README
¶
httpsignatures-go
Golang library for the http-signatures spec.
See https://godoc.org/github.com/99designs/httpsignatures-go for documentation and examples
Documentation
¶
Overview ¶
httpsignatures is a golang implementation of the http-signatures spec found at https://tools.ietf.org/html/draft-cavage-http-signatures
Example (CustomSigning) ¶
signer := httpsignatures.NewSigner(
httpsignatures.AlgorithmHmacSha256,
httpsignatures.RequestTarget, "date", "content-length",
)
r, _ := http.NewRequest("GET", "http://example.com/some-api", nil)
signer.SignRequest("KeyId", "Key", r, true)
http.DefaultClient.Do(r)
Output:
Example (Signing) ¶
r, _ := http.NewRequest("GET", "http://example.com/some-api", nil)
// Sign using the 'Signature' header
httpsignatures.DefaultSha256Signer.SignRequest("KeyId", "Key", r, true)
// OR Sign using the 'Authorization' header
httpsignatures.DefaultSha256Signer.AuthRequest("KeyId", "Key", r, true)
http.DefaultClient.Do(r)
Output:
Example (Verification) ¶
_ = func(w http.ResponseWriter, r *http.Request) {
sig, err := httpsignatures.FromRequest(r)
if err != nil {
// Probably a malformed header
http.Error(w, "Bad Request", http.StatusBadRequest)
panic(err)
}
// if you have headers that must be signed check
// that they are in sig.Headers
var key string // = lookup using sig.KeyID
if !sig.IsValid(key, r, true) {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
// request was signed correctly.
}
Output:
Index ¶
Examples ¶
Constants ¶
View Source
const (
RequestTarget = "(request-target)"
)
Variables ¶
View Source
var ( AlgorithmHmacSha256 = &Algorithm{"hmac-sha256", sha256.New} AlgorithmRsaSha256 = &Algorithm{"rsa-sha256", sha256.New} AlgorithmHmacSha1 = &Algorithm{"hmac-sha1", sha1.New} AlgorithmRsaSha1 = &Algorithm{"rsa-sha1", sha1.New} ErrorUnknownAlgorithm = errors.New("Unknown Algorithm") )
View Source
var ( // DefaultSha1Signer will sign requests with the url and date using the SHA1 algorithm. // Users are encouraged to create their own signer with the headers they require. DefaultSha1Signer = NewSigner(AlgorithmHmacSha1, RequestTarget, "date") // DefaultSha256Signer will sign requests with the url and date using the SHA256 algorithm. // Users are encouraged to create their own signer with the headers they require. DefaultSha256Signer = NewSigner(AlgorithmHmacSha256, RequestTarget, "date") )
View Source
var (
ErrorNoSignatureHeader = errors.New("No Signature header found in request")
)
Functions ¶
This section is empty.
Types ¶
type HeaderList ¶
type HeaderList []string
func (HeaderList) String ¶
func (h HeaderList) String() string
type Signature ¶
type Signature struct {
KeyID string
Algorithm *Algorithm
Headers HeaderList
Signature string
}
Signature is the hashed key + headers, either from a request or a signer
func FromRequest ¶
FromRequest creates a new Signature from the Request both Signature and Authorization http headers are supported.
func FromString ¶
FromString creates a new Signature from its encoded form, eg `keyId="a",algorithm="b",headers="c",signature="d"`
type Signer ¶
type Signer struct {
// contains filtered or unexported fields
}
Signer is used to create a signature for a given request.
func (Signer) AuthRequest ¶
AuthRequest adds a http signature to the Authorization: HTTP Header
Source Files
Click to show internal directories.
Click to hide internal directories.