auth

package

v0.3.0 Latest Latest Go to latest Published: Mar 3, 2026 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/emphereio/ovrse

Links

Open Source Insights

Documentation ¶

Overview ¶

Package auth provides Ed25519 credential management and JWT signing.

Index ¶

Constants
func CacheDir() string
func ConfigDir() string
func CredentialsDir() string
func DataDir() string
func DatabasePath() string
func EnsureDirectories() error
type JWK
type JWTHeader
type JWTPayload
- func VerifyJWT(token string) (*JWTPayload, error)
type Keypair

Constants ¶

View Source

const (
	// TokenExpiry is how long JWT tokens are valid.
	TokenExpiry = 5 * time.Minute

	// JWTIssuer identifies tokens from ovrse-cli.
	JWTIssuer = "ovrse-cli"
)

Variables ¶

This section is empty.

Functions ¶

func CacheDir ¶

func CacheDir() string

CacheDir returns the ovrse cache directory path.

func ConfigDir ¶

func ConfigDir() string

ConfigDir returns the ovrse configuration directory path. Uses XDG_CONFIG_HOME on Linux/macOS, AppData on Windows.

func CredentialsDir ¶

func CredentialsDir() string

CredentialsDir returns the path to store credentials.

func DataDir ¶

func DataDir() string

DataDir returns the ovrse data directory path. Uses XDG_DATA_HOME on Linux/macOS, LocalAppData on Windows.

func DatabasePath ¶

func DatabasePath() string

DatabasePath returns the path to the SQLite database file. Note: This matches store.DefaultDBPath() - both use XDG_DATA_HOME (~/.local/share/ovrse/).

func EnsureDirectories ¶

func EnsureDirectories() error

EnsureDirectories creates all necessary directories.

Types ¶

type JWK ¶

type JWK struct {
	Kty string `json:"kty"` // Key Type: "OKP"
	Crv string `json:"crv"` // Curve: "Ed25519"
	X   string `json:"x"`   // Base64url-encoded public key
}

JWK represents a JSON Web Key for Ed25519 public key.

type JWTHeader ¶

type JWTHeader struct {
	Alg string `json:"alg"`
	Typ string `json:"typ"`
	JWK *JWK   `json:"jwk"`
}

JWTHeader represents the JWT header with embedded JWK.

type JWTPayload ¶

type JWTPayload struct {
	Fingerprint string `json:"fingerprint"`
	IssuedAt    int64  `json:"iat"`
	ExpiresAt   int64  `json:"exp"`
	Issuer      string `json:"iss"`
}

JWTPayload represents the JWT claims.

func VerifyJWT ¶

func VerifyJWT(token string) (*JWTPayload, error)

VerifyJWT verifies a JWT token and returns the payload. This is primarily for testing; the backend does the real verification.

type Keypair ¶

type Keypair struct {
	PrivateKey ed25519.PrivateKey
	PublicKey  ed25519.PublicKey
}

Keypair holds an Ed25519 key pair for authentication.

func DefaultCredentials ¶

func DefaultCredentials() (*Keypair, error)

DefaultCredentials loads or creates the default keypair.

func GenerateKeypair ¶

func GenerateKeypair() (*Keypair, error)

GenerateKeypair creates a new Ed25519 key pair.

func LoadFromDirectory ¶

func LoadFromDirectory(dir string) (*Keypair, error)

LoadFromDirectory loads a keypair from PEM files in the specified directory.

func LoadOrCreate ¶

func LoadOrCreate(dir string) (*Keypair, error)

LoadOrCreate loads an existing keypair or creates a new one if none exists.

func (*Keypair) Fingerprint ¶

func (k *Keypair) Fingerprint() string

Fingerprint returns the SHA256 fingerprint of the public key (hex encoded).

func (*Keypair) PublicKeyBytes ¶

func (k *Keypair) PublicKeyBytes() []byte

PublicKeyBytes returns the raw 32-byte public key.

func (*Keypair) SaveToDirectory ¶

func (k *Keypair) SaveToDirectory(dir string) error

SaveToDirectory saves the keypair to PEM files in the specified directory.

func (*Keypair) SignJWT ¶

func (k *Keypair) SignJWT() (string, error)

SignJWT creates a signed JWT token using the keypair.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL