Documentation ¶
Index ¶
Constants ¶
View Source
const ( // MethodTagSignatureV1 defines the deprecated v1 Authorization header tag. MethodTagSignatureV1 = "SecretHub" // MethodTagSignatureV2 defines the deprecated v2 Authorization header tag. MethodTagSignatureV2 = "SecretHub-Sig2" // MethodTagSignature defines the method's Authorization header tag. MethodTagSignature = "secrethub-sig-v1" )
Variables ¶
View Source
var ( ErrUnsupportedAuthFormat = errNamespace.Code("unsupported_auth_format").StatusError("the authentication format in the Authorization header is not supported", http.StatusBadRequest) ErrNoAuthHeader = errNamespace.Code("no_auth_header").StatusError("the authorization header should be set", http.StatusBadRequest) )
Errors
View Source
var ( ErrBadRequest = errNamespace.Code("bad_request").StatusError("bad request", http.StatusBadRequest) ErrCannotParseDateHeader = errNamespace.Code("parse_date_header_failed").StatusError("could not authenticate request because the date header of the auth message could not be parsed", http.StatusBadRequest) ErrInvalidAuthorizationHeader = errNamespace.Code("invalid_authorization_header").StatusErrorf("could not authenticate request because the authorization header must have format: %s identifier:base64_encoded_signature", http.StatusBadRequest, MethodTagSignature) ErrOutdatedSignatureProtocol = errNamespace.Code("outdated_signature_protocol").StatusError("the signature protocol used for authentication is outdated, please upgrade to a newer version", http.StatusBadRequest) ErrMalformedSignature = errNamespace.Code("malformed_signature").StatusError("could not authenticate request because the signature is malformed", http.StatusBadRequest) ErrSignatureExpired = errNamespace.Code("signature_expired").StatusError("could not authenticate request because signature has expired", http.StatusUnauthorized) ErrSignatureFuture = errNamespace.Code("signature_future").StatusError("could not authenticate request because signature timestamp is too far in the future", http.StatusUnauthorized) )
Errors
Functions ¶
This section is empty.
Types ¶
type Authenticator ¶
Authenticator can authenticate an account from an http request.
func NewAuthenticator ¶
func NewAuthenticator(methods ...Method) Authenticator
NewAuthenticator returns a new Authenticator, supporting the given Methods.
type Credential ¶
Credential provides a mechanism of adding authentication to an http request.
func NewRSACredential ¶
func NewRSACredential(key crypto.RSAPrivateKey) Credential
NewRSACredential initializes a new signing credentials struct.
type Method ¶
type Method interface { Authenticator // Tag returns the authorization header tag identifying the authentication mechanism. Tag() string }
Method defines a mechanism to authenticate an account from an http.Request.
func NewMethodSignature ¶
func NewMethodSignature(credentialGetter credentialGetter) Method
NewMethodSignature returns a new MethodSignature.
type MethodSignature ¶
type MethodSignature struct {
// contains filtered or unexported fields
}
MethodSignature can authenticate signed HTTP request.
Click to show internal directories.
Click to hide internal directories.