commit 6ecf05469fcac95e7cca838c261d0ea99df64aa0 Author: b5 Date: Thu Sep 3 00:12:34 2020 -0400 feat: initial ucan implementation diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..94a9ed0 --- /dev/null +++ b/LICENSE @@ -0,0 +1,674 @@ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + Copyright (C) + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. diff --git a/README.md b/README.md new file mode 100644 index 0000000..8380279 --- /dev/null +++ b/README.md @@ -0,0 +1,4 @@ +# UCAN Tokens in Go + +Under Heavy Construction, an initial implementation of [UCAN tokens](https://whitepaper.fission.codes/access-control/ucan/ucan-tokens) from [fission](https://fission.codes) + diff --git a/attenuation.go b/attenuation.go new file mode 100644 index 0000000..3f9c233 --- /dev/null +++ b/attenuation.go @@ -0,0 +1,142 @@ +package ucan + +import ( + "encoding/json" +) + +const CapKey = "cap" + +// Attenuations is a list of attenuations +type Attenuations []Attenuation + +// Contains is true if all attenuations in b are contained +func (att Attenuations) Contains(b Attenuations) bool { +LOOP: + for _, x := range b { + for _, y := range att { + if y.Contains(x) { + continue LOOP + } + } + return false + } + return true +} + +type AttenuationConstructor func(v map[string]interface{}) (Attenuation, error) + +type Attenuation struct { + Cap Capability + Rsc Resource +} + +func (a Attenuation) Contains(b Attenuation) bool { + return a.Rsc.Type() == b.Rsc.Type() && a.Rsc.Contains(b.Rsc) && a.Cap.Contains(b.Cap) +} + +func NewAttenuation(cap Capability, rsc Resource) Attenuation { + return Attenuation{ + Rsc: rsc, + Cap: cap, + } +} + +func (a Attenuation) MarshalJSON() ([]byte, error) { + return json.Marshal(map[string]interface{}{ + a.Rsc.Type(): a.Rsc.Value(), + CapKey: a.Cap.String(), + }) +} + +// ResourcePool is a pool of type strings to +var ResourcePool map[string]ResourceConstructor + +type Resource interface { + Type() string + Value() string + Contains(b Resource) bool +} + +type ResourceConstructor func(typ, val string) Resource + +type stringLengthRsc struct { + t string + v string +} + +func NewStringLengthResource(typ, val string) Resource { + return stringLengthRsc{ + t: typ, + v: val, + } +} + +func (r stringLengthRsc) Type() string { + return r.t +} + +func (r stringLengthRsc) Value() string { + return r.v +} + +func (r stringLengthRsc) Contains(b Resource) bool { + return len(r.Value()) < len(b.Value()) +} + +// Capability is the interface for an action users can perform +type Capability interface { + String() string + Contains(b Capability) bool +} + +// NestedCapabilities is a basic implementation of the Capabilities interface +// based on a hierarchal list of strings +type NestedCapabilities struct { + cap string + idx int + hierarchy *[]string +} + +// assert at compile-time NestedCapabilities implements Capability +var _ Capability = (*NestedCapabilities)(nil) + +// NewNestedCapabilities +func NewNestedCapabilities(strs ...string) NestedCapabilities { + return NestedCapabilities{ + cap: strs[0], + idx: 0, + hierarchy: &strs, + } +} + +func (nc NestedCapabilities) Cap(str string) Capability { + idx := -1 + for i, c := range *nc.hierarchy { + if c == str { + idx = i + } + } + + return NestedCapabilities{ + cap: str, + idx: idx, + hierarchy: nc.hierarchy, + } +} + +func (nc NestedCapabilities) String() string { + return nc.cap +} + +func (nc NestedCapabilities) Contains(cap Capability) bool { + str := cap.String() + for i, c := range *nc.hierarchy { + if c == str { + if i > nc.idx { + return false + } + return true + } + } + return false +} diff --git a/attenuation_test.go b/attenuation_test.go new file mode 100644 index 0000000..a96ddb5 --- /dev/null +++ b/attenuation_test.go @@ -0,0 +1,9 @@ +package ucan + +import ( + "testing" +) + +func TestAttenuationsContains(t *testing.T) { + +} diff --git a/context.go b/context.go new file mode 100644 index 0000000..fb4d2e9 --- /dev/null +++ b/context.go @@ -0,0 +1,27 @@ +package ucan + +import ( + "context" +) + +// CtxKey defines a distinct type for context keys used by the access +// package +type CtxKey string + +// UCANCtxKey is the key for adding an access UCAN to a context.Context +const UCANCtxKey CtxKey = "UCAN" + +// CtxWithUCAN adds a UCAN value to a context +func CtxWithUCAN(ctx context.Context, t UCAN) context.Context { + return context.WithValue(ctx, UCANCtxKey, t) +} + +// UCANFromCtx extracts a Dataset reference from a given +// context if one is set, returning nil otherwise +func UCANFromCtx(ctx context.Context) *UCAN { + iface := ctx.Value(UCANCtxKey) + if ref, ok := iface.