sigauth

package
v1.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 9, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// SHA256 represents a SHA256 hash
	SHA256 string = "SHA256"
	// SHA256Legacy represents a legacy SHA256 hash
	SHA256Legacy string = "SHA-256" // TODO: Remove once all dependents have been upgraded
)

Variables

This section is empty.

Functions

func BuildSignatureString 

func BuildSignatureString(r *Request, headers []string) (string, error)

BuildSignatureString builds the string to be signed for the provided request 

"headers" specify which headers to include in the signature string

func GetRequestDigest 

func GetRequestDigest(body []byte, alg string) (string, int, error)

GetRequestDigest returns the digest and length of the provided request body using the specified algorithm

func GetRequestLine 

func GetRequestLine(r *Request) string

GetRequestLine returns the request line for the provided request

Types

type Request 

type Request struct {
	Headers map[string][]string
	Body    []byte

	Host     string
	Method   string
	Path     string
	Protocol string
}

Request defines the components of a signed request required for signature authentication

func ParseHTTPRequest 

func ParseHTTPRequest(r *http.Request) (*Request, error)

ParseHTTPRequest parses a http.Request into a Request

func (Request) GetHeader 

func (s Request) GetHeader(key string) string

GetHeader gets the request header for a given key

type SignatureAuth 

type SignatureAuth struct {
	// contains filtered or unexported fields
}

SignatureAuth contains configurations and helper functions required to validate signatures

func NewSignatureAuth 

func NewSignatureAuth(serviceKey *keys.PrivKey, serviceRegManager *auth.ServiceRegManager, serviceRegKey bool, supportLegacy bool) (*SignatureAuth, error)

NewSignatureAuth creates and configures a new SignatureAuth instance

func (*SignatureAuth) BuildRequestAuthBody 

func (s *SignatureAuth) BuildRequestAuthBody() map[string]interface{}

BuildRequestAuthBody returns a map containing the auth fields for static token auth request bodies

func (*SignatureAuth) CheckParsedRequestSignature 

func (s *SignatureAuth) CheckParsedRequestSignature(sigString string, sigAuthHeader *SignatureAuthHeader, key *keys.PubKey) error

CheckParsedRequestSignature validates the signature on the provided parsed elements of a signed request

The request must be signed by the private key paired with the provided public key

func (*SignatureAuth) CheckRequestServiceSignature 

func (s *SignatureAuth) CheckRequestServiceSignature(r *Request, requiredServiceIDs []string) (string, error)

CheckRequestServiceSignature validates the signature on the provided request 

The request must be signed by one of the services in requiredServiceIDs. If nil, any valid signature
from a subscribed service will be accepted
Returns the service ID of the signing service

func (*SignatureAuth) CheckRequestSignature 

func (s *SignatureAuth) CheckRequestSignature(r *Request, key *keys.PubKey) error

CheckRequestSignature validates the signature on the provided request

The request must be signed by the private key paired with the provided public key

func (*SignatureAuth) CheckServiceSignature 

func (s *SignatureAuth) CheckServiceSignature(serviceID string, message string, signature string) error

CheckServiceSignature validates the provided message signature from the given service

func (*SignatureAuth) CheckSignature 

func (s *SignatureAuth) CheckSignature(pubKey *keys.PubKey, message string, signature string) error

CheckSignature validates the provided message signature from the given public key

func (*SignatureAuth) LegacyCheckSignature 

func (s *SignatureAuth) LegacyCheckSignature(pubKey *keys.PubKey, message string, signature string) error

LegacyCheckSignature validates the provided message signature from the given public key

func (*SignatureAuth) ModifyRequest 

func (s *SignatureAuth) ModifyRequest(req *http.Request) error

ModifyRequest signs the passed request to perform signature auth

func (*SignatureAuth) ParseRequestSignature 

func (s *SignatureAuth) ParseRequestSignature(r *Request) (string, *SignatureAuthHeader, error)

ParseRequestSignature checks the request's digest and returns its signature string and parsed header

func (*SignatureAuth) Sign 

func (s *SignatureAuth) Sign(message string) (string, error)

Sign generates and returns a signature for the provided message

func (*SignatureAuth) SignRequest 

func (s *SignatureAuth) SignRequest(r *http.Request) error

SignRequest signs and modifies the provided request with the necessary signature parameters

type SignatureAuthHeader 

type SignatureAuthHeader struct {
	KeyID      string   `json:"keyId" validate:"required"`
	Algorithm  string   `json:"algorithm" validate:"required"`
	Headers    []string `json:"headers,omitempty"`
	Extensions string   `json:"extensions,omitempty"`
	Signature  string   `json:"signature" validate:"required"`
}

SignatureAuthHeader defines the structure of the Authorization header for signature authentication

func ParseSignatureAuthHeader 

func ParseSignatureAuthHeader(header string) (*SignatureAuthHeader, error)

ParseSignatureAuthHeader parses a signature Authorization header string

func (*SignatureAuthHeader) Build 

func (s *SignatureAuthHeader) Build() (string, error)

Build builds the signature Authorization header string

func (*SignatureAuthHeader) SetField 

func (s *SignatureAuthHeader) SetField(field string, value string) error

SetField sets the provided field to the provided value

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.