README
¶
truelayer-signing
Go package to produce & verify TrueLayer API requests signatures.
// `Tl-Signature` value to send with the request.
signature, err := tlsigning.SignWithPem(Kid, privateKeyBytes).
Method("POST").
Path("/payouts").
Header("Idempotency-Key", idempotencyKey).
Body(body).
Sign()
See full example.
Verifying webhooks
The VerifyWithJwks function can be used to verify webhook Tl-Signature header signatures.
// `jku` field is included in webhook signatures
jwsHeader, err := tlsigning.ExtractJwsHeader(webhookSignature)
if err != nil {
// Handle error
}
// check `jku` is an allowed TrueLayer url & fetch jwks JSON (not provided by this lib)
if !jkuAllowed(jwsHeader.Jku) {
// Handle error
}
jwks := fetchJwks(jwsHeader.Jku)
// jwks may be used directly to verify a signature
err = tlsigning.VerifyWithJwks(jwks).
Method("POST").
Path(path).
Headers(allWebhookHeaders).
Body(body).
Verify(webhookSignature)
Installation
Install the package with:
go get github.com/Truelayer/truelayer-signing/go
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ExtractJwsHeader ¶
ExtractJwsHeader extracts "JwsHeader" info from a "Tl-Signature" header value.
This can then be used to pick a verification key using the "kid" etc.
func SignWithPem ¶
SignWithPem starts building a request "Tl-Signature" header value using private key pem data & the key's "kid".
func VerifyWithJwks ¶
VerifyWithJwks start building a `Tl-Signature` header verifier using public key JWKs JSON response data.
func VerifyWithPem ¶
VerifyWithPem starts building a "Tl-Signature" header verifier using public key pem data.
Types ¶
This section is empty.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.