(*UCAN); ok { + return ref + } + return nil +} diff --git a/example_test.go b/example_test.go new file mode 100644 index 0000000..3977be2 --- /dev/null +++ b/example_test.go @@ -0,0 +1,86 @@ +package ucan_test + +import ( + "context" + "fmt" + "time" + + "github.com/qri-io/ucan" +) + +func ExampleWalkthrough() { + source, err := ucan.NewPrivKeyUCANSource(keyOne) + panicIfError(err) + + subjectDID, err := ucan.DIDStringFromPublicKey(keyOne.GetPublic()) + panicIfError(err) + + caps := ucan.NewNestedCapabilities("SUPER_USER", "OVERWRITE", "SOFT_DELETE", "REVISE", "CREATE") + att := ucan.Attenuations{ + {caps.Cap("SUPER_USER"), ucan.NewStringLengthResource("api", "*")}, + {caps.Cap("SUPER_USER"), ucan.NewStringLengthResource("dataset", "b5:world_bank_population:*")}, + } + zero := time.Time{} + + // create a root UCAN + rootToken, err := source.NewRootUCAN(subjectDID, att, nil, zero, zero) + panicIfError(err) + + id, err := rootToken.CID() + panicIfError(err) + + fmt.Printf("cid of root UCAN: %s\n", id.String()) + + att = ucan.Attenuations{ + {caps.Cap("SUPER_USER"), ucan.NewStringLengthResource("dataset", "third:resource")}, + } + + if _, err = source.NewAttenuatedUCAN(rootToken, subjectDID, att, nil, zero, zero); err != nil { + fmt.Println(err) + } + + p := exampleParser() + _, err = p.ParseAndVerify(context.Background(), rootToken.Raw) + panicIfError(err) + + // Output: + // cid of root UCAN: bafkreidhsvhlctwylgeibl2eeapdvbl3qm3mbqcqhxhvy4grmr25ji77hu + // scope of ucan attenuations must be less than it's parent +} + +func panicIfError(err error) { + if err != nil { + panic(err) + } +} + +func exampleParser() *ucan.UCANParser { + caps := ucan.NewNestedCapabilities("SUPER_USER", "OVERWRITE", "SOFT_DELETE", "REVISE", "CREATE") + + ac := func(m map[string]interface{}) (ucan.Attenuation, error) { + var ( + cap string + rsc ucan.Resource + ) + for key, vali := range m { + val, ok := vali.(string) + if !ok { + return ucan.Attenuation{}, fmt.Errorf(`expected attenuation value to be a string`) + } + + if key == ucan.CapKey { + cap = val + } else { + rsc = ucan.NewStringLengthResource(key, val) + } + } + + return ucan.Attenuation{ + Rsc: rsc, + Cap: caps.Cap(cap), + }, nil + } + + store := ucan.NewMemTokenStore() + return ucan.NewUCANParser(ac, ucan.StringDIDPubKeyResolver{}, store.(ucan.CIDBytesResolver)) +} diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..c2f0c23 --- /dev/null +++ b/go.mod @@ -0,0 +1,13 @@ +module github.com/qri-io/ucan + +go 1.15 + +require ( + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/dgrijalva/jwt-go v3.2.0+incompatible + github.com/ipfs/go-cid v0.0.7 + github.com/libp2p/go-libp2p-core v0.7.0 + github.com/multiformats/go-multihash v0.0.14 + golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 // indirect + golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae // indirect +) diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..262e716 --- /dev/null +++ b/go.sum @@ -0,0 +1,118 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/aead/siphash v1.0.1/go.mod h1:Nywa3cDsYNNK3gaciGTWPwHt0wlpNV15vwmswBAUSII= +github.com/btcsuite/btcd v0.20.1-beta/go.mod h1:wVuoA8VJLEcwgqHBwHmzLRazpKxTv13Px/pDuV7OomQ= +github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f/go.mod h1:TdznJufoqS23FtqVCzL0ZqgP5MqXbb4fg/WgDys70nA= +github.com/btcsuite/btcutil v0.0.0-20190425235716-9e5f4b9a998d/go.mod h1:+5NJ2+qvTyV9exUAL/rxXi3DcLg2Ts+ymUAY5y4NvMg= +github.com/btcsuite/go-socks v0.0.0-20170105172521-4720035b7bfd/go.mod h1:HHNXQzUsZCxOoE+CPiyCTO6x34Zs86zZUiwtpXoGdtg= +github.com/btcsuite/goleveldb v0.0.0-20160330041536-7834afc9e8cd/go.mod h1:F+uVaaLLH7j4eDXPRvw78tMflu7Ie2bzYOH4Y8rRKBY= +github.com/btcsuite/snappy-go v0.0.0-20151229074030-0bdef8d06723/go.mod h1:8woku9dyThutzjeg+3xrA5iCpBRH8XEEg3lh6TiUghc= +github.com/btcsuite/websocket v0.0.0-20150119174127-31079b680792/go.mod h1:ghJtEyQwv5/p4Mg4C0fgbePVuGr935/5ddU9Z3TmDRY= +github.com/btcsuite/winsvc v1.0.0/go.mod h1:jsenWakMcC0zFBFurPLEAyrnc/teJEM1O46fmI40EZs= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= +github.com/davecgh/go-spew v0.0.0-20171005155431-ecdeabc65495/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/ipfs/go-cid v0.0.7 h1:ysQJVJA3fNDF1qigJbsSQOdjhVLsOEoPdh0+R97k3jY= +github.com/ipfs/go-cid v0.0.7/go.mod h1:6Ux9z5e+HpkQdckYoX1PG/6xqKspzlEIR5SDmgqgC/I= +github.com/jbenet/go-cienv v0.1.0/go.mod h1:TqNnHUmJgXau0nCzC7kXWeotg3J9W34CUv5Djy1+FlA= +github.com/jbenet/goprocess v0.1.4/go.mod h1:5yspPrukOVuOLORacaBi858NqyClJPQxYZlqdZVfqY4= +github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= +github.com/jrick/logrotate v1.0.0/go.mod h1:LNinyqDIJnpAur+b8yyulnQw/wDuN1+BYKlTRt3OuAQ= +github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/kkdai/bstream v0.0.0-20161212061736-f391b8402d23/go.mod h1:J+Gs4SYgM6CZQHDETBtE9HaSEkGmuNXF86RwHhHUvq4= +github.com/libp2p/go-buffer-pool v0.0.2/go.mod h1:MvaB6xw5vOrDl8rYZGLFdKAuk/hRoRZd1Vi32+RXyFM= +github.com/libp2p/go-flow-metrics v0.0.3/go.mod h1:HeoSNUrOJVK1jEpDqVEiUOIXqhbnS27omG0uWU5slZs= +github.com/libp2p/go-libp2p-core v0.7.0 h1:4a0TMjrWNTZlNvcqxZmrMRDi/NQWrhwO2pkTuLSQ/IQ= +github.com/libp2p/go-libp2p-core v0.7.0/go.mod h1:FfewUH/YpvWbEB+ZY9AQRQ4TAD8sJBt/G1rVvhz5XT8= +github.com/libp2p/go-msgio v0.0.6/go.mod h1:4ecVB6d9f4BDSL5fqvPiC4A3KivjWn+Venn/1ALLMWA= +github.com/libp2p/go-openssl v0.0.7 h1:eCAzdLejcNVBzP/iZM9vqHnQm+XyCEbSSIheIPRGNsw= +github.com/libp2p/go-openssl v0.0.7/go.mod h1:unDrJpgy3oFr+rqXsarWifmJuNnJR4chtO1HmaZjggc= +github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1/go.mod h1:pD8RvIylQ358TN4wwqatJ8rNavkEINozVn9DtGI3dfQ= +github.com/minio/sha256-simd v0.1.1-0.20190913151208-6de447530771/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM= +github.com/minio/sha256-simd v0.1.1/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM= +github.com/mr-tron/base58 v1.1.0/go.mod h1:xcD2VGqlgYjBdcBLw+TuYLr8afG+Hj8g2eTVqeSzSU8= +github.com/mr-tron/base58 