bewit

package
Version: v0.0.0-...-b178995 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 19, 2020 License: MIT Imports: 9 Imported by: 0

Documentation

Overview

Package bewit implement a subset of the Hawk[1] authentication scheme (Single URI Authorization).

Designed for providing short-term access to a protected resource.

This scheme doesn't provide any way to transmit the credentials (use TLS).

This implementation slightly differs with the original Hawk lib (which is the specification):

  • No host/path support (they're set to "", since it's hard to discover the host/port server-side due to proxying and the HTTP protocol.
  • No `ext` support (Oz related, an Hawk extension)

Links

[1]: https://github.com/hueniverse/hawk

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrEmptyBewit is returned when no bewit info is present in the URL
	ErrEmptyBewit = errors.New("Empty bewit")

	// ErrInvalidMethod is returned when the HTTP method is not supported (only GET is supported)
	ErrInvalidMethod = errors.New("Invalid method")

	// ErrInvalidEncoding is returned when the bewit cannot be decoded
	ErrInvalidEncoding = errors.New("Invalid bewit encoding")

	// ErrInvalidPayload is returned when the payload could not be decoded
	ErrInvalidPayload = errors.New("Invalid bewit payload")

	// ErrUnknowCredentials is returned when the credientials is not matching the one configured
	ErrUnknownCredentials = errors.New("Unknown credentials")

	// ErrInvalidTimestamp is returned when the timestamp could not be decoded
	ErrInvalidTimestamp = errors.New("Invalid timestamp")

	// ErrAccessExpired is returned when the link is no longer valid
	ErrAccessExpired = errors.New("Access expired")

	// ErrBadMac is returned when the computed mac doest not match
	ErrBadMac = errors.New("Bad mac")
)

Functions

func Bewit

func Bewit(creds *Cred, url *url.URL, ttl time.Duration) error

Bewit adds the query args to the given URL, will for valid for the given TTL

func Validate

func Validate(req *http.Request, creds *Cred) error

Validate valides an HTTP requests against the given credential

Types

type Cred

type Cred struct {
	ID  string
	Key []byte
}

Cred holds a key ID/secret

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL