irmago: github.com/privacybydesign/irmago/server Index | Files | Directories

package server

import "github.com/privacybydesign/irmago/server"

Index

Package Files

api.go errors.go

Variables

var Logger *logrus.Logger = logrus.StandardLogger()

func DefaultSchemesPath Uses

func DefaultSchemesPath() string

DefaultSchemesPath returns the default path for IRMA schemes, using XDG Base Directory Specification https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html:

- %LOCALAPPDATA% (i.e. C:\Users\$user\AppData\Local) if on Windows,
- $XDG_DATA_HOME if set, otherwise $HOME/.local/share
- $XDG_DATA_DIRS if set, otherwise /usr/local/share/ and /usr/share/
- then the OSes temp dir (os.TempDir()),

returning the first of these that exists or can be created.

func JsonResponse Uses

func JsonResponse(v interface{}, err *irma.RemoteError) (int, []byte)

JsonResponse JSON-marshals the specified object or error and returns it along with a suitable HTTP status code

func LocalIP Uses

func LocalIP() (string, error)

LocalIP returns the IP address of one of the (non-loopback) network interfaces

func LogError Uses

func LogError(err error) error

func LogFatal Uses

func LogFatal(err error) error

func LogRequest Uses

func LogRequest(typ, method, url, from string, headers http.Header, message []byte)

func LogResponse Uses

func LogResponse(status int, duration time.Duration, response []byte)

func LogWarning Uses

func LogWarning(err error) error

func NewLogger Uses

func NewLogger(verbosity int, quiet bool, json bool) *logrus.Logger

func ParseSessionRequest Uses

func ParseSessionRequest(request interface{}) (irma.RequestorRequest, error)

ParseSessionRequest attempts to parse the input as an irma.RequestorRequest instance, accepting (skipping "irma.")

- RequestorRequest instances directly (ServiceProviderRequest, SignatureRequestorRequest, IdentityProviderRequest)
- SessionRequest instances (DisclosureRequest, SignatureRequest, IssuanceRequest)
- JSON representations ([]byte or string) of any of the above.

func RemoteError Uses

func RemoteError(err Error, message string) *irma.RemoteError

RemoteError converts an error and an explaining message to an *irma.RemoteError.

func ToJson Uses

func ToJson(o interface{}) string

func TypeString Uses

func TypeString(x interface{}) string

func Verbosity Uses

func Verbosity(level int) logrus.Level

func WriteError Uses

func WriteError(w http.ResponseWriter, err Error, msg string)

WriteError writes the specified error and explaining message as JSON to the http.ResponseWriter.

func WriteJson Uses

func WriteJson(w http.ResponseWriter, object interface{})

WriteJson writes the specified object as JSON to the http.ResponseWriter.

func WriteResponse Uses

func WriteResponse(w http.ResponseWriter, object interface{}, rerr *irma.RemoteError)

WriteResponse writes the specified object or error as JSON to the http.ResponseWriter.

func WriteString Uses

func WriteString(w http.ResponseWriter, str string)

WriteString writes the specified string to the http.ResponseWriter.

type Configuration Uses

type Configuration struct {
    // irma_configuration. If not given, this will be popupated using SchemesPath.
    IrmaConfiguration *irma.Configuration `json:"-"`
    // Path to IRMA schemes to parse into IrmaConfiguration (only used if IrmaConfiguration == nil).
    // If left empty, default value is taken using DefaultSchemesPath().
    // If an empty folder is specified, default schemes (irma-demo and pbdf) are downloaded into it.
    SchemesPath string `json:"schemes_path" mapstructure:"schemes_path"`
    // If specified, schemes found here are copied into SchemesPath (only used if IrmaConfiguration == nil)
    SchemesAssetsPath string `json:"schemes_assets_path" mapstructure:"schemes_assets_path"`
    // Disable scheme updating
    DisableSchemesUpdate bool `json:"disable_schemes_update" mapstructure:"disable_schemes_update"`
    // Update all schemes every x minutes (default value 0 means 60) (use DisableSchemesUpdate to disable)
    SchemesUpdateInterval int `json:"schemes_update" mapstructure:"schemes_update"`
    // Path to issuer private keys to parse
    IssuerPrivateKeysPath string `json:"privkeys" mapstructure:"privkeys"`
    // Issuer private keys
    IssuerPrivateKeys map[irma.IssuerIdentifier]*gabi.PrivateKey `json:"-"`
    // URL at which the IRMA app can reach this server during sessions
    URL string `json:"url" mapstructure:"url"`
    // Required to be set to true if URL does not begin with https:// in production mode.
    // In this case, the server would communicate with IRMA apps over plain HTTP. You must otherwise
    // ensure (using eg a reverse proxy with TLS enabled) that the attributes are protected in transit.
    DisableTLS bool `json:"no_tls" mapstructure:"no_tls"`
    // (Optional) email address of server admin, for incidental notifications such as breaking API changes
    // See https://github.com/privacybydesign/irmago/tree/master/server#specifying-an-email-address
    // for more information
    Email string `json:"email" mapstructure:"email"`
    // Enable server sent events for status updates (experimental; tends to hang when a reverse proxy is used)
    EnableSSE bool `json:"enable_sse" mapstructure:"enable_sse"`

