authenticator

package

v1.7.1 Latest Latest Go to latest Published: Apr 30, 2024 License: GPL-3.0 Imports: 23 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bnb-chain/greenfield-storage-provider

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func ErrConsensusWithDetail(detail string) *gfsperrors.GfSpError
func ErrUnexpectedObjectStatusWithDetail(objectName string, expectedStatus storagetypes.ObjectStatus, ...) *gfsperrors.GfSpError
func NewAuthenticationModular(app *gfspapp.GfSpBaseApp, cfg *gfspconfig.GfSpConfig) (coremodule.Modular, error)
func Verify(pk *PublicKey, signature, msg []byte) (bool, error)
func VerifyEddsaSignature(pubKey string, sig, message []byte) error
func VerifyEddsaSignatureV2(pubKey string, sig, message []byte) error
type AuthenticationModular
type PublicKey
- func ParsePk(pkStr string) (pk *PublicKey, err error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrUnsupportedAuthType    = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20001, "unsupported auth op type")
	ErrMismatchSp             = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20002, "mismatched primary sp")
	ErrUnexpectedObjectStatus = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20003, "")
	ErrNotSealedState         = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20004, "object has not been sealed state")
	ErrPaymentState           = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20005, "payment account is not active")
	ErrInvalidAddress         = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20006, "the user address format is invalid")
	ErrNoSuchBucket           = gfsperrors.Register(module.AuthenticationModularName, http.StatusNotFound, 20007, "no such bucket")
	ErrNoSuchObject           = gfsperrors.Register(module.AuthenticationModularName, http.StatusNotFound, 20008, "no such object")
	ErrRepeatedBucket         = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20009, "repeated bucket")
	ErrRepeatedObject         = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20010, "repeated object")
	ErrNoPermission           = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20011, "no permission")

	ErrBadSignature                      = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20012, "bad signature")
	ErrSignedMsgFormat                   = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20013, "signed msg must be formatted as ${actionContent}_${expiredTimestamp}")
	ErrExpiredTimestampFormat            = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20014, "expiredTimestamp in signed msg must be a unix epoch time in milliseconds")
	ErrPublicKeyExpired                  = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20015, "user public key is expired")
	ErrInvalidAddressOrDomain            = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20016, "userAddress or domain can't be null")
	ErrInvalidAddressOrDomainOrPublicKey = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20017, "userAddress, domain or publicKey can't be null")
	ErrInvalidPublicKeyLength            = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20018, "The length of publicKeys must be less or equal to 100")
	ErrPublicKeyNotExist                 = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20019, "The publicKey was not registered")
	ErrBucketIsRateLimited               = gfsperrors.Register(module.AuthenticationModularName, http.StatusBadRequest, 20020, "bucket is rate limited")
)

Functions ¶

func ErrConsensusWithDetail ¶ added in v0.2.4

func ErrConsensusWithDetail(detail string) *gfsperrors.GfSpError

func ErrUnexpectedObjectStatusWithDetail ¶ added in v1.2.0

func ErrUnexpectedObjectStatusWithDetail(objectName string, expectedStatus storagetypes.ObjectStatus, actualStatus storagetypes.ObjectStatus) *gfsperrors.GfSpError

func NewAuthenticationModular ¶

func NewAuthenticationModular(app *gfspapp.GfSpBaseApp, cfg *gfspconfig.GfSpConfig) (coremodule.Modular, error)

func Verify ¶

func Verify(pk *PublicKey, signature, msg []byte) (bool, error)

Verify will Verify signature of a message with MiMC hash function

func VerifyEddsaSignature ¶

func VerifyEddsaSignature(pubKey string, sig, message []byte) error

VerifyEddsaSignature EDDSA sig verification

func VerifyEddsaSignatureV2 ¶ added in v1.6.0

func VerifyEddsaSignatureV2(pubKey string, sig, message []byte) error

VerifyEddsaSignatureV2 EDDSA sig verification

Types ¶

type AuthenticationModular ¶

type AuthenticationModular struct {
	// contains filtered or unexported fields
}

func (*AuthenticationModular) DeleteAuthKeysV2 ¶ added in v1.6.0

func (a *AuthenticationModular) DeleteAuthKeysV2(ctx context.Context, account string, domain string, publicKeys []string) (bool, error)

