignedMsgFormat        = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20013, "signed msg must be formatted as ${actionContent}_${expiredTimestamp}")
	ErrExpiredTimestampFormat = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20014, "expiredTimestamp in signed msg must be a unix epoch time in milliseconds")
	ErrPublicKeyExpired       = gfsperrors.Register(module.AuthorizationModularName, http.StatusBadRequest, 20015, "user public key is expired")

	ErrConsensus = gfsperrors.Register(module.AuthorizationModularName, http.StatusInternalServerError, 25002, "server slipped away, try again later")
)

Functions ¶

func NewAuthorizeModular ¶

func NewAuthorizeModular(app *gfspapp.GfSpBaseApp, cfg *gfspconfig.GfSpConfig) (coremodule.Modular, error)

func Verify ¶

func Verify(pk *PublicKey, signature, msg []byte) (bool, error)

Verify will Verify signature of a message with MiMC hash function

func VerifyEddsaSignature ¶

func VerifyEddsaSignature(pubKey string, sig, message []byte) error

VerifyEddsaSignature EDDSA sig verification

Types ¶

type AuthorizeModular ¶

type AuthorizeModular struct {
	// contains filtered or unexported fields
}

func (*AuthorizeModular) GetAuthNonce ¶

func (a *AuthorizeModular) GetAuthNonce(ctx context.Context, account string, domain string) (*spdb.OffChainAuthKey, error)

GetAuthNonce get the auth nonce for which the Dapp or client can generate EDDSA key pairs.

func (*AuthorizeModular) Name ¶

func (a *AuthorizeModular) Name() string

func (*AuthorizeModular) ReleaseResource ¶

func (a *AuthorizeModular) ReleaseResource(
	ctx context.Context,
	span rcmgr.ResourceScopeSpan)

func (*AuthorizeModular) ReserveResource ¶

func (a *AuthorizeModular) ReserveResource(
	ctx context.Context,
	state *rcmgr.ScopeStat) (
	rcmgr.ResourceScopeSpan,
	error)

func (*AuthorizeModular) Start ¶

func (a *AuthorizeModular) Start(ctx context.Context) error

func (*AuthorizeModular) Stop ¶

func (a *AuthorizeModular) Stop(ctx context.Context) error

func (*AuthorizeModular) UpdateUserPublicKey ¶

func (a *AuthorizeModular) UpdateUserPublicKey(ctx context.Context, account string, domain string, currentNonce int32, nonce int32, userPublicKey string, expiryDate int64) (bool, error)

UpdateUserPublicKey updates the user public key once the Dapp or client generates the EDDSA key pairs.

func (*AuthorizeModular) VerifyAuthorize ¶

func (a *AuthorizeModular) VerifyAuthorize(
	ctx context.Context,
	authType coremodule.AuthOpType,
	account, bucket, object string) (
	bool, error)

VerifyAuthorize verifies the account has the operation's permission. TODO:: supports permission path verification and query

func (*AuthorizeModular) VerifyOffChainSignature ¶

func (a *AuthorizeModular) VerifyOffChainSignature(ctx context.Context, account string, domain string, offChainSig string, realMsgToSign string) (bool, error)

VerifyOffChainSignature verifies the signature signed by user's EDDSA private key.

type PublicKey ¶

type PublicKey = eddsa.PublicKey

func ParsePk ¶

func ParsePk(pkStr string) (pk *PublicKey, err error)

ParsePk will parse eddsa public key from string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL