Documentation
¶
Overview ¶
httpsignatures is a golang implementation of the http-signatures spec found at https://tools.ietf.org/html/draft-cavage-http-signatures
Example (CustomSigning) ¶
signer := httpsignatures.NewSigner( httpsignatures.AlgorithmHmacSha256, httpsignatures.RequestTarget, "date", "content-length", ) r, _ := http.NewRequest("GET", "http://example.com/some-api", nil) signer.SignRequest("KeyId", "Key", r) http.DefaultClient.Do(r)
Output:
Example (Signing) ¶
r, _ := http.NewRequest("GET", "http://example.com/some-api", nil) // Sign using the 'Signature' header httpsignatures.DefaultSha256Signer.SignRequest("KeyId", "Key", r) // OR Sign using the 'Authorization' header httpsignatures.DefaultSha256Signer.AuthRequest("KeyId", "Key", r) http.DefaultClient.Do(r)
Output:
Example (Verification) ¶
_ = func(w http.ResponseWriter, r *http.Request) { sig, err := httpsignatures.FromRequest(r) if err != nil { // Probably a malformed header http.Error(w, "Bad Request", http.StatusBadRequest) panic(err) } // if you have headers that must be signed check // that they are in sig.Headers var key string // = lookup using sig.KeyID if !sig.IsValid(key, r) { http.Error(w, "Forbidden", http.StatusForbidden) return } // request was signed correctly. }
Output:
Index ¶
Examples ¶
Constants ¶
View Source
const (
RequestTarget = "(request-target)"
)
Variables ¶
View Source
var ( AlgorithmHmacSha256 = &Algorithm{"hmac-sha256", sha256.New} AlgorithmHmacSha1 = &Algorithm{"hmac-sha1", sha1.New} ErrorUnknownAlgorithm = errors.New("Unknown Algorithm") )
View Source
var ( // DefaultSha1Signer will sign requests with the url and date using the SHA1 algorithm. // Users are encouraged to create their own signer with the headers they require. DefaultSha1Signer = NewSigner(AlgorithmHmacSha1, RequestTarget, "date") // DefaultSha256Signer will sign requests with the url and date using the SHA256 algorithm. // Users are encouraged to create their own signer with the headers they require. DefaultSha256Signer = NewSigner(AlgorithmHmacSha256, RequestTarget, "date") )
View Source
var (
ErrorNoSignatureHeader = errors.New("No Signature header found in request")
)
Functions ¶
This section is empty.
Types ¶
type HeaderList ¶
type HeaderList []string
func (HeaderList) String ¶
func (h HeaderList) String() string
type Signature ¶
type Signature struct { KeyID string Algorithm *Algorithm Headers HeaderList Signature string }
Signature is the hashed key + headers, either from a request or a signer
func FromRequest ¶
FromRequest creates a new Signature from the Request both Signature and Authorization http headers are supported.
func FromString ¶
FromString creates a new Signature from its encoded form, eg `keyId="a",algorithm="b",headers="c",signature="d"`
type Signer ¶
type Signer struct {
// contains filtered or unexported fields
}
Signer is used to create a signature for a given request.
func (Signer) AuthRequest ¶
AuthRequest adds a http signature to the Authorization: HTTP Header
Click to show internal directories.
Click to hide internal directories.