From 786cc0108cf8bde22b23a4550bb89afa25f3ea55 Mon Sep 17 00:00:00 2001 From: mleku Date: Sun, 2 Feb 2025 11:12:50 -0106 Subject: [PATCH] add http authentication protocol --- doc/events_queries.adoc | 16 +++++++++++++++- pkg/id/id_test.go | 2 +- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/doc/events_queries.adoc b/doc/events_queries.adoc index dc89518..ee8e10c 100644 --- a/doc/events_queries.adoc +++ b/doc/events_queries.adoc @@ -30,13 +30,27 @@ It is unnecessary messages and work to use websockets for queries that match the There can be a separate subscription type also, where there is delivering the IDs only, or forwarding the whole event. +=== HTTP Authentication + +For the most part, all queries and submissions must be authenticated in order to enable a REALY relay to allow access. + +To enable this, a suffix is added to messages with the following format: + +`\n` // all messages must be terminated with a newline + +`::\n` + +For reasons of security, a relay should not allow a time skew in the timestamp of more than 15 seconds. + +The signature is upon the Blake 2b message hash of everything up to the semicolon preceding it. + == Events The format of events is as follows - the monospace segments are the exact text, including the necessary linebreak characters, the rest is descriptive. --- -`\n` // can be anything, hierarchic names like note/html note/md are possible +`\n` // can be anything, hierarchic names like note/html note/md are possible, or type.subtype or whatever `\n` // encoded in URL-base64 with the padding `=` elided diff --git a/pkg/id/id_test.go b/pkg/id/id_test.go index 6c0dd37..2cd2c5b 100644 --- a/pkg/id/id_test.go +++ b/pkg/id/id_test.go @@ -7,7 +7,7 @@ import ( "testing" ) -func TestP_Marshal_Unmarshal(t *testing.T) { +func TestT_Marshal_Unmarshal(t *testing.T) { var err error for range 10 { pk := make([]byte, ed25519.PublicKeySize)