v1.1.3/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= +github.com/mr-tron/base58 v1.2.0 h1:T/HDJBh4ZCPbU39/+c3rRvE0uKBQlU27+QI8LJ4t64o= +github.com/mr-tron/base58 v1.2.0/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= +github.com/multiformats/go-base32 v0.0.3/go.mod h1:pLiuGC8y0QR3Ue4Zug5UzK9LjgbkL8NSQj0zQ5Nz/AA= +github.com/multiformats/go-base36 v0.1.0 h1:JR6TyF7JjGd3m6FbLU2cOxhC0Li8z8dLNGQ89tUg4F4= +github.com/multiformats/go-base36 v0.1.0/go.mod h1:kFGE83c6s80PklsHO9sRn2NCoffoRdUUOENyW/Vv6sM= +github.com/multiformats/go-multiaddr v0.2.2 h1:XZLDTszBIJe6m0zF6ITBrEcZR73OPUhCBBS9rYAuUzI= +github.com/multiformats/go-multiaddr v0.2.2/go.mod h1:NtfXiOtHvghW9KojvtySjH5y0u0xW5UouOmQQrn6a3Y= +github.com/multiformats/go-multibase v0.0.3 h1:l/B6bJDQjvQ5G52jw4QGSYeOTZoAwIO77RblWplfIqk= +github.com/multiformats/go-multibase v0.0.3/go.mod h1:5+1R4eQrT3PkYZ24C3W2Ue2tPwIdYQD509ZjSb5y9Oc= +github.com/multiformats/go-multihash v0.0.13/go.mod h1:VdAWLKTwram9oKAatUcLxBNUjdtcVwxObEQBtRfuyjc= +github.com/multiformats/go-multihash v0.0.14 h1:QoBceQYQQtNUuf6s7wHxnE2c8bhbMqhfGzNI032se/I= +github.com/multiformats/go-multihash v0.0.14/go.mod h1:VdAWLKTwram9oKAatUcLxBNUjdtcVwxObEQBtRfuyjc= +github.com/multiformats/go-varint v0.0.5/go.mod h1:3Ls8CIEsrijN6+B7PbrXRPxHRPuXSrVKRY101jdMZYE= +github.com/multiformats/go-varint v0.0.6 h1:gk85QWKxh3TazbLxED/NlDVv8+q+ReFJk7Y2W/KhfNY= +github.com/multiformats/go-varint v0.0.6/go.mod h1:3Ls8CIEsrijN6+B7PbrXRPxHRPuXSrVKRY101jdMZYE= +github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/spacemonkeygo/spacelog v0.0.0-20180420211403-2296661a0572/go.mod h1:w0SWMsp6j9O/dk4/ZpIhL+3CkG8ofA2vuv7k+ltqUMc= +github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +golang.org/x/crypto v0.0.0-20170930174604-9419663f5a44/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae h1:Ih9Yo4hSPImZOpfGuA4bR/ORKTAbhZo2AbWNRCnevdo= +golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/spec/token_source.go b/spec/token_source.go new file mode 100644 index 0000000..44c2888 --- /dev/null +++ b/spec/token_source.go @@ -0,0 +1,42 @@ +package spec + +// import ( +// "context" +// "testing" + +// "github.com/dgrijalva/jwt-go" +// cfgtest "github.com/qri-io/qri/config/test" +// "github.com/qri-io/qri/repo/profile" +// "github.com/qri-io/ucan" +// ) + +// // AssertTokenSourceSpec ensures a TokenSource implementation behaves as +// // expected +// func AssertTokenSourceSpec(t *testing.T, newTokenSource func(ctx context.Context) ucan.TokenSource) { +// ctx, cancel := context.WithCancel(context.Background()) +// defer cancel() + +// source := newTokenSource(ctx) + +// p1 := &profile.Profile{ +// ID: profile.IDB58DecodeOrEmpty(cfgtest.GetTestPeerInfo(1).EncodedPeerID), +// Peername: "username", +// } + +// raw, err := source.CreateToken(p1, 0) +// if err != nil { +// t.Errorf("source should allow creating key with valid profile & zero duration. got: %q", err) +// } + +// p := &jwt.Parser{ +// UseJSONNumber: true, +// SkipClaimsValidation: false, +// } +// if _, _, err := p.ParseUnverified(raw, &ucan.TokenClaims{}); err != nil { +// t.Errorf("created token must parse with acces.TokenClaims. got: %q", err) +// } + +// if _, err := ucan.ParseToken(raw, source); err != nil { +// t.Errorf("source must create tokens that parse with it's own verification keys. error: %q", err) +// } +// } diff --git a/spec/token_store.go b/spec/token_store.go new file mode 100644 index 0000000..6db4b7c --- /dev/null +++ b/spec/token_store.go @@ -0,0 +1,130 @@ +package spec + +// import ( +// "context" +// "errors" +// "testing" +// "time" + +// "github.com/google/go-cmp/cmp" +// cfgtest "github.com/qri-io/qri/config/test" +// "github.com/qri-io/qri/repo/profile" +// "github.com/qri-io/ucan" +// ) + +// // AssertTokenStoreSpec ensures an ucan.TokenStore implementation behaves as +// // expected +// func AssertTokenStoreSpec(t *testing.T, newTokenStore func(context.Context) ucan.TokenStore) { +// prevTs := ucan.Timestamp +// ucan.Timestamp = func() time.Time { return time.Time{} } +// defer func() { ucan.Timestamp = prevTs }() + +// ctx, cancel := context.WithCancel(context.Background()) +// defer cancel() + +// pk := cfgtest.GetTestPeerInfo(0).PrivKey +// tokens, err := ucan.NewPrivKeyTokenSource(pk) +// if err != nil { +// t.Fatalf("creating local tokens: %q", err) +// } +// store := newTokenStore(ctx) + +// results, err := store.ListTokens(ctx, 0, -1) +// if err != nil { +// t.Errorf("listing all tokens of an empty store shouldn't error. got: %q ", err) +// } +// if len(results) > 0 { +// t.Errorf("new store should return no results. got: %d", len(results)) +// } + +// _, err = store.RawToken(ctx, "this doesn't exist") +// if !errors.Is(err, ucan.ErrTokenNotFound) { +// t.Errorf("expected store.RawToken(nonexistent key) to return a wrap of ucan.ErrTokenNotFound. got: %q", err) +// } +// err = store.DeleteToken(ctx, "this also doesn't exist") +// if !errors.Is(err, ucan.ErrTokenNotFound) { +// t.Errorf("expected store.D key to return a wrap of ucan.ErrTokenNotFound. got: %q", err) +// } +// if err := store.PutToken(ctx, "_bad_key", "not.a.key"); err == nil { +// t.Errorf("putting an invalid json web token should error. got nil") +// } + +// p1 := &profile.Profile{ +// ID: profile.IDB58DecodeOrEmpty(cfgtest.GetTestPeerInfo(1).EncodedPeerID), +// Peername: "local_user", +// } +// t1Raw, err := tokens.CreateToken(p1, 0) +// if err != nil { +// t.Fatalf("creating token: %q", err) +// } + +// if err := store.PutToken(ctx, "_root", t1Raw); err != nil { +// t.Errorf("putting root key shouldn't error. got: %q", err) +// } + +// results, err = store.ListTokens(ctx, 0, -1) +// if err != nil { +// t.Errorf("listing all tokens of an empty store shouldn't error. got: %q ", err) +// } +// if len(results) != 1 { +// t.Errorf("result length mismatch listing keys after adding `root` key. expected 1, got: %d", len(results)) +// } + +// p2 := &profile.Profile{ +// ID: profile.IDB58DecodeOrEmpty(cfgtest.GetTestPeerInfo(1).EncodedPeerID), +// Peername: "user_2", +// } +// t2Raw, err := tokens.CreateToken(p2, time.Millisecond*10) +// if err != nil { +// t.Fatalf("creating token: %q", err) +// } + +// secondKey := "http://registry.qri.cloud" +// if err := store.PutToken(ctx, secondKey, t2Raw); err != nil { +// t.Errorf("putting a second token with key=%q shouldn't error. got: %q", secondKey, err) +// } + +// results, err = store.ListTokens(ctx, 0, -1) +// if err != nil { +// t.Errorf("listing all tokens of an empty store shouldn't error. got: %q ", err) +// } +// if len(results) != 2 { +// t.Errorf("result length mismatch listing keys after adding second key. expected 2, got: %d", len(results)) +// } + +// expect := []ucan.RawToken{ +// { +// Key: "_root", +// Raw: "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJRbVdZZ0Q0OXI5SG51WEVwcFFFcTFhN1NVVXJ5amE0UU5zOUU2WENIMlBheUNEIiwidXNlcm5hbWUiOiJsb2NhbF91c2VyIn0.hu1B92X8cLBRNtNNiwm_qn4T-s8WlDlsa0swNgeyUPJ921LfojmHobkuW4oRvNEjkq_OP2gkaZ_F0YyUgAM8K-pVg30L-jNG9cqA1EUx4cQ90ZSbMxvXzRmBevBa3Wq-RHErnGw-K7EvtZfuPrp60LuDBKkGCuAwfKV8D9O-6U4lrragFgfw3zWRdovnb28fO2W6sqP8azGDcY8klpysjx7W4V-qVynJ981_ex_G1wPbk1dov59MDlY6yoxt1rucyF5-f4oo9jv6k194Tigw3Uv6JR889kK5x87ruiApghfQIBosAd-hm79Xz0RmLahykoZZTbVASW6NcIPvqvZ5TA", +// }, +// { +// Key: secondKey, +// Raw: "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOi02MjEzNTU5NjgwMCwic3ViIjoiUW1XWWdENDlyOUhudVhFcHBRRXExYTdTVVVyeWphNFFOczlFNlhDSDJQYXlDRCIsInVzZXJuYW1lIjoidXNlcl8yIn0.V4ZlinPrjRBf6EiZPylrigXHEQ-5k8e54-G5o1OQEu9hAWmZAGlm5OdcAfWRLueWR8bk_9NFYwAzg7CaSvM0suPqHlFbCXS0tQynG3m9ptu_bucfEAaDdoNmBMyPrB7w6rLauFVh0TcwiTRV3KkrzbeKdo0Q6fDoRFy5ZuP5zPDxt_UOC50zIpdw5F4MH3OBbfjjfpR0XA8Q1tslOg5JWh21pCR-C8gyC5jJ9ilNsdwggXY0mkHl9f0utwMewPfC6b7i01t9kVtknI5Wg6dq_CuZlDuOs83LcL6xThRBiosmFZ-2I3b8nSPxfg_gouOBOSa5yFOcYxJsHHDKe-RIfw", +// }, +// } + +// if diff := cmp.Diff(expect, results); diff != "" { +// t.Errorf("mistmatched list keys results. (-want +got):\n%s", diff) +// } + +// results, err = store.ListTokens(ctx, 1, 1) +// if err != nil { +// t.Errorf("listing all tokens of an empty store shouldn't error. got: %q ", err) +// } +// if len(results) != 1 { +// t.Errorf("result length mismatch listing keys after adding `root` key. expected 1, got: %d", len(results)) +// } + +// if diff := cmp.Diff(expect[1:], results); diff != "" { +// t.Errorf("mistmatched list keys with offset=1, limit=1. results. (-want +got):\n%s", diff) +// } + +// if err := store.DeleteToken(ctx, secondKey); err != nil { +// t.Errorf("store.DeleteToken shouldn't error for existing key. got: %q", err) +// } + +// _, err = store.RawToken(ctx, secondKey) +// if !errors.Is(err, ucan.ErrTokenNotFound) { +// t.Errorf("store.RawToken() for a just-deleted key must return a wrap of ucan.ErrTokenNotFound. got: %q", err) +// } +// } diff --git a/store.go b/store.go new file mode 100644 index 0000000..3b6eecb --- /dev/null +++ b/store.go @@ -0,0 +1,141 @@ +package ucan + +import ( + "context" + "encoding/json" + "errors" + "fmt" + "sort" + "sync" + + "github.com/dgrijalva/jwt-go" + "github.com/ipfs/go-cid" +) + +// ErrTokenNotFound is returned by stores that cannot find an access token +// for a given key +var ErrTokenNotFound = errors.New("access token not found") + +// TokenStore is a store intended for clients, who need to persist jwts. +// It deals in raw, string-formatted json web tokens, which are more useful +// when working with APIs, but validates the tokens are well-formed when placed +// in the store +// +// implementations of TokenStore must conform to the assertion test defined +// in the spec subpackage +type TokenStore interface { + PutToken(ctx context.Context, key, rawToken string) error + RawToken(ctx context.Context, key string) (rawToken string, err error) + DeleteToken(ctx context.Context, key string) (err error) + ListTokens(ctx context.Context, offset, limit int) (results []RawToken, err error) +} + +// RawToken is a struct that binds a key to a raw token string +type RawToken struct { + Key string + Raw string +} + +// RawTokens is a list of tokens that implements sorting by keys +type RawTokens []RawToken + +func (rts RawTokens) Len() int { return len(rts) } +func (rts RawTokens) Less(a, b int) bool { return rts[a].Key < rts[b].Key } +func (rts RawTokens) Swap(i, j int) { rts[i], rts[j] = rts[j], rts[i] } + +type memTokenStore struct { + toksLk sync.Mutex + toks map[string]string +} + +var ( + _ TokenStore = (*memTokenStore)(nil) + _ CIDBytesResolver = (*memTokenStore)(nil) +) + +// NewMemTokenStore creates an in-memory