DeleteAuthKeysV2 can delete user public keys

func (*AuthenticationModular) GetAuthKeyV2 ¶ added in v1.6.0

func (a *AuthenticationModular) GetAuthKeyV2(ctx context.Context, account string, domain string, publicKey string) (*spdb.OffChainAuthKeyV2, error)

GetAuthKeyV2 can check if the given account/domain/public_key was registered in this system.

func (*AuthenticationModular) GetAuthNonce ¶

func (a *AuthenticationModular) GetAuthNonce(ctx context.Context, account string, domain string) (*spdb.OffChainAuthKey, error)

GetAuthNonce get the auth nonce for which the Dapp or client can generate EDDSA key pairs.

func (*AuthenticationModular) ListAuthKeysV2 ¶ added in v1.6.0

func (a *AuthenticationModular) ListAuthKeysV2(ctx context.Context, account string, domain string) ([]string, error)

ListAuthKeysV2 can list user public keys

func (*AuthenticationModular) Name ¶

func (a *AuthenticationModular) Name() string

func (*AuthenticationModular) ReleaseResource ¶

func (a *AuthenticationModular) ReleaseResource(
	ctx context.Context,
	span rcmgr.ResourceScopeSpan)

func (*AuthenticationModular) ReserveResource ¶

func (a *AuthenticationModular) ReserveResource(
	ctx context.Context,
	state *rcmgr.ScopeStat) (
	rcmgr.ResourceScopeSpan,
	error)

func (*AuthenticationModular) Start ¶

func (a *AuthenticationModular) Start(ctx context.Context) error

func (*AuthenticationModular) Stop ¶

func (a *AuthenticationModular) Stop(ctx context.Context) error

func (*AuthenticationModular) UpdateUserPublicKey ¶

func (a *AuthenticationModular) UpdateUserPublicKey(ctx context.Context, account string, domain string, currentNonce int32, nonce int32, userPublicKey string, expiryDate int64) (bool, error)

UpdateUserPublicKey updates the user public key once the Dapp or client generates the EDDSA key pairs.

func (*AuthenticationModular) UpdateUserPublicKeyV2 ¶ added in v1.6.0

func (a *AuthenticationModular) UpdateUserPublicKeyV2(ctx context.Context, account string, domain string, publicKey string, expiryDate int64) (bool, error)

UpdateUserPublicKeyV2 registered the user public key once the dApp or client generates the EDDSA key pairs.

func (*AuthenticationModular) VerifyAuthentication ¶

func (a *AuthenticationModular) VerifyAuthentication(
	ctx context.Context,
	authType coremodule.AuthOpType,
	account, bucket, object string) (
	bool, error)

VerifyAuthentication verifies the account has the operation's permission. TODO:: supports permission path verification and query

func (*AuthenticationModular) VerifyGNFD1EddsaSignature ¶ added in v0.2.4

func (a *AuthenticationModular) VerifyGNFD1EddsaSignature(ctx context.Context, account string, domain string, offChainSig string, realMsgToSign []byte) (bool, error)

VerifyGNFD1EddsaSignature verifies the signature signed by user's EDDSA private key. no need to verify if the sig is expired. This method only need verify the account address and leave the expiration checking to gateway.

func (*AuthenticationModular) VerifyGNFD2EddsaSignature ¶ added in v1.6.0

func (a *AuthenticationModular) VerifyGNFD2EddsaSignature(ctx context.Context, account string, domain string, publicKey string, offChainSig string, realMsgToSign []byte) (bool, error)

VerifyGNFD2EddsaSignature verifies the signature signed by user's EDDSA private key.

type PublicKey ¶

type PublicKey = eddsa.PublicKey

func ParsePk ¶

func ParsePk(pkStr string) (pk *PublicKey, err error)

ParsePk will parse eddsa public key from string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL