README
¶
About GoActivityPub: Authorization
This project is part of the GoActivityPub library which helps with creating ActivityPub applications using the Go programming language.
It is a wrapper package around making compatible libraries as HTTP-Sig and OAuth2 interact with GoActiivtyPub.
It provides functions to append Authorization headers to requests made with the client module, and also middlewares for verifying incoming requests against remote actors.
You can find an expanded documentation about the whole library on SourceHut.
For discussions about the projects you can write to the discussions mailing list: ~mariusor/[email protected]
For patches and bug reports please use the dev mailing list: ~mariusor/[email protected]
Documentation
¶
Index ¶
- Constants
- Variables
- func ErrFn(logFn LoggerFn) optionFn
- func LoadActorFromOAuthToken(storage oauthStore, tok *oauth2.Token) (vocab.Actor, error)
- func LoadRemoteKey(ctx context.Context, c Client, iri vocab.IRI) (vocab.Actor, *vocab.PublicKey, error)
- func LogFn(logFn LoggerFn) optionFn
- func NewLogger(opt ...optionFn) (*logger, error)
- type Account
- type ActorVerifier
- type Client
- type LoggerFn
- type Metadata
- type OptionFn
- type Server
- type SolverInitFn
Constants ¶
const ID = osin.AuthorizeRequestType("id")
ID is the type of authorization that IndieAuth is using
Variables ¶
var ( DefaultAuthorizeTypes = osin.AllowedAuthorizeType{osin.CODE, osin.TOKEN, ID} DefaultAccessTypes = osin.AllowedAccessType{osin.AUTHORIZATION_CODE, osin.REFRESH_TOKEN, osin.PASSWORD, osin.CLIENT_CREDENTIALS} DefaultConfig = osin.ServerConfig{ AuthorizationExpiration: 86400, AccessExpiration: 2678400, TokenType: "Bearer", AllowedAuthorizeTypes: DefaultAuthorizeTypes, AllowedAccessTypes: DefaultAccessTypes, ErrorStatusCode: http.StatusForbidden, AllowClientSecretInParams: false, AllowGetAccessRequest: false, RetainTokenAfterRefresh: true, RedirectUriSeparator: "\n", } )
var AnonymousActor = vocab.Actor{ ID: vocab.PublicNS, Type: vocab.ActorType, Name: vocab.NaturalLanguageValues{ vocab.NilLangRef: vocab.Content("Anonymous"), }, }
var DefaultKeyWaitLoadTime = 2 * time.Second
var EmptyLogFn = func(log.Ctx, string, ...interface{}) {}
Functions ¶
func LoadActorFromOAuthToken ¶
Types ¶
type ActorVerifier ¶
type ActorVerifier interface {
// Verify validates a request for the existence of an authorized ActivityPub [vocab.Actor] that has
// operated it.
Verify(*http.Request) (vocab.Actor, error)
}
ActorVerifier verifies if a http.Request contains information about an ActivityPub vocab.Actor that has operated it.
func HTTPSignatureResolver ¶
func HTTPSignatureResolver(cl Client, initFns ...SolverInitFn) ActorVerifier
HTTPSignatureResolver returns a HTTP-Signature validator for loading f
func OAuth2Resolver ¶
func OAuth2Resolver(cl Client, initFns ...SolverInitFn) ActorVerifier
OAuth2Resolver
func Resolver ¶
func Resolver(cl Client, initFns ...SolverInitFn) ActorVerifier
type OptionFn ¶
func WithClient ¶
func WithLogger ¶
func WithStorage ¶
func WithStorage(st oauthStore) OptionFn
type Server ¶
func (*Server) LoadActorFromRequest ¶
LoadActorFromRequest reads the Authorization header of an HTTP request and tries to decode it either an OAuth2 or HTTP Signatures:
* For OAuth2 it tries to load the matching local actor and use it further in the processing logic. * For HTTP Signatures it tries to load the federated actor and use it further in the processing logic.
type SolverInitFn ¶
type SolverInitFn = func(*config)
func SolverWithIgnoreList ¶
func SolverWithIgnoreList(iris ...vocab.IRI) SolverInitFn
func SolverWithLocalIRIFn ¶
func SolverWithLocalIRIFn(fn func(vocab.IRI) bool) SolverInitFn
func SolverWithLogger ¶
func SolverWithLogger(l LoggerFn) SolverInitFn
func SolverWithStorage ¶
func SolverWithStorage(s oauthStore) SolverInitFn
Source Files