Documentation ¶
Index ¶
- Variables
- func AccessCodeLen() int
- func CanonicalizeURI(path string) string
- func DecodePk(str string) (libp2pcrypto.PubKey, error)
- func DecodeSk(str string) (libp2pcrypto.PrivKey, error)
- func EncodePk(pk libp2pcrypto.PubKey) (string, error)
- func EncodeSk(sk libp2pcrypto.PrivKey) (string, error)
- func ExtractLeadingAccessCode(str string) (string, string, error)
- func GenAccessCode() string
- func GenStringToSign(method, host, uri, arg string) string
- func HasAccessCodePrefix(str string) bool
- func SignBase64(data []byte, sk libp2pcrypto.PrivKey) (string, error)
- func SignRequest(r *gohttp.Request, args *http.Args, sk libp2pcrypto.PrivKey) error
- func ValidateNode(args *http.Args) error
- func ValidateTimestamp(args *http.Args, tolerance time.Duration) (time.Time, error)
- func VerifyRequest(r *gohttp.Request, pk libp2pcrypto.PubKey) error
- func VerifySigBase64(data, sig string, pk libp2pcrypto.PubKey) error
- type Claims
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrReqDateMissing = errors.New("request date missing") ErrReqDateObsolete = errors.New("request date obsolete") ErrReqNodeMissing = errors.New("request node missing") ErrReqSigExists = errors.New("request signature parameter already exists") ErrReqSigMissing = errors.New("request signature parameter missing") ErrReqSigFailure = errors.New("request signature verification failure") )
Predefined errors for auth.
View Source
var (
ErrAccessCodeNotFound = errors.New("access code not found")
)
Functions ¶
func AccessCodeLen ¶
func AccessCodeLen() int
func CanonicalizeURI ¶
func GenAccessCode ¶
func GenAccessCode() string
Common CID in b36 encoding is usually 56 bytes. The max length for a domain label is 63 bytes. With 1 byte prefix identifier, it leaves 6 bytes for access code. A hex encoding allows actual 3 bytes of data: 2^24 = 16M variations.
func GenStringToSign ¶
func HasAccessCodePrefix ¶
func SignBase64 ¶
func SignBase64(data []byte, sk libp2pcrypto.PrivKey) (string, error)
func SignRequest ¶
SignRequest is a API authentication scheme similar to AWS S3. https://docs.aws.amazon.com/AmazonS3/latest/userguide/RESTAuthentication.html
func ValidateNode ¶
func ValidateTimestamp ¶
func VerifyRequest ¶
func VerifyRequest(r *gohttp.Request, pk libp2pcrypto.PubKey) error
VerifyRequest is used to verify the auth by decoding by the public key.
func VerifySigBase64 ¶
func VerifySigBase64(data, sig string, pk libp2pcrypto.PubKey) error
Types ¶
type Claims ¶
type Claims struct { AccountID uint64 `json:"id"` Provider string `json:"provider"` Username string `json:"username"` Perm uint64 `json:"perm"` Debug string `json:"debug,omitempty"` jwt.RegisteredClaims }
Claims contain the auth data that share between servers.
func NewClaimsFromJWT ¶
NewClaimsFromJWT validates jwt string and converts it to claims.
func (*Claims) ExtractDebug ¶
ExtractDebug extracts debug data as kv pairs.
Click to show internal directories.
Click to hide internal directories.