sig_auth v0.1.2 SigAuth
This module is primarily intended for client use, or for public key loading
on the server. While not strictly necessary, it is highly recommended to use
SigAuth.Plug
and a CredentialServer
to streamline authentication within
your server routing
Example Use
Client
This client is using HTTPotion, but any client library that allows specifying
custom headers (SigAuth provides headers as
["authorization", "<authorization-token-stuff>", ...]
) can be used.
priv_key = SigAuth.load_key("./test/testing_id_rsa")
headers = SigAuth.sign("GET", "/api/users/27.json", 1, "", "bob", priv_key)
# headers contains "authorization", and "x-sigauth-nonce" headers
HTTPotion.get("www.myapp.com/api/users.27.json", [headers: headers])
Server
As previously mentioned, Server authentication should be conducted using the
SigAuth.Plug
module and a CredentialServer
. See the code for SigAuth.Plug
if you have a requirement to validate signatures without the Plug.
Summary
Functions
Utility for extracting a nonce from request headers
Utility for extracting a signature from request headers
Server utility for extracting a username from request headers
This method loads both public and private SSH RSA keys into a variable for use with either client-signing, or loading credentials into a credential server
This method actually signs a request, accepting each component thereof. The returned headers should be included when sending the request. The Authorization header produced contains the base 64 characters of the signature
Reports the validity of a signature. Intended for use by SigAuth.Plug
, it
may nevertheless be used by server code that cannot use the Plug
Functions
Utility for extracting a nonce from request headers.
Utility for extracting a signature from request headers.
Server utility for extracting a username from request headers.
This method loads both public and private SSH RSA keys into a variable for use with either client-signing, or loading credentials into a credential server.
Examples:
iex> priv = SigAuth.load_key("test/testing_id_rsa")
{:RSAPrivateKey, :"two-prime", 1925825628552485095461711380...}
iex> pub = SigAuth.load_key("test/testing_id_rsa.pub")
{:RSAPublicKey, 1925825628552485...}
This method actually signs a request, accepting each component thereof. The returned headers should be included when sending the request. The Authorization header produced contains the base 64 characters of the signature.
Examples:
iex> priv = SigAuth.load_key("test/testing_id_rsa")
...> nonce = System.system_time(:microseconds)
...> headers = SigAuth.sign("GET", "/api/v1/people", nonce, "", "Chris", priv)
[{"x-sigauth-nonce", "1480535381422"},{"authorization", "SIGAUTH Chris:XlP49MtvM+dkE23...}]
Reports the validity of a signature. Intended for use by SigAuth.Plug
, it
may nevertheless be used by server code that cannot use the Plug.