pkg

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 14, 2019 License: GPL-3.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// IrmaFormat is used to indicate a contract is in he form of a base64 encoded IRMA signature
	IrmaFormat ContractFormat = "irma"
	// JwtFormat is used to indicate a contract in in the form of a Jwt encoded signature
	JwtFormat ContractFormat = "JWT"
	// Valid is used to indicate a contract was valid on the time of testing
	Valid ValidationState = "VALID"
	// Invalid is used to indicate a contract was invalid on the time of testing
	Invalid ValidationState = "INVALID"
)
View Source 
const ConfActingPartyCN = "actingPartyCn"

ConfActingPartyCN is the config key to provide the Acting party common name

View Source 
const ConfAddress = "address"

ConfAddress is the config key for the address the http server listens on

View Source 
const ConfAutoUpdateIrmaSchemas = "skipAutoUpdateIrmaSchemas"

ConfAutoUpdateIrmaSchemas is the config key to provide an option to skip auto updating the irma schemas

View Source 
const ConfEnableCORS = "enableCORS"
View Source 
const ConfIrmaConfigPath = "irmaConfigPath"

ConfIrmaConfigPath is the config key to provide the irma configuration path

View Source 
const ConfMode = "mode"

ConfMode is the config name for the engine mode

View Source 
const PublicURL = "publicUrl"

PublicURL is the config key for the public URL the http/irma server can be discovered

Variables

View Source 
var ErrContractNotFound = errors.New("contract not found")

ErrContractNotFound is used when a certain combination of type, language and version cannot resolve to a contract

View Source 
var ErrInvalidContract = errors.New("invalid contract")
View Source 
var ErrSessionNotFound = errors.New("session not found")

ErrSessionNotFound is returned when there is no contract signing session found for a certain SessionID

View Source 
var ErrUnknownContractFormat = errors.New("unknown contract format")

ErrUnknownContractFormat is returned when the contract format is unknown

View Source 
var NowFunc = time.Now

NowFunc is used to store a function that returns the current time. This can be changed when you want to mock the current time.

Functions

func GetIrmaConfig 

func GetIrmaConfig(config AuthConfig) *irma.Configuration

GetIrmaConfig creates and returns an IRMA config. The config sets the given irma path or a temporary folder. Then it downloads the schemas.

func GetIrmaServer 

func GetIrmaServer(config AuthConfig) *irmaserver.Server

GetIrmaServer creates and starts the irma server instance. The server can be used by a IRMA client like the app to handle IRMA sessions

Types

type Auth 

type Auth struct {
	Config AuthConfig

	ContractSessionHandler ContractSessionHandler
	ContractValidator      ContractValidator
	// contains filtered or unexported fields
}

Auth is the main struct of the Auth service

func AuthInstance 

func AuthInstance() *Auth

AuthInstance create an returns a singleton of the Auth struct

func (*Auth) Configure 

func (auth *Auth) Configure() (err error)

Configure the Auth struct by creating a validator and create an Irma server

func (*Auth) ContractByType 

func (auth *Auth) ContractByType(contractType ContractType, language Language, version Version) (*Contract, error)

ContractByType returns a Contract of a certain type, language and version. If for the combination of type, version and language no contract can be found, the error is of type ErrContractNotFound

func (*Auth) ContractSessionStatus 

func (auth *Auth) ContractSessionStatus(sessionID string) (*SessionStatusResult, error)

ContractSessionStatus returns the current session status for a given sessionID. If the session is not found, the error is an ErrSessionNotFound and SessionStatusResult is nil

func (*Auth) CreateContractSession 

func (auth *Auth) CreateContractSession(sessionRequest CreateSessionRequest, actingParty string) (*CreateSessionResult, error)

CreateContractSession creates a session based on an IRMA contract. This allows the user to permit the application to use the Nuts Network in its name. The user can limit the application in time and scope. By signing it with IRMA other nodes in the network can verify the validity of the contract.

func (*Auth) ValidateContract 

func (auth *Auth) ValidateContract(request ValidationRequest) (*ValidationResult, error)

ValidateContract validates a given contract. Currently two ContractType's are accepted: Irma and Jwt. Both types should be passed as a base64 encoded string in the ContractString of the request paramContractString of the request param

type AuthClient 

type AuthClient interface {
	CreateContractSession(sessionRequest CreateSessionRequest, actingParty string) (*CreateSessionResult, error)
	ContractSessionStatus(sessionID string) (*SessionStatusResult, error)
	ContractByType(contractType ContractType, language Language, version Version) (*Contract, error)
	ValidateContract(request ValidationRequest) (*ValidationResult, error)
}

AuthClient is the interface which should be implemented for clients or mocks

type AuthConfig 

type AuthConfig struct {
	Mode                      string
	Address                   string
	PublicUrl                 string
	IrmaConfigPath            string
	SkipAutoUpdateIrmaSchemas bool
	ActingPartyCn             string
	EnableCORS                bool
}

AuthConfig holds all the configuration params

type Contract 

type Contract struct {
	Type               ContractType `json:"type"`
	Version            Version      `json:"version"`
	Language           Language     `json:"language"`
	SignerAttributes   []string     `json:"signer_attributes"`
	Template           string       `json:"template"`
	TemplateAttributes []string     `json:"template_attributes"`
	Regexp             string       `json:"-"`
}