token store +func NewMemTokenStore() TokenStore { + return &memTokenStore{ + toks: map[string]string{}, + } +} + +// MarshalJSON implements the json.Marshaller interface +func (st *memTokenStore) MarshalJSON() ([]byte, error) { + return json.Marshal(st.toRawTokens()) +} + +func (st *memTokenStore) PutToken(ctx context.Context, key string, raw string) error { + p := &jwt.Parser{ + UseJSONNumber: true, + SkipClaimsValidation: false, + } + if _, _, err := p.ParseUnverified(raw, jwt.MapClaims{}); err != nil { + return fmt.Errorf("%w: %s", ErrInvalidToken, err) + } + + st.toksLk.Lock() + defer st.toksLk.Unlock() + + st.toks[key] = raw + return nil +} + +func (st *memTokenStore) ResolveCIDBytes(ctx context.Context, id cid.Cid) ([]byte, error) { + rt, err := st.RawToken(ctx, id.String()) + if err != nil { + return nil, err + } + return []byte(rt), nil +} + +func (st *memTokenStore) RawToken(ctx context.Context, key string) (rawToken string, err error) { + t, ok := st.toks[key] + if !ok { + return "", ErrTokenNotFound + } + return t, nil +} + +func (st *memTokenStore) DeleteToken(ctx context.Context, key string) (err error) { + st.toksLk.Lock() + defer st.toksLk.Unlock() + + if _, ok := st.toks[key]; !ok { + return ErrTokenNotFound + } + delete(st.toks, key) + return nil +} + +func (st *memTokenStore) ListTokens(ctx context.Context, offset, limit int) ([]RawToken, error) { + var results []RawToken + + toks := st.toRawTokens() + for i := 0; i < len(toks); i++ { + if offset > 0 { + offset-- + continue + } + results = append(results, toks[i]) + if limit > 0 && len(results) == limit { + break + } + } + + return results, nil +} + +func (st *memTokenStore) toRawTokens() RawTokens { + toks := make(RawTokens, len(st.toks)) + i := 0 + for key, t := range st.toks { + toks[i] = RawToken{ + Key: key, + Raw: t, + } + i++ + } + sort.Sort(toks) + return toks +} diff --git a/store_test.go b/store_test.go new file mode 100644 index 0000000..abaf14e --- /dev/null +++ b/store_test.go @@ -0,0 +1,16 @@ +package ucan_test + +import ( + "testing" +) + +func TestTokenStore(t *testing.T) { + + // ucan_spec.AssertTokenStoreSpec(t, func(ctx context.Context) ucan.TokenStore { + // ts, err := ucan.NewTokenStore("tokens.json", fs) + // if err != nil { + // panic(err) + // } + // return ts + // }) +} diff --git a/token.go b/token.go new file mode 100644 index 0000000..38f5775 --- /dev/null +++ b/token.go @@ -0,0 +1,345 @@ +package ucan + +import ( + "context" + "crypto/rsa" + "crypto/x509" + "encoding/base64" + "errors" + "fmt" + "strings" + "time" + + "github.com/dgrijalva/jwt-go" + "github.com/ipfs/go-cid" + "github.com/libp2p/go-libp2p-core/crypto" + mh "github.com/multiformats/go-multihash" +) + +// ErrInvalidToken indicates an access token is invalid +var ErrInvalidToken = errors.New("invalid access token") + +const ( + // UCANVersion is the current version of the UCAN spec + UCANVersion = "0.4.0" + // UCANVersionKey is the key used in version headers for the UCAN spec + UCANVersionKey = "ucv" +) + +type UCAN struct { + // Entire UCAN as a signed JWT string + Raw string + + // the "inputs" to this token, a chain UCAN tokens with broader scopes & + // deadlines than this token + Proofs []Proof `json:"prf,omitempty"` + // the "outputs" of this token, an array of heterogenous resources & + // capabilities + Attenuations Attenuations `json:"att,omitempty"` + // Facts are facts, jack. + Facts []Fact `json:"fct,omitempty"` +} + +// CID calculates the cid of a UCAN using the default prefix +func (t *UCAN) CID() (cid.Cid, error) { + pref := cid.Prefix{ + Version: 1, + Codec: cid.Raw, + MhType: mh.SHA2_256, + MhLength: -1, // default length + } + + return t.PrefixCID(pref) +} + +// PrefixCID calculates the CID of a token with a supplied prefix +func (t *UCAN) PrefixCID(pref cid.Prefix) (cid.Cid, error) { + return pref.Sum([]byte(t.Raw)) +} + +type Proof string + +func (prf Proof) IsCID() bool { + if _, err := cid.Decode(string(prf)); err == nil { + return true + } + return false +} + +type Fact struct { + cidString string + value map[string]interface{} +} + +// func (fct *Fact) MarshalJSON() (p[]) + +// func (fct *Fact) UnmarshalJSON(p []byte) error { +// var str string +// if json.Unmarshal(p, &str); err == nil { + +// } +// } + +type CIDBytesResolver interface { + ResolveCIDBytes(ctx context.Context, id cid.Cid) ([]byte, error) +} + +// UCANSource creates tokens, and provides a verification key for all tokens +// it creates +// +// implementations of UCANSource must conform to the assertion test defined +// in the spec subpackage +type UCANSource interface { + NewRootUCAN(subjectDID string, att Attenuations, fct []Fact, notBefore, expires time.Time) (*UCAN, error) + NewAttenuatedUCAN(parent *UCAN, subjectDID string, att Attenuations, fct []Fact, notBefore, expires time.Time) (*UCAN, error) +} + +type UCANClaims struct { + *jwt.StandardClaims + // the "inputs" to this token, a chain UCAN tokens with broader scopes & + // deadlines than this token + Proofs []Proof `json:"prf,omitempty"` + // the "outputs" of this token, an array of heterogenous resources & + // capabilities + Attenuations Attenuations `json:"att,omitempty"` + // Facts are facts, jack. + Facts []Fact `json:"fct,omitempty"` +} + +type pkUCANSource struct { + pk crypto.PrivKey + issuerDID string + signingMethod jwt.SigningMethod + verifyKey *rsa.PublicKey + signKey *rsa.PrivateKey + + ap AttenuationConstructor + resolver CIDBytesResolver + store TokenStore +} + +// assert pkUCANSource implements tokens at compile time +var _ UCANSource = (*pkUCANSource)(nil) + +// NewPrivKeyUCANSource creates an authentication interface backed by a single +// private key. Intended for a node running as remote, or providing a public API +func NewPrivKeyUCANSource(privKey crypto.PrivKey) (UCANSource, error) { + methodStr := "" + keyType := privKey.Type().String() + switch keyType { + case "RSA": + methodStr = "RS256" + default: + return nil, fmt.Errorf("unsupported key type for token creation: %q", keyType) + } + + signingMethod := jwt.GetSigningMethod(methodStr) + + rawPrivBytes, err := privKey.Raw() + if err != nil { + return nil, err + } + signKey, err := x509.ParsePKCS1PrivateKey(rawPrivBytes) + if err != nil { + return nil, err + } + + rawPubBytes, err := privKey.GetPublic().Raw() + if err != nil { + return nil, err + } + verifyKeyiface, err := x509.ParsePKIXPublicKey(rawPubBytes) + if err != nil { + return nil, err + } + verifyKey, ok := verifyKeyiface.(*rsa.PublicKey) + if !ok { + return nil, fmt.Errorf("public key is not an RSA key. got type: %T", verifyKeyiface) + } + + issuerDID, err := DIDStringFromPublicKey(privKey.GetPublic()) + if err != nil { + return nil, err + } + + return &pkUCANSource{ + pk: privKey, + signingMethod: signingMethod, + verifyKey: verifyKey, + signKey: signKey, + issuerDID: issuerDID, + }, nil +} + +func (a *pkUCANSource) NewRootUCAN(subjectDID string, att Attenuations, fct []Fact, nbf, exp time.Time) (*UCAN, error) { + return a.newUCAN(subjectDID, nil, att, fct, nbf, exp) +} + +func (a *pkUCANSource) NewAttenuatedUCAN(parent *UCAN, subjectDID string, att Attenuations, fct []Fact, nbf, exp time.Time) (*UCAN, error) { + if !parent.Attenuations.Contains(att) { + return nil, fmt.Errorf("scope of ucan attenuations must be less than it's parent") + } + return a.newUCAN(subjectDID, append(parent.Proofs, Proof(parent.Raw)), att, fct, nbf, exp) +} + +// CreateToken returns a new JWT token +func (a *pkUCANSource) newUCAN(subjectDID string, prf []Proof, att Attenuations, fct []Fact, nbf, exp time.Time) (*UCAN, error) { + // create a signer for rsa 256 + t := jwt.New(a.signingMethod) + + // if _, err := did.Parse(subjectDID); err != nil { + // return nil, fmt.Errorf("invalid subject DID: %w", err) + // } + + t.Header[UCANVersionKey] = UCANVersion + + var ( + nbfUnix int64 + expUnix int64 + ) + + if !nbf.IsZero() { + nbfUnix = nbf.Unix() + } + if !exp.IsZero() { + expUnix = exp.Unix() + } + + // set our claims + t.Claims = &UCANClaims{ + StandardClaims: &jwt.StandardClaims{ + Issuer: a.issuerDID, + Subject: subjectDID, + NotBefore: nbfUnix, + // set the expire time + // see http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-20#section-4.1.4 + ExpiresAt: expUnix, + }, + Attenuations: att, + Facts: fct, + Proofs: prf, + } + + raw, err := t.SignedString(a.signKey) + if err != nil { + return nil, err + } + + return &UCAN{ + Raw: raw, + Attenuations: att, + Facts: fct, + Proofs: prf, + }, nil +} + +type DIDPubKeyResolver interface { + ResolveDIDKey(ctx context.Context, did string) (crypto.PubKey, error) +} + +func DIDStringFromPublicKey(pub crypto.PubKey) (string, error) { + rawPubBytes, err := pub.Raw() + if err != nil { + return "", err + } + return fmt.Sprintf("did:key:%s", base64.URLEncoding.EncodeToString(rawPubBytes)), nil +} + +type StringDIDPubKeyResolver struct{} + +func (StringDIDPubKeyResolver) ResolveDIDKey(ctx context.Context, didStr string) (crypto.PubKey, error) { + // id, err := did.Parse(didStr) + // if err != nil { + // return nil, fmt.Errorf("invalid DID: %w", err) + // } + + data, err := base64.URLEncoding.DecodeString(strings.TrimPrefix(didStr, "did:key:")) + if err != nil { + return nil, err + } + + return crypto.UnmarshalRsaPublicKey(data) +} + +type UCANParser struct { + ap AttenuationConstructor + cidr CIDBytesResolver + didr DIDPubKeyResolver +} + +func NewUCANParser(ap AttenuationConstructor, didr DIDPubKeyResolver, cidr CIDBytesResolver) *UCANParser { + return &UCANParser{ + ap: ap, + cidr: cidr, + didr: didr, + } +} + +// ParseAndVerify will parse, validate and return a token +func (p *UCANParser) ParseAndVerify(ctx context.Context, raw string) (*UCAN, error) { + tok, err := jwt.Parse(raw, p.matchVerifyKeyFunc(ctx)) + if err != nil { + return nil, err + } + + mc, ok := tok.Claims.(jwt.MapClaims) + if !ok { + return nil, fmt.Errorf("parser fail") + } + + var att Attenuations + if acci, ok := mc["att"].([]interface{}); ok { + for i, a := range acci { + if mapv, ok := a.(map[string]interface{}); ok { + a, err := p.ap(mapv) + if err != nil { + return nil, err + } + att = append(att, a) + } else { + return nil, fmt.Errorf(`"acc[%d]" is not an object`, i) + } + } + } else { + return nil, fmt.Errorf(`"acc" key is not an array`) + } + + return &UCAN{ + Raw: raw, + Attenuations: att, + }, nil +} + +func (p *UCANParser) matchVerifyKeyFunc(ctx context.Context) func(tok *jwt.Token) (interface{}, error) { + return func(tok *jwt.Token) (interface{}, error) { + mc, ok := tok.Claims.(jwt.MapClaims) + if !ok { + return nil, fmt.Errorf("parser fail") + } + + iss, ok := mc["iss"].(string) + if !ok { + return nil, fmt.Errorf(`"iss" claims key is required`) + } + + pubKey, err := p.didr.ResolveDIDKey(ctx, iss) + if err != nil { + return nil, err + } + + rawPubBytes, err := pubKey.Raw() + if err != nil { + return nil, err + } + verifyKeyiface, err := x509.ParsePKIXPublicKey(rawPubBytes) + if err != nil { + return nil, err + } + verifyKey, ok := verifyKeyiface.(*rsa.PublicKey) + if !ok { + return nil, fmt.Errorf("public key is not an RSA key. got type: %T", verifyKeyiface) + } + + return verifyKey, nil + } +} diff --git a/token_test.go b/token_test.go new file mode 100644 index 0000000..049f03e --- /dev/null +++ b/token_test.go @@ -0,0 +1,122 @@ +package ucan_test + +import ( + "context" + "encoding/base64" + "fmt" + "testing" + "time" + + "github.com/libp2p/go-libp2p-core/crypto" + "github.com/qri-io/ucan" +) + +const ( + keyOneBase64Std = "CAASqAkwggSkAgEAAoIBAQChp1HiZxTsLQCaHmW3/cc2ZDZpgLwn5o1/nZPgqT7SyXHP5bn7GQMG3kPEQWcl4nhtLX9hkrBEskHrdIlqp9zXFMwBfat+qfzCylGC/QBDF7wT9umLd7nbq7pAxQXteXgntt2Zhg4gE/kEk7vIyL+P9KpWJZ/yjpykgsDC7NPnrr8qZBo2tL0F4w+33nZhEx7Pp7Rnaq22JM8rF+NHCgSkUh63lp7Vhwm9PQoGtt0XTnEKxrMQnUme/IhGNxs84RphxHc5+nW6jYjgm5bcJonGyPU7bq+v51Mr2Ol4RT3L9ZNJgz0SWTSmAtiBLx2ryLrTjmDPSvN7wLm9sWEdWmRVAgMBAAECggEBAJMumrl+jWgz2TZ5sreBEp6NQ5VvpuDVY8PrnzaQIikdTMizK1BaB417VUwdGGM//dG5+R7HxkHl42sT4gH/8GzL/Krm1vwunXplZy3SWSi9NXsf9qgLTGebxasvOCRt0l6mesFLcxT12ma2c+VuEixp4aUqAKWB/1Ex03wm0RFBcSttPHe5ODW8Eaz+ZU8cpObEcZdCIPVxeWqLVdkAImOmsknL0EAxP8Wo/V6Rh5Cg4PnwnfJiQ45C+m6h7NTIw0H4UOncv7EBABra6LqF6Uoda9vmv8CpwaXwR557DPchQglFjtm48jWGeVKO3Zyutizu420eRrFZ0GmJo5flvkkCgYEA0SLysOZNxDgjYA0ihVYL6UbCvYUSADuDyTWREOUiRfmxAmS1xN9o7fieCJnA4aAAnSugtT2BI7HEqT1lLz0YF8NRDKL07TNbkmNLIHXBbXA5saf10N2juhflfIm5/b/W9lC3QsngMR27J25Ztqof6Ur36bIKJ6Y6XvYdlkkZkc8CgYEAxeCHUWMvtHtBID9ZOtrZRNhNJ/uz+2rzVSPd6ZdhEUWsvv/0p7JXmSAp2eoJDDKHeSnVxcxQMqhq0/edUSSzSvDpWha8UU4N8hRpu+M0XZNke0ijhpK6NIqNHPvZdsyFD0VR1Vaj2Ruy+pzih6PhqSnn2ZwvpQJAwBnqc2VCJJsCgYAkQr33hAbpxZ4EkmJw4elwye8L8x2a4rbH1TzQxBm8Lj3Nn26Qsve7gwbLkPULabWRirXzlrVkXfcuLNH1bc9Wl2vfGAYFdokjCYpGF4SxF+s47VlGnJc9tdT5UdvorjF0RaxwrRXtDi2b+Zsee8LKrU/sugzesQif3GZm30fKqwKBgQCQHwHP+HMFfAQqLZma8UzwBK7loUEsrHAAoff+K8CKKPoxvxD9lzqQD8oLqpbeaGsdh6fowe/jhaERM7dEI3vm6GK9t/N/MF+d4tpD+67nPPQhiv13haTTodo3swNnsHx1a+K3hLwf5DnOqLehXW59nET+zPAyudpZUEbft2+eYwKBgCMS6SitXwa2UjFNgkMAaOeJjkjnUKcr1tO/zPtaYPugKgkMQB890q4dcq5rnG2onhJ7hkoMwcrFugbD2nub9AIkaMc6Y46jyh2mSeA0337MpoMp99Jmp2/B1rouYo4IRS25b7jk22yjV8ARCzsxFVQxEwA1Lg8YpaXaifuI+/2O" + keyTwoBase64Std = "CAASqAkwggSkAgEAAoIBAQDE6jTAXSR6TbBb2rfkosYR0XIrmR9sH/0HJI75xq55DIJGBVcl0ki+9nKLUOCi/pC487BP4ZzSsdTctThrINbIYEu3xe1lggFwNvzFlSag8sc/F97nooGbXpXIBUngVIVqdUT8idNAPZYiO1fEnxcb51hGP9K7h1cnFAfwzsKqJhs/BF6EioS7l0uXlKU6BPoRLVcjGOYtSJAgHOkhlaa+ISeDHK5Iy8ggoasZ0lezHKW9A3PZ5vrIA+PwiJSRihTMm966kzyizDY3/hI5tdEfJYJMsdqyklyaSsq55RY62otsL6wLKjGctyPV30ZLUSdI2kZuyO2w/ok95GOMJqWPAgMBAAECggEBAKwX89pajNLGqubcE/MhvvE7lwg7XpbkrgJcFQh+d2UbZY9Eg5FuYl1ijWDsYiaRTHIXp3NoveH1wQ7S4mfd31hnsEUAGiWopREpPWiAna3z/+ZIOms+Pv9Gfqi81n/T3nXX317GJXXzXQ61xlL0pwGgAioDBW0XLzfb7cSrLr373N5BQp6j/Et8C6oWnT48LOBr7TIE3unjVC/g64LjRJ24Ry5XZAJno8kUjvX/qg6LB2sqLLbA6R8FeCwszRCXTBzIdTbadX4FkPKpI7NrfCfOLG/L+Zf2LJEfAw/vBi+F7jBq4Rt9qvyjJj7/1oJrJ6QGESmFdbPGX+HgbwF0a0ECgYEA+t7IJKQf8deZceMDJ/jucy1ZSJwW9iv9CYMt6rxCBFNaOpEk1E+zP6Kz5wsqPXUSf5dTpDBH/vm0D255rmwVz0Tpx7xRKokvAYcjTexZehxzhqPdZymcPRZIF9V7Iyln9qUAJuLUf2MwnMbMl69/Poz/dq+iK3+HpnLnxg1RBRcCgYEAyPD8l9h8C7Jp1uOPb65IVwbm7dZJ7e/My3vjsoVewcoHZA6P4N21MPllI61VRZr3Z1uMDhbwmUvp2wtOTtXuAImERs2PFszG9NQQyNvRqNMzMFH+MOcXiQ3/Ws9zfK8reKmufD5ZNQe+HcgWLfIuy7iOt0p7xggTYGewZVlYnkkCgYBPWkzAmlGoc+QLjB0hdbInKH8HYqg4se1WJvJNP8M6DwuJXwPhTFyMknCJcpSn3/I7/aftVYBQfLeh8fX3YCT97PRtw3mBFOeTeiWGrm4XHAzG1+peiWDsSbIAJ/zNQHmsIMENi85fhQaJcLCiglajeIIODrwjOjG0SsBZezjXfQKBgHWl+w5glsg2bpd9ZsbJsNsbVGveMizYYPymjbtBMSifQ9KGYCEVTffdnSTVYH6/a6kdRZQeREJM2x//r5qi0JWJ7mOSCPwda0N/QlCHu2pwNaFN8FjrhLEe++pMWd6fpQEhv+JIkuxkmyBOvQWrrVBjv1N7jZp1sfqY2wOL20HZAoGBANMrTbs2YZW+Jy3WmGEm/MMI5VKr1ajbyJoFAEOVEggSAchI3B/E9HhTN7vOC44WMHgOVgCdZfqQoRjfJIOqvcVzPsFXUV8hi0kCsk6+RWMuiIwW1LDGi/LXJT6gkkfzPs4gAyCJ3tEmPWkOlgtORhb1zLRJsuudeHst5Of12A/b" +) + +var ( + keyOne crypto.PrivKey + keyTwo crypto.PrivKey +) + +func init() { + var err error + keyOneBytes, err := base64.StdEncoding.DecodeString(keyOneBase64Std) + if err != nil { + panic(err) + } + if keyOne, err = crypto.UnmarshalPrivateKey(keyOneBytes); err != nil { + panic(err) + } + keyTwoBytes, err := base64.StdEncoding.DecodeString(keyOneBase64Std) + if err != nil { + panic(err) + } + if keyTwo, err = crypto.UnmarshalPrivateKey(keyTwoBytes); err != nil { + panic(err) + } +} + +func TestPrivKeyTokens(t *testing.T) { + tokens, err := ucan.NewPrivKeyUCANSource(keyOne) + if err != nil { + t.Fatal(err) + } + + didStr, err := ucan.DIDStringFromPublicKey(keyOne.GetPublic()) + if err != nil { + t.Fatal(err) + } + + caps := ucan.NewNestedCapabilities("SUPER_USER", "OVERWRITE", "SOFT_DELETE", "REVISE", "CREATE") + att := ucan.Attenuations{ + {caps.Cap("SUPER_USER"), ucan.NewStringLengthResource("api", "*")}, + {caps.Cap("SUPER_USER"), ucan.NewStringLengthResource("dataset", "b5:world_bank_population:*")}, + } + zero := time.Time{} + + token, err := tokens.NewRootUCAN(didStr, att, nil, zero, zero) + if