auth

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 8, 2026 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// ContextKeyEVMAddress is the context key for the authenticated EVM address
	ContextKeyEVMAddress contextKey = "evm_address"
	// ContextKeyCantonParty is the context key for the user's Canton party
	ContextKeyCantonParty contextKey = "canton_party"
	// ContextKeyFingerprint is the context key for the user's fingerprint
	ContextKeyFingerprint contextKey = "fingerprint"
	// ContextKeyUserID is the context key for the user's database ID
	ContextKeyUserID contextKey = "user_id"
)

Variables

This section is empty.

Functions

func CantonPartyFromContext 

func CantonPartyFromContext(ctx context.Context) (string, bool)

CantonPartyFromContext retrieves the Canton party from the context

func ComputeFingerprint 

func ComputeFingerprint(evmAddress string) string

ComputeFingerprint computes the fingerprint from an EVM address The fingerprint is used to link Canton parties to EVM addresses

func ComputeFingerprintFromPublicKey 

func ComputeFingerprintFromPublicKey(publicKey []byte) string

ComputeFingerprintFromPublicKey computes a Canton-style fingerprint from a compressed public key.

func EVMAddressFromContext 

func EVMAddressFromContext(ctx context.Context) (string, bool)

EVMAddressFromContext retrieves the EVM address from the context

func ExtractFingerprintFromPartyID 

func ExtractFingerprintFromPartyID(partyID string) (string, error)

ExtractFingerprintFromPartyID extracts the fingerprint from a Canton party ID. Party ID format: "hint::fingerprint" where fingerprint is hex-encoded. The fingerprint may have a "1220" prefix (multihash prefix for SHA-256).

func ExtractHintFromPartyID 

func ExtractHintFromPartyID(partyID string) (string, error)

ExtractHintFromPartyID extracts the hint portion from a Canton party ID. Party ID format: "hint::fingerprint"

func FingerprintFromContext 

func FingerprintFromContext(ctx context.Context) (string, bool)

FingerprintFromContext retrieves the fingerprint from the context

func IsCantonPartyID 

func IsCantonPartyID(s string) bool

IsCantonPartyID checks if a string looks like a Canton party ID. Returns true if it contains "::" separator.

func NormalizeAddress 

func NormalizeAddress(address string) string

NormalizeAddress returns a checksummed EVM address

func UserIDFromContext 

func UserIDFromContext(ctx context.Context) (int64, bool)

UserIDFromContext retrieves the user ID from the context

func ValidateCantonPartyID 

func ValidateCantonPartyID(partyID string) error

ValidateCantonPartyID validates that a string is a properly formatted Canton party ID.

func ValidateEVMAddress 

func ValidateEVMAddress(address string) bool

ValidateEVMAddress checks if a string is a valid EVM address

func ValidateTimedMessage 

func ValidateTimedMessage(msg string, maxAge time.Duration) error

ValidateTimedMessage checks that a message contains a Unix timestamp suffix (format: "{prefix}:{unix_seconds}") and that it is within maxAge of now. This provides replay protection: captured signatures expire after maxAge.

func VerifyCantonSignature 

func VerifyCantonSignature(partyID, message, signature string) (bool, error)

VerifyCantonSignature verifies a Canton signature from Loop wallet's signMessage. Canton uses secp256k1 (same curve as Ethereum). The partyID format is "hint::fingerprint" where fingerprint is a hex-encoded hash. Returns true if the signature is valid for the given party.

func VerifyEIP191Signature 

func VerifyEIP191Signature(message, signature string) (common.Address, error)

VerifyEIP191Signature verifies an EIP-191 personal_sign signature Returns the recovered Ethereum address if valid

func WithAuthInfo 

func WithAuthInfo(ctx context.Context, info *AuthInfo) context.Context

WithAuthInfo adds all authentication info to the context

func WithCantonParty 

func WithCantonParty(ctx context.Context, party string) context.Context

WithCantonParty adds the Canton party to the context

func WithEVMAddress 

func WithEVMAddress(ctx context.Context, address string) context.Context

WithEVMAddress adds the EVM address to the context

func WithFingerprint 

func WithFingerprint(ctx context.Context, fingerprint string) context.Context

WithFingerprint adds the fingerprint to the context

func WithUserID 

func WithUserID(ctx context.Context, userID int64) context.Context

WithUserID adds the user ID to the context

Types

type AuthInfo 

type AuthInfo struct {
	EVMAddress  string
	CantonParty string
	Fingerprint string
	UserID      int64
}

AuthInfo contains all authentication information for a request

func AuthInfoFromContext 

func AuthInfoFromContext(ctx context.Context) *AuthInfo

AuthInfoFromContext retrieves all authentication info from the context

type JWK 

type JWK struct {
	Kid string `json:"kid"`
	Kty string `json:"kty"`
	Alg string `json:"alg"`
	Use string `json:"use"`
	N   string `json:"n"`
	E   string `json:"e"`
}

JWK represents a JSON Web Key

type JWKS 

type JWKS struct {
	Keys []JWK `json:"keys"`
}

JWKS represents a JSON Web Key Set

type JWTValidator 

type JWTValidator struct {
	// contains filtered or unexported fields
}

JWTValidator validates JWT tokens using JWKS

func NewJWTValidator 

func NewJWTValidator(jwksURL, issuer string) *JWTValidator

NewJWTValidator creates a new JWT validator

func (*JWTValidator) IsConfigured 

func (v *JWTValidator) IsConfigured() bool

IsConfigured returns true if JWKS validation is configured

func (*JWTValidator) ValidateToken 

func (v *JWTValidator) ValidateToken(tokenString string) (jwt.MapClaims, error)

ValidateToken validates a JWT token and returns the claims

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.