    // Logging verbosity level: 0 is normal, 1 includes DEBUG level, 2 includes TRACE level
    Verbose int `json:"verbose" mapstructure:"verbose"`
    // Don't log anything at all
    Quiet bool `json:"quiet" mapstructure:"quiet"`
    // Output structured log in JSON format
    LogJSON bool `json:"log_json" mapstructure:"log_json"`
    // Custom logger instance. If specified, Verbose, Quiet and LogJSON are ignored.
    Logger *logrus.Logger `json:"-"`

    // Production mode: enables safer and stricter defaults and config checking
    Production bool `json:"production" mapstructure:"production"`
}

Configuration contains configuration for the irmaserver library and irmad.

func (*Configuration) HavePrivateKeys Uses

func (conf *Configuration) HavePrivateKeys() (bool, error)

func (*Configuration) PrivateKey Uses

func (conf *Configuration) PrivateKey(id irma.IssuerIdentifier) (sk *gabi.PrivateKey, err error)

type Error Uses

type Error struct {
    Type        ErrorType `json:"error"`
    Status      int       `json:"status"`
    Description string    `json:"description"`
}

Error represents an error that occured during an IRMA sessions.

var (
    ErrorInvalidTimestamp          Error = Error{Type: "INVALID_TIMESTAMP", Status: 400, Description: "Timestamp was not an epoch boundary"}
    ErrorIssuingDisabled           Error = Error{Type: "ISSUING_DISABLED", Status: 403, Description: "This server does not support issuing"}
    ErrorMalformedVerifierRequest  Error = Error{Type: "MALFORMED_VERIFIER_REQUEST", Status: 400, Description: "Malformed verification request"}
    ErrorMalformedSignatureRequest Error = Error{Type: "MALFORMED_SIGNATURE_REQUEST", Status: 400, Description: "Malformed signature request"}
    ErrorMalformedIssuerRequest    Error = Error{Type: "MALFORMED_ISSUER_REQUEST", Status: 400, Description: "Malformed issuer request"}
    ErrorUnauthorized              Error = Error{Type: "UNAUTHORIZED", Status: 403, Description: "You are not authorized to issue or verify this attribute"}
    ErrorAttributesWrong           Error = Error{Type: "ATTRIBUTES_WRONG", Status: 400, Description: "Specified attribute(s) do not belong to this credential type or missing attributes"}
    ErrorCannotIssue               Error = Error{Type: "CANNOT_ISSUE", Status: 500, Description: "Cannot issue this credential"}