err != nil { + t.Fatal(err) + } + + expect := `eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInVjdiI6IjAuNC4wIn0.eyJpc3MiOiJkaWQ6a2V5Ok1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBb2FkUjRtY1U3QzBBbWg1bHRfM0hObVEyYVlDOEotYU5mNTJUNEtrLTBzbHh6LVc1LXhrREJ0NUR4RUZuSmVKNGJTMV9ZWkt3UkxKQjYzU0phcWZjMXhUTUFYMnJmcW44d3NwUmd2MEFReGU4RV9icGkzZTUyNnU2UU1VRjdYbDRKN2JkbVlZT0lCUDVCSk83eU1pX2pfU3FWaVdmOG82Y3BJTEF3dXpUNTY2X0ttUWFOclM5QmVNUHQ5NTJZUk1lejZlMFoycXR0aVRQS3hmalJ3b0VwRklldDVhZTFZY0p2VDBLQnJiZEYwNXhDc2F6RUoxSm52eUlSamNiUE9FYVljUjNPZnAxdW8ySTRKdVczQ2FKeHNqMU8yNnZyLWRUSzlqcGVFVTl5X1dUU1lNOUVsazBwZ0xZZ1M4ZHE4aTYwNDVnejByemU4QzV2YkZoSFZwa1ZRSURBUUFCIiwic3ViIjoiZGlkOmtleTpNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQW9hZFI0bWNVN0MwQW1oNWx0XzNITm1RMmFZQzhKLWFOZjUyVDRLay0wc2x4ei1XNS14a0RCdDVEeEVGbkplSjRiUzFfWVpLd1JMSkI2M1NKYXFmYzF4VE1BWDJyZnFuOHdzcFJndjBBUXhlOEVfYnBpM2U1MjZ1NlFNVUY3WGw0SjdiZG1ZWU9JQlA1QkpPN3lNaV9qX1NxVmlXZjhvNmNwSUxBd3V6VDU2Nl9LbVFhTnJTOUJlTVB0OTUyWVJNZXo2ZTBaMnF0dGlUUEt4ZmpSd29FcEZJZXQ1YWUxWWNKdlQwS0JyYmRGMDV4Q3NhekVKMUpudnlJUmpjYlBPRWFZY1IzT2ZwMXVvMkk0SnVXM0NhSnhzajFPMjZ2ci1kVEs5anBlRVU5eV9XVFNZTTlFbGswcGdMWWdTOGRxOGk2MDQ1Z3owcnplOEM1dmJGaEhWcGtWUUlEQVFBQiIsImF0dCI6W3siYXBpIjoiKiIsImNhcCI6IlNVUEVSX1VTRVIifSx7ImNhcCI6IlNVUEVSX1VTRVIiLCJkYXRhc2V0IjoiYjU6d29ybGRfYmFua19wb3B1bGF0aW9uOioifV19.Z32-i-pGAtPRsG0JW4ZS8-c17x3mX3kFrmZ0BYhyWk2JH4QMwXFRtkUl8xVQtrC3JigeQeaDiz-WTUSFqJIs5dunL1Xf_SXqq8SZ7NCh6u6OEo2L1BnQkwdO8kDsFoiF42byWDBwzHRog0N-pRXgMhlo8si6Pek4KAZokQ5F-8FuLb3MXXxc9-FnhGRsKgGt_bNWS322h5gXCaXJAzbdAHwGSlORCCJI4CrbWUHs03i4viun2Ht01JO-p4ySlut6YyQ_vW4NGNSAAXGeR-ggkB0B6TGgt695CxX1zgQKV7X6JZx-NF_J-OXCIWngCfr6VdRv1_ADce9s1ODEm2N7eA` + if expect != token.Raw { + t.Errorf("token mismatch. expected: %q.\ngot: %q", expect, token.Raw) + } + + // tokenWithExpiryString, err := tokens.CreateToken(pro, time.Hour) + // expect = `eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOi02MjEzNTU5MzIwMCwic3ViIjoiUW1lTDJtZFZrYTFlYWhLRU5qZWhLNnRCeGtrcGs1ZE5RMXFNY2dXaTdIcmI0QiIsInVzZXJuYW1lIjoiZG91ZyJ9.d7XPhsj7hkyxg1JzC59hfu90RYem5q6Pie-ofJhdlGk_sY5bH8gcqG90LndMh4_LglEvtrwf_SVFcM1b78qhNon_Yo91kG_K_MmyExa-AlpY65Ji_kpRWcnI8hl-mxrZ2MzxPjvAEOa6c80DUWgTFKlkrgf9RnZlqq-nHnxHHXbVKYI3girsDgWynaIhR53yMBDIhbTCZaQ8XKtU_Pr0L1dJAW7YvOo2H01VM4LI_UQqhCmEbTnQX1Zee0tg88IMzLl7WsdNNOzUsf7dCYWGerLtzxGbxR0wweXbqVJBlzIl0Upke8-FBuZIbcdGSniy4DX643KrNnp_FnzQ8oBHTA` + // if expect != tokenWithExpiryString { + // t.Errorf("token mismatch. expected: %q.\ngot: %q", expect, tokenWithExpiryString) + // } +} + +func TestTokenSource(t *testing.T) { + // ucan_spec.AssertTokenSourceSpec(t, func(ctx context.Context) ucan.TokenSource { + // source, err := ucan.NewPrivKeyTokenSource(peerInfo.PrivKey) + // if err != nil { + // panic(err) + // } + // return source + // }) +} + +func TestTokenParse(t *testing.T) { + raw := `eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInVjdiI6IjAuNC4wIn0.eyJpc3MiOiJkaWQ6a2V5Ok1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBb2FkUjRtY1U3QzBBbWg1bHRfM0hObVEyYVlDOEotYU5mNTJUNEtrLTBzbHh6LVc1LXhrREJ0NUR4RUZuSmVKNGJTMV9ZWkt3UkxKQjYzU0phcWZjMXhUTUFYMnJmcW44d3NwUmd2MEFReGU4RV9icGkzZTUyNnU2UU1VRjdYbDRKN2JkbVlZT0lCUDVCSk83eU1pX2pfU3FWaVdmOG82Y3BJTEF3dXpUNTY2X0ttUWFOclM5QmVNUHQ5NTJZUk1lejZlMFoycXR0aVRQS3hmalJ3b0VwRklldDVhZTFZY0p2VDBLQnJiZEYwNXhDc2F6RUoxSm52eUlSamNiUE9FYVljUjNPZnAxdW8ySTRKdVczQ2FKeHNqMU8yNnZyLWRUSzlqcGVFVTl5X1dUU1lNOUVsazBwZ0xZZ1M4ZHE4aTYwNDVnejByemU4QzV2YkZoSFZwa1ZRSURBUUFCIiwic3ViIjoiZGlkOmtleTpNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQW9hZFI0bWNVN0MwQW1oNWx0XzNITm1RMmFZQzhKLWFOZjUyVDRLay0wc2x4ei1XNS14a0RCdDVEeEVGbkplSjRiUzFfWVpLd1JMSkI2M1NKYXFmYzF4VE1BWDJyZnFuOHdzcFJndjBBUXhlOEVfYnBpM2U1MjZ1NlFNVUY3WGw0SjdiZG1ZWU9JQlA1QkpPN3lNaV9qX1NxVmlXZjhvNmNwSUxBd3V6VDU2Nl9LbVFhTnJTOUJlTVB0OTUyWVJNZXo2ZTBaMnF0dGlUUEt4ZmpSd29FcEZJZXQ1YWUxWWNKdlQwS0JyYmRGMDV4Q3NhekVKMUpudnlJUmpjYlBPRWFZY1IzT2ZwMXVvMkk0SnVXM0NhSnhzajFPMjZ2ci1kVEs5anBlRVU5eV9XVFNZTTlFbGswcGdMWWdTOGRxOGk2MDQ1Z3owcnplOEM1dmJGaEhWcGtWUUlEQVFBQiIsImF0dCI6W3siYXBpIjoiKiIsImNhcCI6IlNVUEVSX1VTRVIifSx7ImNhcCI6IlNVUEVSX1VTRVIiLCJkYXRhc2V0IjoiYjU6d29ybGRfYmFua19wb3B1bGF0aW9uOioifV19.Z32-i-pGAtPRsG0JW4ZS8-c17x3mX3kFrmZ0BYhyWk2JH4QMwXFRtkUl8xVQtrC3JigeQeaDiz-WTUSFqJIs5dunL1Xf_SXqq8SZ7NCh6u6OEo2L1BnQkwdO8kDsFoiF42byWDBwzHRog0N-pRXgMhlo8si6Pek4KAZokQ5F-8FuLb3MXXxc9-FnhGRsKgGt_bNWS322h5gXCaXJAzbdAHwGSlORCCJI4CrbWUHs03i4viun2Ht01JO-p4ySlut6YyQ_vW4NGNSAAXGeR-ggkB0B6TGgt695CxX1zgQKV7X6JZx-NF_J-OXCIWngCfr6VdRv1_ADce9s1ODEm2N7eA` + + caps := ucan.NewNestedCapabilities("SUPER_USER", "OVERWRITE", "SOFT_DELETE", "REVISE", "CREATE") + + ac := func(m map[string]interface{}) (ucan.Attenuation, error) { + var ( + cap string + rsc ucan.Resource + ) + for key, vali := range m { + val, ok := vali.(string) + if !ok { + return ucan.Attenuation{}, fmt.Errorf(`expected attenuation value to be a string`) + } + + if key == ucan.CapKey { + cap = val + } else { + rsc = ucan.NewStringLengthResource(key, val) + } + } + + return ucan.Attenuation{ + Rsc: rsc, + Cap: caps.Cap(cap), + }, nil + } + + store := ucan.NewMemTokenStore() + p := ucan.NewUCANParser(ac, ucan.StringDIDPubKeyResolver{}, store.(ucan.CIDBytesResolver)) + _, err := p.ParseAndVerify(context.Background(), raw) + if err != nil { + t.Error(err) + } +}