Categorygithub.com/tozny/e3db-clients-go
modulepackage
0.0.273
Repository: https://github.com/tozny/e3db-clients-go.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
30
Dependents
18
Files
1k SLOC

# README

Disclaimer: This is an internal library and should not be relied upon for production uses by non-Toznynians

e3db-clients-go

Contains golang implementations of http clients for use by golang applications that need to interface with e3db services.

Pre-requisites

  • Go 1.11+ must be installed, follow these instructions if not installed in your development environment.

  • Tozny Platform checked out locally

    1. TOZNY_PLATFORM_DIR environment set pointing to the repo ☝️

    2. OR: Alternate configuration values in .env for the Tozny services and clients of choice

Build

Running:

make build

will lint and build the projects source code.

Test

Project tests run against an instance of Tozny Platform.

To run Tozny Platform services

make up

After Tozny Platform is up, execute the tests by running:

make test

To Run tests matching the name in 'method' form:

make testone method=TestCreateCustomer

After testing is done, you can stop Tozny Platform services by running

make down

Use

From a go package

package main

import (
	"context"
	"github.com/tozny/e3db-clients-go"
	"github.com/tozny/e3db-clients-go/hookClient"
)

func main() {
	config := e3dbClients.ClientConfig{
		APIKey:    "E3DBAPIKEYID",
		APISecret: "E3DBAPIKEYSECRET",
		Host:      "https://api.e3db.com",
	}
	client := hookClient.New(ValidClientConfig, config.Host)
	createHookRequest := hookClient.CreateHookRequest{
		WebhookURL: "https://en8781lpip6xb.x.pipedream.net/",
		Triggers: []hookClient.HookTrigger{
			hookClient.HookTrigger{
				Enabled:  true,
				APIEvent: "authorizer_added",
			},
		},
	}
	ctx := context.TODO()
	response, err := client.CreateHook(ctx, createHookRequest)
	if err != nil {
		t.Errorf("Error %s calling CreateHook with %+v\n", err, createHookRequest)
	}
}

Publishing

Follow semantic versioning when releasing new versions of this library.

Releasing involves tagging a commit in this repository, and pushing the tag. Tagging and releasing of new versions should only be done from the master branch after an approved Pull Request has been merged, or on the branch of an approved Pull Request.

To publish a new version, run

git tag vX.Y.Z
git push origin vX.Y.Z

To consume published updates from other repositories that depends on this module run

go get github.com/tozny/[email protected]

and the go get tool will fetch the published artifact and update that modules go.mod andgo.sum files with the updated dependency.

# Packages

No description provided by the author
No description provided by the author
Package authClient implements an HTTP client for communications with an e3db Auth service.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
Package secretstream encrypts a sequence of messages, or a single message split into an arbitrary number of chunks, using a secret key.
No description provided by the author
No description provided by the author
No description provided by the author

