Documentation ¶
Index ¶
- Variables
- type Logger
- type Server
- func (server *Server) ClientHandler(store Store, tokens TokenGenerator) http.Handler
- func (s *Server) Handler() http.Handler
- func (s *Server) Nut() sqrl.Nut
- func (s *Server) NutHandler(w http.ResponseWriter, r *http.Request)
- func (server *Server) PagHandler(store TransactionStore) http.Handler
- func (s *Server) QRCodeHandler(w http.ResponseWriter, r *http.Request)
- func (server *Server) TokenHandler(tokens TokenValidator) http.Handler
- func (s *Server) WithAuthentication(validator ServerToServerAuthValidationFunc) *Server
- func (s *Server) WithClientEndpoint(url string) *Server
- func (s *Server) WithLogger(l Logger) *Server
- func (s *Server) WithStore(store Store) *Server
- func (s *Server) WithTokenExchange(exchange TokenExchange) *Server
- type ServerToServerAuthValidationFunc
- type Store
- type Token
- type TokenExchange
- type TokenGenerator
- type TokenValidator
- type TransactionStore
- type User
- type UserStore
Constants ¶
This section is empty.
Variables ¶
var ( ErrTokenExpired = errors.New("token expired") ErrTokenFormatInvalid = errors.New("token format invalid") )
var ClientIP = realip.FromRequest
ClientIP is the function that is used to extract the client ip string from a given incomming http request. By default uses the FromRequest method from github.com/tomasen/realip, extracting the IP from either the X-Forwarded-For or X-Real-Ip headers, before falling back to remote addr.
Functions ¶
This section is empty.
Types ¶
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
func (*Server) ClientHandler ¶
func (server *Server) ClientHandler(store Store, tokens TokenGenerator) http.Handler
TODO: This method is ridiculously large, we should be able to break it down and move some of the functionality (particularly validation) to the core SQRL package for folks who don't need a SSP server.
func (*Server) Handler ¶
Handler returns a gorilla mux router including all of the SQRL SSP API handlers
func (*Server) NutHandler ¶
func (s *Server) NutHandler(w http.ResponseWriter, r *http.Request)
NutHandler handler for the nut endpoint Reference: https://www.grc.com/sqrl/sspapi.htm TODO does not yet handle params 0-9, sin or ask
func (*Server) PagHandler ¶
func (server *Server) PagHandler(store TransactionStore) http.Handler
func (*Server) QRCodeHandler ¶
func (s *Server) QRCodeHandler(w http.ResponseWriter, r *http.Request)
QRCodeHandler handles creating the QR code version of the SQRL URL
func (*Server) TokenHandler ¶
func (server *Server) TokenHandler(tokens TokenValidator) http.Handler
TokenHandler is an endpoint repsonsible for validating and exchanging the token issued to the client for user details so that the resource server can associate that SQRL user with their own copy of the user identity.
func (*Server) WithAuthentication ¶
func (s *Server) WithAuthentication(validator ServerToServerAuthValidationFunc) *Server
func (*Server) WithClientEndpoint ¶
WithClientEndpoint sets the endpoint that the client can use to post SQRL transactions to. This endpoint should be the path relative to the SQRL domain eg. /sqrl/cli.sqrl
Defaults to /cli.sqrl if not set.
func (*Server) WithLogger ¶
func (*Server) WithTokenExchange ¶
func (s *Server) WithTokenExchange(exchange TokenExchange) *Server
type Store ¶
type Store interface { TransactionStore UserStore }
func NewMemoryStore ¶
func NewMemoryStore() Store
type TokenExchange ¶
type TokenExchange interface { TokenGenerator TokenValidator }
func DefaultExchange ¶
func DefaultExchange(key []byte, expiry time.Duration) TokenExchange
TODO: There is a lot of similarities here between sqrl.Server and the token generator - how could we share more of the logic between the two? Maybe managed aes is not required?
type TokenGenerator ¶
type TokenValidator ¶
type TransactionStore ¶
type TransactionStore interface { // GetFirstTransaction returns the transaction that started an exchange between // a SQRL client and SSP server. If no error or transaction is returned then // the current transaction is the first transaction in the exchange. GetFirstTransaction(ctx context.Context, nut sqrl.Nut) (*sqrl.Transaction, error) // SaveTransaction stores a verified transaction in the DB. SaveTransaction(ctx context.Context, t *sqrl.Transaction) error // SaveIdentSuccess stores a successful ident query from a client. The token // that will be returned to the client is stored to allow for retrieval // (for the pag.sqrl endpoint). SaveIdentSuccess(ctx context.Context, nut sqrl.Nut, token Token) error // GetIdentSuccess returns a previously saved token for a given transaction nut // if such a token exists. An empty string will be returned if the given nut // has not yet been saved as successful. GetIdentSuccess(ctx context.Context, nut sqrl.Nut) (token Token, err error) }
type UserStore ¶
type UserStore interface { CreateUser(ctx context.Context, idk sqrl.Identity) (*User, error) // GetByIdentity returns a user from the given identity key. // If no user is found, a nil user will be returned with no error. // TODO: Clarify exactly when a user should be saved // is it after a successful query? Or after successful ident? // see: https://github.com/RaniSputnik/sqrl-go/issues/25 GetUserByIdentity(ctx context.Context, idk sqrl.Identity) (*User, error) }