Documentation ¶
Index ¶
- Constants
- Variables
- func NewAuthenticationModular(app *gfspapp.GfSpBaseApp, cfg *gfspconfig.GfSpConfig) (coremodule.Modular, error)
- func Verify(pk *PublicKey, signature, msg []byte) (bool, error)
- func VerifyEddsaSignature(pubKey string, sig, message []byte) error
- type AuthenticationModular
- func (a *AuthenticationModular) GetAuthNonce(ctx context.Context, account string, domain string) (*spdb.OffChainAuthKey, error)
- func (a *AuthenticationModular) Name() string
- func (a *AuthenticationModular) ReleaseResource(ctx context.Context, span rcmgr.ResourceScopeSpan)
- func (a *AuthenticationModular) ReserveResource(ctx context.Context, state *rcmgr.ScopeStat) (rcmgr.ResourceScopeSpan, error)
- func (a *AuthenticationModular) Start(ctx context.Context) error
- func (a *AuthenticationModular) Stop(ctx context.Context) error
- func (a *AuthenticationModular) UpdateUserPublicKey(ctx context.Context, account string, domain string, currentNonce int32, ...) (bool, error)
- func (a *AuthenticationModular) VerifyAuthentication(ctx context.Context, authType coremodule.AuthOpType, ...) (bool, error)
- func (a *AuthenticationModular) VerifyOffChainSignature(ctx context.Context, account string, domain string, offChainSig string, ...) (bool, error)
- type PublicKey
Constants ¶
View Source
const (
OffChainAuthSigExpiryAgeInSec int32 = 60 * 5 // in 300 seconds
)
Variables ¶
View Source
var ( ErrUnsupportedAuthType = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20001, "unsupported auth op type") ErrMismatchSp = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20002, "mismatched primary sp") ErrNotCreatedState = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20003, "object has not been created state") ErrNotSealedState = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20004, "object has not been sealed state") ErrPaymentState = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20005, "payment account is not active") ErrNoSuchAccount = gfsperrors.Register(module.AuthenticationModularName, http.StatusNotFound, 20006, "no such account") ErrNoSuchBucket = gfsperrors.Register(module.AuthenticationModularName, http.StatusNotFound, 20007, "no such bucket") ErrNoSuchObject = gfsperrors.Register(module.AuthenticationModularName, http.StatusNotFound, 20008, "no such object") ErrRepeatedBucket = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20009, "repeated bucket") ErrRepeatedObject = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20010, "repeated object") ErrNoPermission = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20011, "no permission") ErrBadSignature = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20012, "bad signature") ErrSignedMsgFormat = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20013, "signed msg must be formatted as ${actionContent}_${expiredTimestamp}") ErrExpiredTimestampFormat = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20014, "expiredTimestamp in signed msg must be a unix epoch time in milliseconds") ErrPublicKeyExpired = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20015, "user public key is expired") ErrConsensus = gfsperrors.Register(module.AuthenticationModularName, http.StatusInternalServerError, 25002, "server slipped away, try again later") )
Functions ¶
func NewAuthenticationModular ¶
func NewAuthenticationModular(app *gfspapp.GfSpBaseApp, cfg *gfspconfig.GfSpConfig) (coremodule.Modular, error)
func VerifyEddsaSignature ¶
VerifyEddsaSignature EDDSA sig verification
Types ¶
type AuthenticationModular ¶
type AuthenticationModular struct {
// contains filtered or unexported fields
}
func (*AuthenticationModular) GetAuthNonce ¶
func (a *AuthenticationModular) GetAuthNonce(ctx context.Context, account string, domain string) (*spdb.OffChainAuthKey, error)
GetAuthNonce get the auth nonce for which the Dapp or client can generate EDDSA key pairs.
func (*AuthenticationModular) Name ¶
func (a *AuthenticationModular) Name() string
func (*AuthenticationModular) ReleaseResource ¶
func (a *AuthenticationModular) ReleaseResource( ctx context.Context, span rcmgr.ResourceScopeSpan)
func (*AuthenticationModular) ReserveResource ¶
func (a *AuthenticationModular) ReserveResource( ctx context.Context, state *rcmgr.ScopeStat) ( rcmgr.ResourceScopeSpan, error)
func (*AuthenticationModular) Start ¶
func (a *AuthenticationModular) Start(ctx context.Context) error
func (*AuthenticationModular) Stop ¶
func (a *AuthenticationModular) Stop(ctx context.Context) error
func (*AuthenticationModular) UpdateUserPublicKey ¶
func (a *AuthenticationModular) UpdateUserPublicKey(ctx context.Context, account string, domain string, currentNonce int32, nonce int32, userPublicKey string, expiryDate int64) (bool, error)
UpdateUserPublicKey updates the user public key once the Dapp or client generates the EDDSA key pairs.
func (*AuthenticationModular) VerifyAuthentication ¶
func (a *AuthenticationModular) VerifyAuthentication( ctx context.Context, authType coremodule.AuthOpType, account, bucket, object string) ( bool, error)
VerifyAuthentication verifies the account has the operation's permission. TODO:: supports permission path verification and query
func (*AuthenticationModular) VerifyOffChainSignature ¶
func (a *AuthenticationModular) VerifyOffChainSignature(ctx context.Context, account string, domain string, offChainSig string, realMsgToSign string) (bool, error)
VerifyOffChainSignature verifies the signature signed by user's EDDSA private key.
Click to show internal directories.
Click to hide internal directories.