HTTP Request Signing with Ed25519
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
lib
test
.gitignore
.jshintrc
.travis.yml
LICENSE
README.md
package.json

README.md

Gryphon

An HTTP authentication scheme similar to Hawk, but with Ed25519 public-key signatures instead of shared secrets.

[Gryphons] are known for guarding treasure and priceless possessions.

Table of Contents

  • Introduction
  • Usage

Introduction

TODO

Usage

Key Generation

A client can generate a keypair to use, storing the private key and giving the public key to the target server. How this is done is out of scope of this library.

var gryphon = require('gryphon');
var keys = gryphon.keys(); // { pk: Buffer, sk: Buffer }

Request Signing

Before sending a request to the target server, an Authorization header should be generated using the private key:

var gryphon = require('gryphon');
var request = require('request');
var url = require('url');

var req = url.parse('https://example.domain/foo');
req.method = 'get';
req.headers.authorization = gryphon.header(req, secretKey);
request(req).pipe(process.stdout);

Request Authentication

A server consuming requests signed with Gryphon can authenticate if a request originated from the owner of the public key:

var gryphon = require('gryphon');

http.createServer(function(req, res) {
  var pk = gryphon.authenticate(req);
  if (pk) {
    var client = db.getByPk(pk);
    if (client) {
      return res.send('hello ' + client.name);
    }
  }
  res.send(401, "i don't know you");
}).listen(8080);

Testing

See testing guide