README
¶
go-ucan
This is a go library to help the next generation of web and decentralized applications make use of UCANs in their authorization flows.
User Controlled Authorization Networks (UCANs) are a way of doing authorization where users are fully in control. OAuth is designed for a centralized world, UCAN is the distributed user controlled version.
Resources
Specifications
The UCAN specification is separated in multiple sub-spec:
Not implemented yet:
Talks
- Decentralizing Auth, and UCAN Too - Brooklyn Zelenka (2023)
- What's New in UCAN 1.0 - Brooklyn Zelenka (2024)
Status
go-ucan currently support the required parts of the UCAN specification: the main specification, delegation and invocation.
Besides that, go-ucan also includes:
- a simplified DID and did-key implementation
- a token container with CBOR and CAR format, to package and carry tokens together, see SPEC
- support for encrypted values in token's metadata
Getting Help
For usage questions, usecases, or issues reach out to us in our go-ucan
Discord channel.
We would be happy to try to answer your question or try opening a new issue on Github.
UCAN Gopher
Artwork by Bruno Monts. Thank you Renee French for creating the Go Gopher
License
This project is licensed under the double license Apache 2.0 + MIT.
Directories
¶
| Path | Synopsis |
|---|---|
|
didtest
Package didtest provides Personas that can be used for testing.
|
Package didtest provides Personas that can be used for testing. |
|
pkg
|
|
|
args
Package args provides the type that represents the Arguments passed to a command within an invocation.Token as well as a convenient Add method to incrementally build the underlying map.
|
Package args provides the type that represents the Arguments passed to a command within an invocation.Token as well as a convenient Add method to incrementally build the underlying map. |
|
policy/literal
Package literal holds a collection of functions to create IPLD types to use in policies, selector and args.
|
Package literal holds a collection of functions to create IPLD types to use in policies, selector and args. |
|
delegation
Package delegation implements the UCAN delegation specification with an immutable Token type as well as methods to convert the Token to and from the envelope-enclosed, signed and DAG-CBOR-encoded form that should most commonly be used for transport and storage.
|
Package delegation implements the UCAN delegation specification with an immutable Token type as well as methods to convert the Token to and from the envelope-enclosed, signed and DAG-CBOR-encoded form that should most commonly be used for transport and storage. |
|
delegation/delegationtest
Package delegationtest provides a set of pre-built delegation tokens for a variety of test cases.
|
Package delegationtest provides a set of pre-built delegation tokens for a variety of test cases. |
|
internal/envelope
Package envelope provides functions that convert between wire-format encoding of a [UCAN] token's [Envelope] and the Go type representing a verified [TokenPayload].
|
Package envelope provides functions that convert between wire-format encoding of a [UCAN] token's [Envelope] and the Go type representing a verified [TokenPayload]. |
|
internal/varsig
Package varsig implements the portion of the [varsig specification] that's needed for the UCAN [Envelope].
|
Package varsig implements the portion of the [varsig specification] that's needed for the UCAN [Envelope]. |
|
invocation
Package invocation implements the UCAN invocation specification with an immutable Token type as well as methods to convert the Token to and from the envelope-enclosed, signed and DAG-CBOR-encoded form that should most commonly be used for transport and storage.
|
Package invocation implements the UCAN invocation specification with an immutable Token type as well as methods to convert the Token to and from the envelope-enclosed, signed and DAG-CBOR-encoded form that should most commonly be used for transport and storage. |