sig_auth v0.1.0 SigAuth

This module is primarily intended for client use, or for public key loading on the server. While not strictly necessary, it is highly recommended to use SigAuth.Plug and a CredentialServer to streamline authentication within your server routing

Example Use

Client

This client is using HTTPotion, but any client library that allows specifying custom headers (SigAuth provides headers as ["authorization", "<authorization-token-stuff>", ...]) can be used.

priv_key = SigAuth.load_key("./test/testing_id_rsa")
headers = SigAuth.sign("GET", "/api/users/27.json", 1, "", "bob", priv_key)
# headers contains "authorization", and "x-sigauth-nonce" headers
HTTPotion.get("www.myapp.com/api/users.27.json", [headers: headers])

Server

As previously mentioned, Server authentication should be conducted using the SigAuth.Plug module and a CredentialServer. See the code for SigAuth.Plug if you have a requirement to validate signatures without the Plug.

Summary

Functions

This method loads both public and private SSH RSA keys into a variable for use with either client-signing, or loading credentials into a credential server

This method actually signs a request, accepting each component thereof

Functions

get_nonce(headers)
get_signature(headers)
get_username(headers)
load_key(filename)
load_key(binary) :: {:ok, any}

This method loads both public and private SSH RSA keys into a variable for use with either client-signing, or loading credentials into a credential server.

nonce_header()
sign(method, path, nonce, body, username, private_key)
sign(binary, binary, integer, binary, binary, any) :: [{binary, binary}]

This method actually signs a request, accepting each component thereof.

valid?(method, path, nonce, body, signature, public_key)