    ErrorIssuanceFailed       Error = Error{Type: "ISSUANCE_FAILED", Status: 500, Description: "Failed to create credential(s)"}
    ErrorInvalidProofs        Error = Error{Type: "INVALID_PROOFS", Status: 400, Description: "Invalid secret key commitments and/or disclosure proofs"}
    ErrorAttributesMissing    Error = Error{Type: "ATTRIBUTES_MISSING", Status: 400, Description: "Not all requested-for attributes were present"}
    ErrorAttributesExpired    Error = Error{Type: "ATTRIBUTES_EXPIRED", Status: 400, Description: "Disclosed attributes were expired"}
    ErrorUnexpectedRequest    Error = Error{Type: "UNEXPECTED_REQUEST", Status: 403, Description: "Unexpected request in this state"}
    ErrorUnknownPublicKey     Error = Error{Type: "UNKNOWN_PUBLIC_KEY", Status: 403, Description: "Attributes were not valid against a known public key"}
    ErrorKeyshareProofMissing Error = Error{Type: "KEYSHARE_PROOF_MISSING", Status: 403, Description: "ProofP object from a keyshare server missing"}
    ErrorSessionUnknown       Error = Error{Type: "SESSION_UNKNOWN", Status: 400, Description: "Unknown or expired session"}
    ErrorMalformedInput       Error = Error{Type: "MALFORMED_INPUT", Status: 400, Description: "Input could not be parsed"}
    ErrorUnknown              Error = Error{Type: "EXCEPTION", Status: 500, Description: "Encountered unexpected problem"}

    ErrorUnsupported     Error = Error{Type: "UNSUPPORTED", Status: 501, Description: "Unsupported by this server"}
    ErrorInvalidRequest  Error = Error{Type: "INVALID_REQUEST", Status: 400, Description: "Invalid HTTP request"}
    ErrorProtocolVersion Error = Error{Type: "PROTOCOL_VERSION", Status: 400, Description: "Protocol version negotiation failed"}
)

type ErrorType Uses

type ErrorType string

type LegacySessionResult Uses

type LegacySessionResult struct {
    Token       string                     `json:"token"`
    Status      Status                     `json:"status"`
    Type        irma.Action                `json:"type"`
    ProofStatus irma.ProofStatus           `json:"proofStatus,omitempty"`
    Disclosed   []*irma.DisclosedAttribute `json:"disclosed,omitempty"`
    Signature   *irma.SignedMessage        `json:"signature,omitempty"`
    Err         *irma.RemoteError          `json:"error,omitempty"`
}

Remove this when dropping support for legacy pre-condiscon session requests

type SessionPackage Uses

type SessionPackage struct {
    SessionPtr *irma.Qr `json:"sessionPtr"`
    Token      string   `json:"token"`
}

type SessionResult Uses

type SessionResult struct {
    Token       string                       `json:"token"`
    Status      Status                       `json:"status"`
    Type        irma.Action                  `json:"type"'`
    ProofStatus irma.ProofStatus             `json:"proofStatus,omitempty"`
    Disclosed   [][]*irma.DisclosedAttribute `json:"disclosed,omitempty"`
    Signature   *irma.SignedMessage          `json:"signature,omitempty"`
    Err         *irma.RemoteError            `json:"error,omitempty"`

    LegacySession bool `json:"-"` // true if request was started with legacy (i.e. pre-condiscon) session request
}

SessionResult contains session information such as the session status, type, possible errors, and disclosed attributes or attribute-based signature if appropriate to the session type.

func (*SessionResult) Legacy Uses

func (r *SessionResult) Legacy() *LegacySessionResult

Remove this when dropping support for legacy pre-condiscon session requests

type Status Uses

type Status string

Status is the status of an IRMA session.

const (
    StatusInitialized Status = "INITIALIZED" // The session has been started and is waiting for the client
    StatusConnected   Status = "CONNECTED"   // The client has retrieved the session request, we wait for its response
    StatusCancelled   Status = "CANCELLED"   // The session is cancelled, possibly due to an error
    StatusDone        Status = "DONE"        // The session has completed successfully
    StatusTimeout     Status = "TIMEOUT"     // Session timed out
)

func (Status) Finished Uses

func (status Status) Finished() bool

Directories

PathSynopsis
irmacRequired to be main when building a shared library
irmad/cmd
irmaserverPackage irmaserver is a library that allows IRMA verifiers, issuers or attribute-based signature applications to perform IRMA sessions with irmaclient instances (i.e.
requestorserverPackage requestorserver is a server allowing IRMA verifiers, issuers or attribute-based signature applications (the requestor) to perform IRMA sessions with irmaclient instances (i.e.

Package server imports 18 packages (graph) and is imported by 7 packages. Updated 2020-02-05. Refresh now. Tools for package owners.