Merge pull request #17 from martindale/identity
Replace `x-pubkey` with `x-identity`.
This commit is contained in:
commit
0dd79d723a
10
README.md
10
README.md
|
@ -29,10 +29,10 @@ See https://en.bitcoin.it/wiki/Identity_protocol_v1 for complete details.
|
||||||
|
|
||||||
In each request, the client includes a nonce to prevent replay attacks. The client
|
In each request, the client includes a nonce to prevent replay attacks. The client
|
||||||
signs the full url with the request body concatenated if there is one. The signature
|
signs the full url with the request body concatenated if there is one. The signature
|
||||||
is included in the x-signature header and the public key is included in the
|
is included in the `x-signature` header and the public key is included in the
|
||||||
x-pubkey header.
|
`x-identity` header.
|
||||||
|
|
||||||
The server verifies that the signature is valid and that it matches the public key.
|
The server verifies that the signature is valid and that it matches the identity (the public key).
|
||||||
It then computes the SIN from the public key, and sees whether that SIN has access
|
It then computes the SIN from the public key, and sees whether that SIN has access
|
||||||
to the requested resource. The nonce is checked to make sure it is higher than
|
to the requested resource. The nonce is checked to make sure it is higher than
|
||||||
the previously used nonce.
|
the previously used nonce.
|
||||||
|
@ -135,7 +135,7 @@ for(k in keys) {
|
||||||
var options = {
|
var options = {
|
||||||
url: url,
|
url: url,
|
||||||
headers: {
|
headers: {
|
||||||
'x-pubkey': bitauth.getPublicKeyFromPrivateKey(keys[k]),
|
'x-identity': bitauth.getPublicKeyFromPrivateKey(keys[k]),
|
||||||
'x-signature': bitauth.sign(dataToSign, keys[k])
|
'x-signature': bitauth.sign(dataToSign, keys[k])
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
@ -161,7 +161,7 @@ for(k in keys) {
|
||||||
var options = {
|
var options = {
|
||||||
url: url,
|
url: url,
|
||||||
headers: {
|
headers: {
|
||||||
'x-pubkey': bitauth.getPublicKeyFromPrivateKey(keys[k]),
|
'x-identity': bitauth.getPublicKeyFromPrivateKey(keys[k]),
|
||||||
'x-signature': bitauth.sign(dataToSign, keys[k])
|
'x-signature': bitauth.sign(dataToSign, keys[k])
|
||||||
},
|
},
|
||||||
json: data
|
json: data
|
||||||
|
|
|
@ -15,7 +15,7 @@ for(k in keys) {
|
||||||
var options = {
|
var options = {
|
||||||
url: url,
|
url: url,
|
||||||
headers: {
|
headers: {
|
||||||
'x-pubkey': bitauth.getPublicKeyFromPrivateKey(keys[k]),
|
'x-identity': bitauth.getPublicKeyFromPrivateKey(keys[k]),
|
||||||
'x-signature': bitauth.sign(dataToSign, keys[k])
|
'x-signature': bitauth.sign(dataToSign, keys[k])
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
@ -41,7 +41,7 @@ for(k in keys) {
|
||||||
var options = {
|
var options = {
|
||||||
url: url,
|
url: url,
|
||||||
headers: {
|
headers: {
|
||||||
'x-pubkey': bitauth.getPublicKeyFromPrivateKey(keys[k]),
|
'x-identity': bitauth.getPublicKeyFromPrivateKey(keys[k]),
|
||||||
'x-signature': bitauth.sign(dataToSign, keys[k])
|
'x-signature': bitauth.sign(dataToSign, keys[k])
|
||||||
},
|
},
|
||||||
json: data
|
json: data
|
||||||
|
@ -55,4 +55,4 @@ for(k in keys) {
|
||||||
console.log(body);
|
console.log(body);
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
|
@ -32,4 +32,4 @@ app.get('/pizzas', function(req, res) {
|
||||||
res.send(200, pizzas);
|
res.send(200, pizzas);
|
||||||
});
|
});
|
||||||
|
|
||||||
app.listen(3000);
|
app.listen(3000);
|
||||||
|
|
|
@ -1,24 +1,24 @@
|
||||||
var bitauth = require('../bitauth');
|
var bitauth = require('../bitauth');
|
||||||
|
|
||||||
module.exports = function(req, res, next) {
|
module.exports = function(req, res, next) {
|
||||||
if(req.headers && req.headers['x-pubkey'] && req.headers['x-signature']) {
|
if(req.headers && req.headers['x-identity'] && req.headers['x-signature']) {
|
||||||
// Check signature is valid
|
// Check signature is valid
|
||||||
// First construct data to check signature on
|
// First construct data to check signature on
|
||||||
var fullUrl = req.protocol + '://' + req.get('host') + req.url;
|
var fullUrl = req.protocol + '://' + req.get('host') + req.url;
|
||||||
var data = fullUrl + req.rawBody;
|
var data = fullUrl + req.rawBody;
|
||||||
|
|
||||||
bitauth.verifySignature(data, req.headers['x-pubkey'], req.headers['x-signature'], function(err, result) {
|
bitauth.verifySignature(data, req.headers['x-identity'], req.headers['x-signature'], function(err, result) {
|
||||||
if(err || !result) {
|
if(err || !result) {
|
||||||
return res.send(400, {error: 'Invalid signature'});
|
return res.send(400, {error: 'Invalid signature'});
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get the SIN from the public key
|
// Get the SIN from the public key
|
||||||
var sin = bitauth.getSinFromPublicKey(req.headers['x-pubkey']);
|
var sin = bitauth.getSinFromPublicKey(req.headers['x-identity']);
|
||||||
if(!sin) return res.send(400, {error: 'Bad public key'});
|
if(!sin) return res.send(400, {error: 'Bad public key from identity'});
|
||||||
req.sin = sin;
|
req.sin = sin;
|
||||||
next();
|
next();
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
next();
|
next();
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in New Issue