# Functions

Base64Decode wrapper to base64 decode data.
Base64Encode wrapper to base64 encode data.
No description provided by the author
BoxEncryptToBase64 uses asymmetric encryption keys to encrypt data.
CreateRequest isolates duplicate code in creating http search request.
DecodeSymmetricKey decodes a public key from a Base64URL encoded string containing a 256-bit Curve25519 public key, returning an error if the decode operation fails.
Decrypt uses NaCl secret_box to decrypt a string containing ciphertext along with the associated nonce, both Base64 encoded.
DecryptData decrypts a collection of data of string key and values encrypted using Tozny v1 Record encryption, returning the decrypted data and error (if any).
DecryptDataWithProcessFunction decrypts a map of key value pairs where values are encrypted using Tozny v1 Record encryption after description a provided function is run against each key-value pair.
DecryptEAK decodes and decrypts a raw encrypted access key returning the decrypted symmetric key and error (if any).
DecryptFile decrypts the contents of the file encryptedFileName using the ak and stores the plaintext in decryptedFileName If a file called encryptedFileName exists in this directory, it will be overwritten by this method.
DecryptSignedData decrypts and verifies signed payloads for data that has been encrypted and signed using TFSP1;ED25519;BLAKE2B.
DeriveBrokerKeyNoteName derives a broker otp note name for the given parameters.
DeriveBrokerOTPCredentialNoteName derives a broker otp note name for the given parameters.
DeriveCryptoKey creates an encryption key pair from a seed and a salt.
DeriveIdentityCredentials derives a set of encryption keys, signing keys and a note name for the given parameters using pbkdf2.
DeriveIdentityCredentialsNoteName derives a note name for the given parameters.
DeriveSigningKey creates an encryption key pair from a seed and a salt.
DeriveSymmetricKey create a symmetric encryption key from a seed and a salt.
Encrypt uses an NaCl secret_box to encrypt a byte slice with the given secret key and a random nonce, returning the Base64 encoded ciphertext and nonce.
EncryptAccessKey returns encrypted access key with nonce attached.
EncryptData encrypts a collection of data of string key and values using Tozny v1 Record encryption, returning the encrypted data.
EncryptFile encrypts the contents of the file plainFileName using the ak and stores the ciphertext in encryptedFileName.
EncryptPrivateKey Encrypts a private key using a keypair.
ExtractToznyAuthenticatedClientContext extracts a ToznyAuthenticatedClientContext from a header.
GenerateKeyPair creates a new Curve25519 keypair for cryptographic operations.
GenerateRandomBytes generate a random number of bytes.
GenerateRandomString generate a random base64 encoded string of n bytes.
GenerateSigningKeys generates a `base64.RawURLEncoding` private and public key for signing requests and data on behalf of Tozny clients, returning the signing keys and error (if any).
HashString returns a base64 encoded Blake2b hash of the provided message.
MakeE3DBServiceCall attempts to call an e3db service by executing the provided request and deserializing the response into the provided result holder, returning error (if any).
MakeNonce loads an existing nonce from a byte array.
MakeProxiedSignedCall attempts to call an e3db service using the provided signature to authenticate the request.
MakeProxiedUserCall attempts to call an e3db service using provided user auth token to authenticate request.
MakePublicCall makes an unauthenticated request to an e3db service.
MakeRawServiceCall sends a request, auto decoding the response to the result interface if sent.
MakeSignedServiceCall makes a TSV1 signed request(using the private key from the provided keypair), deserializing the response into the provided result holder, and returning error (if any).
MakeSymmetricKey loads an existing secret key from a byte array.
NewError creates a new RequestError.
PublicSigningKeyFromBytes returns a PublicSigningKey derived from a byte slice.
PublicSigningKeyFromEncodedString returns a PublicSigningKey derived from a base64 encoded string.
RandomNonce generates a random nonce of size NoneSize.
RandomSymmetricKey generates a random symmetric key (secret).
ReturnE3dbServiceCall attempts to call an e3db service by executing the provided request and deserializing the response into the provided result holder, returning error (if any).
ReturnRawServiceCall sends a req, auto decoding the response to the result interface and returning Response.
SecretBoxDecryptFromBase64 uses NaCl secret_box to decrypt a string containing ciphertext along with the associated nonce, both Base64URL encoded.
SecretBoxEncryptToBase64 uses an NaCl secret_box to encrypt a byte slice with the given secret key and a random nonce, returning the Base64URL encoded ciphertext and nonce.
Sign does a detached signature of the requested message using the provided key.
SignField signs a field - a key value string pair - using Tozny Field Signing Version 1 (TFSV1) protocol https://github.com/tozny/internal-docs/blob/master/tozny-platform/notes/tozny-field-signing.md in a way compatible with the JS SDK implementation of TFSV1 returning the signed string and error (if any).
SignRequest signs (using Tozny Signature Version 1) the request with the provided public and private sodium signing keys, returning error (if any).
Verify a signature of message using the provided public key, for messages signed with TFSP1;ED25519;BLAKE2B.
VerifyField verifies TFSP1;ED25519;BLAKE2B fields using the provided public key and salt.

# Constants

No description provided by the author
TSV1-ED25519-BLAKE2B.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
https://security.stackexchange.com/questions/50878/ecdsa-vs-ecdh-vs-ed25519-vs-curve25519.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
UUIDv5 TFSP1;ED25519;BLAKE2B.

# Variables

No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author

# Structs

AsymmetricKeypair wraps a public and private key used for asymmetric cryptographic operations.
ClientConfig wraps configuration needed by an e3db client.
No description provided by the author
Key wraps material generated using an algorithm/curve for use in cryptographic operations.
LoggingClient is used to log requests and timing based on configuration passed in.
RequestError provides additional details about the failed request.
ToznyAuthenticatedClientContext represents the contextual information provided by cyclops to downstream services when a user is successfully authenticated.
ToznyAuthNHeader wraps the structure used in the X-Tozny-Authn HTTP header.
XToznyAuthnRequestAuthenticator authenticates implements utils-go server.RequestAuthenticator to validate the presence and form of an X-TOZNY-AUTHN header and yield its clientID, if any.

# Type aliases

DecryptedData is a map of arbitrary key value pairs where value has been decrypted.
EncryptedData is a map of arbitrary key value pairs where the value is in an encrypted, "dotted quad" format.
EncryptionKeys wraps a keypair for encrypting and decrypting data.
Keys is a map of key type to key material.
PublicEncryptionKeys are a set of keys, NIST or Sodium, used within TozStore to encrypt stored data.
PublicSigningKeys are a set of key, NIST or Sodium, used within Tozny to sign requests It's the responsibility of the user to assign proper key types to raw keys obtained internally (db) or externally (client calls).
SigningKeys wraps a keypair for signing and authenticating requests.