Categorygithub.com/d4x1/httpsign
modulepackage
0.0.5
Repository: https://github.com/d4x1/httpsign.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
10
Dependents
1
Files
364 SLOC

# README

httpsign

Run Tests codecov Go Report Card GoDoc Join the chat at https://gitter.im/gin-gonic/gin

Signing HTTP Messages Middleware base on HTTP Signatures.

Example


package main

import (
  "github.com/gin-contrib/httpsign"
  "github.com/gin-contrib/httpsign/crypto"
  "github.com/gin-gonic/gin"
)

func main() {
  // Define algorithm
  hmacsha256 := &crypto.HmacSha256{}
  hmacsha512 := &crypto.HmacSha512{}
  // Init define secret params
  readKeyID := httpsign.KeyID("read")
  writeKeyID := httpsign.KeyID("write")
  secrets := httpsign.Secrets{
    readKeyID: &httpsign.Secret{
      Key:       "HMACSHA256-SecretKey",
      Algorithm: hmacsha256, // You could using other algo with interface Crypto
    },
    writeKeyID: &httpsign.Secret{
      Key:       "HMACSHA512-SecretKey",
      Algorithm: hmacsha512,
    },
  }

  // Init server
  r := gin.Default()

  //Create middleware with default rule. Could modify by parse Option func
  auth := httpsign.NewAuthenticator(secrets)

  r.Use(auth.Authenticated())
  r.GET("/a", a)
  r.POST("/b", b)
  r.POST("/c", c)

  r.Run(":8080")
}

# Packages

No description provided by the author
No description provided by the author

# Functions

NewAuthenticator creates a new Authenticator instance with given allowed permissions and required header and secret keys.
NewSignatureHeader new instance of SignatureHeader.
WithRequiredHeaders is list of all requires HTTP headers that the client have to include in the singing string for the request to be considered valid.
WithValidator configures the Authenticator to use custom validator.

# Variables

ErrDateNotFound error when no date in header.
ErrHeaderNotEnough error when requirements header do not appear on header field.
ErrIncorrectAlgorithm error when Algorithm in header does not match with secret key.
ErrInvalidAuthorizationHeader error when get invalid format of Authorization header.
ErrInvalidKeyID error when KeyID in header does not provided.
ErrInvalidSign error when signing string do not match.
ErrMisingDoubleQuote err when after character = not have double quote.
ErrMisingEqualCharacter err when there is no character = before " or , character.
ErrMissingKeyID error when keyId not in header.
ErrMissingSignature error when signature not in header.
ErrNoSignature error when no Signature not found in header.
ErrUnterminatedParameter err when could not parse value.

# Structs

Authenticator is the gin authenticator middleware.
Secret define secret key and algorithm that key use.
SignatureHeader contains basic info signature header.

# Type aliases

KeyID define type.
Option is the option to the Authenticator constructor.
Secrets map with keyID and secret.