proxy: add JWT request signing support (#19)

Browse source

- Refactored middleware and request hander logging.
- Request refactored to use context.Context.
- Add helper (based on Alice) to allow middleware chaining.
- Add helper scripts to generate elliptic curve self-signed certificate that can be used to sign JWT.
- Changed LetsEncrypt scripts to use acme instead of certbot.
- Add script to have LetsEncrypt sign an RSA based certificate.
- Add documentation to explain how to verify headers.
- Refactored internal/cryptutil signer's code to expect a valid EC priv key.
- Changed JWT expiries to use default leeway period.
- Update docs and add screenshots.
- Replaced logging handler logic to use context.Context.
- Removed specific XML error handling.
- Refactored handler function signatures to prefer standard go idioms.

...

This commit is contained in:

Bobby DeSimone 2019-01-22 21:44:22 -08:00 • committed by GitHub

parent 98b8c7481f

commit 426e003b03

No known key found for this signature in database

GPG key ID: 4AEE18F83AFDEB23

30 changed files with 1711 additions and 588 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download patch file Download diff file Expand all files Collapse all files

BIN

docs/guide/signed-headers/inspect-headers.png Normal file

View file

Binary file not shown.

Side by side After Width:  |  Height:  |  Size: 450 KiB

BIN

docs/guide/signed-headers/verifying-headers-1.png Normal file

View file

Binary file not shown.

Side by side After Width:  |  Height:  |  Size: 164 KiB

BIN

docs/guide/signed-headers/verifying-headers-2.png Normal file

View file

Binary file not shown.

Side by side After Width:  |  Height:  |  Size: 386 KiB