multipaz/org.multipaz.rpc.handler/RpcAuthInspectorSignature

RpcAuthInspectorSignature

class RpcAuthInspectorSignature(val timeout: Duration = 10.minutes, val nonceChecker: suspend (clientId: String, nonce: ByteString, expiration: Instant) -> RpcNonceAndSession = RpcNonceAndSession::checkNonce, val keyLookup: suspend (String) -> EcPublicKey) : RpcAuthInspector

Implementation of RpcAuthInspector that requires each RPC call to be authorized with AssertionRpcAuth object signed by a trusted well-known public key. Authorization is only trusted for timeout duration. Nonce AssertionRpcAuth.nonce uniqueness is checked by nonceChecker.

Constructors

Link copied to clipboard
constructor(timeout: Duration = 10.minutes, nonceChecker: suspend (clientId: String, nonce: ByteString, expiration: Instant) -> RpcNonceAndSession = RpcNonceAndSession::checkNonce, keyLookup: suspend (String) -> EcPublicKey)

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
val keyLookup: suspend (String) -> EcPublicKey
Link copied to clipboard
val nonceChecker: suspend (clientId: String, nonce: ByteString, expiration: Instant) -> RpcNonceAndSession
Link copied to clipboard

Functions

Link copied to clipboard
open suspend override fun authCheck(target: String, method: String, payload: Bstr, authMessage: DataItem): RpcAuthContext

Checks RPC authorization.