Contract stores the properties of a contract

func ContractByType 

func ContractByType(contractType ContractType, language Language, version Version) (*Contract, error)

ContractByType returns the contract for a certain type, language and version. If version is omitted "v1" is used If no contract is found, the error vaule of ErrContractNotFound is returned.

func ContractFromMessageContents 

func ContractFromMessageContents(contents string) (*Contract, error)

ContractFromMessageContents finds the contract for a certain message. Every message should begin with a special sequence like "NL:ContractName:version".

type ContractFormat 

type ContractFormat string

ContractFormat describes the format of a signed contract. Based on the format an appropriate validator can be selected.

type ContractSessionHandler 

type ContractSessionHandler interface {
	SessionStatus(SessionID) *SessionStatusResult
	StartSession(request interface{}, handler irmaserver.SessionHandler) (*irma.Qr, string, error)
}

ContractSessionHandler interface must be implemented by ContractSessionHandlers

type ContractType 

type ContractType string

ContractType contains type of the contract to sign. Example: "BehandelaarLogin"

type ContractValidator 

type ContractValidator interface {
	ValidateContract(contract string, format ContractFormat, actingPartyCN string) (*ValidationResult, error)
	ValidateJwt(contract string, actingPartyCN string) (*ValidationResult, error)
}

ContractValidator interface must be implemented by contract validators

type CreateSessionRequest 

type CreateSessionRequest struct {
	// ContractType such as "BehandelaarLogin"
	Type ContractType
	// Version of the contract such as "v1"
	Version Version
	// Language of the contact such as "NL"
	Language Language
	// ValidFrom describes the time from which this contract should be considered valid
	ValidFrom time.Time
	// ValidFrom describes the time until this contract should be considered valid
	ValidTo time.Time
	// TemplateAttributes is an object containing extra template values. example: {"reason":"providing care"}
	TemplateAttributes map[string]string
}

CreateSessionRequest is used to create a contract signing session.

type CreateSessionResult 

type CreateSessionResult struct {
	QrCodeInfo irma.Qr
	SessionID  string
}

CreateSessionResult contains the results needed to setup an irma flow

type DefaultValidator 

type DefaultValidator struct {
	IrmaServer *irmaserver.Server
}

DefaultValidator validates contracts using the irma logic.

func (DefaultValidator) SessionStatus 

func (v DefaultValidator) SessionStatus(id SessionID) *SessionStatusResult

SessionStatus returns the current status of a certain session. It returns nil if the session is not found

func (DefaultValidator) StartSession 

func (v DefaultValidator) StartSession(request interface{}, handler irmaserver.SessionHandler) (*irma.Qr, string, error)

StartSession starts an irma session. This is mainly a wrapper around the irma.IrmaServer.StartSession

func (DefaultValidator) ValidateContract 

func (v DefaultValidator) ValidateContract(b64EncodedContract string, format ContractFormat, actingPartyCN string) (*ValidationResult, error)

ValidateContract is the entrypoint for contract validation. It decodes the base64 encoded contract, parses the contract string, and validates the contract. Returns nil, ErrUnknownContractFormat if the contract used in the message is unknown

func (DefaultValidator) ValidateJwt 

func (v DefaultValidator) ValidateJwt(token string, actingPartyCN string) (*ValidationResult, error)

ValidateJwt validates a JWT formatted contract.

type Language 

type Language string

Language of the contract in all caps. example: "NL"

type SessionID 

type SessionID string

SessionID contains a number to uniquely identify a contract signing session

type SessionStatusResult 

type SessionStatusResult struct {
	server.SessionResult
	// NutsAuthToken contains the JWT if the sessionStatus is DONE
	NutsAuthToken string `json:"nuts_auth_token"`
}

SessionStatusResult contains the current state of a session. If the session is DONE it also contains a JWT in the NutsAuthToken

type SignedIrmaContract 

type SignedIrmaContract struct {
	IrmaContract irma.SignedMessage
}

SignedIrmaContract holds the contract and additional methods to parse and validate.

func ParseIrmaContract 

func ParseIrmaContract(rawContract string) (*SignedIrmaContract, error)

ParseIrmaContract parses a json string containing a signed irma contract.

func (*SignedIrmaContract) Validate 

func (sc *SignedIrmaContract) Validate(actingPartyCn string) (*ValidationResult, error)

Validate the SignedIrmaContract looks at the irma crypto and the actual message such as: Is the timeframe valid and does the common name corresponds with the contract message.

type ValidationRequest 

type ValidationRequest struct {
	// ContractFormat specifies the type of format used for the contract, e.g. 'irma'
	ContractFormat ContractFormat

	// The actual contract in string format to validate
	ContractString string

	// ActingPartyCN is the common name of the Acting party extracted from the client cert
	ActingPartyCN string
}

ValidationRequest is used to pass all information to ValidateContract

type ValidationResult 

type ValidationResult struct {
	ValidationResult ValidationState `json:"validation_result"`
	ContractFormat   ContractFormat  `json:"contract_format"`
	// DisclosedAttributes contain the attributes used to sign this contract
	DisclosedAttributes map[string]string `json:"disclosed_attributes"`
}

ValidationResult contains the result of a contract validation

type ValidationState 

type ValidationState string

ValidationState contains the outcome of the validation. It van be VALID or INVALID. This makes it human readable.

type Version 

type Version string

Version of the contract. example: "v1"

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.