auth

package
v0.24.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 27, 2019 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package auth provides authentication to the SecretHub API.

Index

Constants

View Source 
const (
	// AuthHeaderVersionV1 is the authorization header tag used for authorization
	// headers that include the signing method.
	AuthHeaderVersionV1 = "SecretHub-v1"
)

Variables

View Source 
var (
	ErrCannotParseDateHeader      = errNamespace.Code("parse_date_header_failed").StatusError("could not authenticate request because the date header of the auth message could not be parsed", http.StatusBadRequest)
	ErrInvalidAuthorizationHeader = errNamespace.Code("invalid_authorization_header").StatusErrorf("could not authenticate request because the authorization header has invalid format", http.StatusBadRequest)
	ErrOutdatedSignatureProtocol  = errNamespace.Code("outdated_signature_protocol").StatusError("the signature protocol used for authentication is outdated, please upgrade to a newer version", http.StatusBadRequest)

	ErrMalformedSignature = errNamespace.Code("malformed_signature").StatusError("could not authenticate request because the signature is malformed", http.StatusBadRequest)
	ErrSignatureExpired   = errNamespace.Code("signature_expired").StatusError("could not authenticate request because signature has expired", http.StatusUnauthorized)
	ErrSignatureFuture    = errNamespace.Code("signature_future").StatusError("could not authenticate request because signature timestamp is too far in the future", http.StatusUnauthorized)
)

Errors

Functions

This section is empty.

Types

type Authenticator 

type Authenticator interface {
	Authenticate(r *http.Request) error
}

Authenticator proofs that an HTTP request is made by the owner of the authenticator.

func NewHTTPSigner added in v0.21.0 

func NewHTTPSigner(signer Signer) Authenticator

NewHTTPSigner creates an authenticator that uses the given signer to prove the owner of the signer is making the HTTP request.

type NopAuthenticator added in v0.21.0 

type NopAuthenticator struct{}

NopAuthenticator is an authenticator that does not add any authentication to the request.

func (NopAuthenticator) Authenticate added in v0.21.0 

func (s NopAuthenticator) Authenticate(r *http.Request) error

Authenticate the provided request.

type SessionSigner added in v0.21.0 

type SessionSigner struct {
	// contains filtered or unexported fields
}

SessionSigner is an implementation of the Signer interface that uses an HMAC session to authenticate a request.

func NewSessionSigner added in v0.21.0 

func NewSessionSigner(sessionID uuid.UUID, secretKey string) *SessionSigner

NewSessionSigner returns a new SessionSigner.

func (SessionSigner) ID added in v0.21.0 

func (s SessionSigner) ID() (string, error)

ID returns the session id of this signer.

func (SessionSigner) Sign added in v0.21.0 

func (s SessionSigner) Sign(msg []byte) ([]byte, error)

Sign the payload with an HMAC signature.

func (SessionSigner) SignMethod added in v0.21.0 

func (s SessionSigner) SignMethod() string

SignMethod returns the signature method of this signer.

type Signer added in v0.21.0 

type Signer interface {
	ID() (string, error)
	Sign([]byte) ([]byte, error)
	SignMethod() string
}

Signer provides proof that given bytes are processed by the owner of the signer.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.