Documentation
¶
Index ¶
- Variables
- func ParseTimestamp(s string) (int64, error)
- func SignRequest(privateKey ed25519.PrivateKey, timestamp int64, method string, path string, ...) string
- func SignRequestWithNonce(privateKey ed25519.PrivateKey, timestamp int64, nonce string, method string, ...) string
- type Config
- type Verifier
Constants ¶
This section is empty.
Variables ¶
var ErrNonceReplay = errors.New("nonce replay detected")
ErrNonceReplay indicates a nonce has been reused (replay attack detected)
var ErrNonceRequired = errors.New("nonce required for replay protection")
ErrNonceRequired indicates nonce is required but not provided
Functions ¶
func ParseTimestamp ¶
ParseTimestamp parses a timestamp string (milliseconds since epoch)
func SignRequest ¶
func SignRequest(privateKey ed25519.PrivateKey, timestamp int64, method string, path string, body []byte) string
SignRequest signs a request (used by clients) - legacy format without nonce Returns the base64-encoded signature Deprecated: Use SignRequestWithNonce for better replay protection
func SignRequestWithNonce ¶
func SignRequestWithNonce(privateKey ed25519.PrivateKey, timestamp int64, nonce string, method string, path string, body []byte) string
SignRequestWithNonce signs a request with nonce (used by clients) Format: {timestamp}|{nonce}|{method}|{path}|{sha256(body)} Returns the base64-encoded signature
Types ¶
type Config ¶
type Config struct {
// MaxRequestAge is the maximum age of a request (to prevent replay attacks)
// Recommended: 30-60 seconds to minimize replay window while tolerating network latency
// Default: 60 seconds
MaxRequestAge time.Duration `yaml:"max_request_age"`
// NonceRequired enforces nonce for all requests when NonceStore is configured
// If true, requests without nonce will be rejected (stronger security)
// If false, legacy requests without nonce are allowed (backward compatible)
// Default: true (recommended for production)
NonceRequired bool `yaml:"nonce_required"`
}
Config for auth verifier
type Verifier ¶
type Verifier struct {
// contains filtered or unexported fields
}
Verifier verifies API request signatures
func NewVerifier ¶
func NewVerifier(apiKeyRepo storage.APIKeyRepository, config Config) (*Verifier, error)
NewVerifier creates a new auth verifier without nonce store. If NonceRequired is true, use NewVerifierWithNonceStore instead.
func NewVerifierWithNonceStore ¶
func NewVerifierWithNonceStore(apiKeyRepo storage.APIKeyRepository, nonceStore storage.NonceStore, config Config) (*Verifier, error)
NewVerifierWithNonceStore creates a new auth verifier with nonce store for replay protection
func (*Verifier) VerifyRequest ¶
func (v *Verifier) VerifyRequest( ctx interface { Value(key interface{}) interface{} }, apiKeyID string, timestamp int64, signature string, method string, path string, body []byte, ) (*types.APIKey, error)
VerifyRequest verifies the signature of an API request (legacy format without nonce) The client signs: {timestamp}|{method}|{path}|{sha256(body)} Deprecated: Use VerifyRequestWithNonce for better replay protection
func (*Verifier) VerifyRequestWithNonce ¶
func (v *Verifier) VerifyRequestWithNonce( ctx context.Context, apiKeyID string, timestamp int64, nonce string, signature string, method string, path string, body []byte, ) (*types.APIKey, error)
VerifyRequestWithNonce verifies the signature of an API request with nonce The client signs: {timestamp}|{nonce}|{method}|{path}|{sha256(body)} This provides stronger replay protection than timestamp-only verification.
Source Files