- commit
- c099930
- parent
- c099930
- author
- cheddar
- date
- 2025-02-11 05:07:41 +0100 CET
Initial commit - test client
8 files changed,
+137,
-0
+3,
-0
1@@ -0,0 +1,3 @@
2+# sig-auth
3+
4+Signature authentication service designed to be used as middleware for a reverse proxy
+39,
-0
1@@ -0,0 +1,39 @@
2+package client
3+
4+import (
5+ "crypto"
6+ "crypto/ecdsa"
7+ "crypto/ed25519"
8+ "crypto/rsa"
9+ "fmt"
10+ "net/http"
11+ "reflect"
12+
13+ "github.com/common-fate/httpsig"
14+ "github.com/common-fate/httpsig/alg_ecdsa"
15+ "github.com/common-fate/httpsig/alg_ed25519"
16+ "github.com/common-fate/httpsig/alg_rsa"
17+ "github.com/common-fate/httpsig/signer"
18+)
19+
20+func GetSigningClient(key crypto.PrivateKey, keyId string) (*http.Client, error) {
21+ var alg signer.Algorithm
22+
23+ switch p := key.(type) {
24+ case *rsa.PrivateKey:
25+ alg = alg_rsa.NewRSAPKCS256Signer(p)
26+ case *ed25519.PrivateKey:
27+ alg = alg_ed25519.Ed25519{PrivateKey: *p}
28+ case *ecdsa.PrivateKey:
29+ alg = alg_ecdsa.NewP256Signer(p)
30+ default:
31+ return nil, fmt.Errorf("type is unknown: %s", reflect.TypeOf(key))
32+ }
33+
34+ client := httpsig.NewClient(httpsig.ClientOpts{
35+ KeyID: keyId,
36+ Alg: alg,
37+ })
38+
39+ return client, nil
40+}
A
go.mod
+13,
-0
1@@ -0,0 +1,13 @@
2+module crispbyte.dev/sig-auth
3+
4+go 1.23.4
5+
6+require (
7+ github.com/common-fate/httpsig v0.2.1
8+ golang.org/x/crypto v0.33.0
9+)
10+
11+require (
12+ github.com/dunglas/httpsfv v1.0.2 // indirect
13+ golang.org/x/sys v0.30.0 // indirect
14+)
A
go.sum
+12,
-0
1@@ -0,0 +1,12 @@
2+github.com/common-fate/httpsig v0.2.1 h1:3frYlirzDCbynvp4OleEIm7JdgvWfeNVW8KUmQHZ04w=
3+github.com/common-fate/httpsig v0.2.1/go.mod h1:nMk4aBS8GDo8tiUMLqB60W6I3+BiNH5Uj437pV61Jl8=
4+github.com/dunglas/httpsfv v1.0.2 h1:iERDp/YAfnojSDJ7PW3dj1AReJz4MrwbECSSE59JWL0=
5+github.com/dunglas/httpsfv v1.0.2/go.mod h1:zID2mqw9mFsnt7YC3vYQ9/cjq30q41W+1AnDwH8TiMg=
6+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
7+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
8+golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus=
9+golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M=
10+golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
11+golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
12+golang.org/x/term v0.29.0 h1:L6pJp37ocefwRRtYPKSWOWzOtWSxVajvz2ldH/xi3iU=
13+golang.org/x/term v0.29.0/go.mod h1:6bl4lRlvVuDgSf3179VpIxBF0o10JUpXWOnI7nErv7s=
A
main.go
+56,
-0
1@@ -0,0 +1,56 @@
2+package main
3+
4+import (
5+ "bytes"
6+ "crypto"
7+ "encoding/json"
8+ "fmt"
9+ "log"
10+ "os"
11+
12+ "crispbyte.dev/sig-auth/client"
13+ "golang.org/x/crypto/ssh"
14+)
15+
16+func main() {
17+ testData := map[string]string{"hello": "world"}
18+ json_data, _ := json.Marshal(testData)
19+
20+ keyFile := "testkey"
21+
22+ key, err := loadPrivateKey(keyFile)
23+
24+ if err != nil {
25+ log.Fatal(err)
26+ }
27+
28+ client, err := client.GetSigningClient(key, "test-id")
29+
30+ if err != nil {
31+ log.Fatal(err)
32+ }
33+
34+ resp, err := client.Post("http://localhost:8080/post", "application/json", bytes.NewBuffer(json_data))
35+
36+ if err != nil {
37+ log.Fatal(err)
38+ }
39+
40+ defer resp.Body.Close()
41+
42+ var res map[string]interface{}
43+
44+ json.NewDecoder(resp.Body).Decode(&res)
45+
46+ fmt.Println(res)
47+}
48+
49+func loadPrivateKey(keyFile string) (crypto.PrivateKey, error) {
50+ keyBytes, err := os.ReadFile(keyFile)
51+
52+ if err != nil {
53+ return nil, err
54+ }
55+
56+ return ssh.ParseRawPrivateKey(keyBytes)
57+}
+6,
-0
1@@ -0,0 +1,6 @@
2+{ pkgs ? import <nixpkgs> {} }:
3+ pkgs.mkShell {
4+ nativeBuildInputs = with pkgs.buildPackages; [
5+ go
6+ ];
7+}
A
testkey
+7,
-0
1@@ -0,0 +1,7 @@
2+-----BEGIN OPENSSH PRIVATE KEY-----
3+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
4+QyNTUxOQAAACClBMnrOEzDPIDNzMdasPn+BI6FRixvQxNTXDX7HOWOXgAAAJCI3nP3iN5z
5+9wAAAAtzc2gtZWQyNTUxOQAAACClBMnrOEzDPIDNzMdasPn+BI6FRixvQxNTXDX7HOWOXg
6+AAAEBpWmg8wb9vnPh9P38pGBHMqq2myayLWEY8I+8EMAIcq6UEyes4TMM8gM3Mx1qw+f4E
7+joVGLG9DE1NcNfsc5Y5eAAAADGphbWllQGF0aGVuYQE=
8+-----END OPENSSH PRIVATE KEY-----
+1,
-0
1@@ -0,0 +1 @@
2+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUEyes4TMM8gM3Mx1qw+f4EjoVGLG9DE1NcNfsc5Y5e test@key