Package bewit implement a subset of the Hawk authentication scheme (Single URI Authorization).
Designed for providing short-term access to a protected resource.
This scheme doesn't provide any way to transmit the credentials (use TLS).
This implementation slightly differs with the original Hawk lib (which is the specification):
- No host/path support (they're set to "", since it's hard to discover the host/port server-side due to proxying and the HTTP protocol.
- No `ext` support (Oz related, an Hawk extension)
This section is empty.
var ( // ErrEmptyBewit is returned when no bewit info is present in the URL ErrEmptyBewit = errors.New("Empty bewit") // ErrInvalidMethod is returned when the HTTP method is not supported (only GET is supported) ErrInvalidMethod = errors.New("Invalid method") // ErrInvalidEncoding is returned when the bewit cannot be decoded ErrInvalidEncoding = errors.New("Invalid bewit encoding") // ErrInvalidPayload is returned when the payload could not be decoded ErrInvalidPayload = errors.New("Invalid bewit payload") // ErrUnknowCredentials is returned when the credientials is not matching the one configured ErrUnknownCredentials = errors.New("Unknown credentials") // ErrInvalidTimestamp is returned when the timestamp could not be decoded ErrInvalidTimestamp = errors.New("Invalid timestamp") // ErrAccessExpired is returned when the link is no longer valid ErrAccessExpired = errors.New("Access expired") // ErrBadMac is returned when the computed mac doest not match ErrBadMac = errors.New("Bad mac") )
Bewit adds the query args to the given URL, will for valid for the given TTL