wip API exploration
This commit is contained in:
Michael Muré
@@ -153,6 +153,24 @@ func (t *Token) Expiration() *time.Time {
|
||||
return t.expiration
|
||||
}
|
||||
|
||||
// IsValidNow verifies that the token can be used at the current time, based on expiration or "not before" fields.
|
||||
// This does NOT do any other kind of verifications.
|
||||
func (t *Token) IsValidNow() bool {
|
||||
return t.IsValidAt(time.Now())
|
||||
}
|
||||
|
||||
// IsValidNow verifies that the token can be used at the given time, based on expiration or "not before" fields.
|
||||
// This does NOT do any other kind of verifications.
|
||||
func (t *Token) IsValidAt(ti time.Time) bool {
|
||||
if t.expiration == nil && ti.After(*t.expiration) {
|
||||
return false
|
||||
}
|
||||
if t.notBefore != nil && ti.Before(*t.notBefore) {
|
||||
return false
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
func (t *Token) validate() error {
|
||||
var errs error
|
||||
|
||||
|
||||
@@ -2,11 +2,11 @@ package token
|
||||
|
||||
import (
|
||||
"io"
|
||||
"time"
|
||||
|
||||
"github.com/ipfs/go-cid"
|
||||
"github.com/ipld/go-ipld-prime/codec"
|
||||
"github.com/libp2p/go-libp2p/core/crypto"
|
||||
|
||||
"github.com/ucan-wg/go-ucan/did"
|
||||
"github.com/ucan-wg/go-ucan/pkg/meta"
|
||||
)
|
||||
@@ -18,6 +18,19 @@ type Token interface {
|
||||
Issuer() did.DID
|
||||
// Meta returns the Token's metadata.
|
||||
Meta() meta.ReadOnly
|
||||
// TODO: not sure we actually need that interface
|
||||
|
||||
// IsValidNow verifies that the token can be used at the current time, based on expiration or "not before" fields.
|
||||
// This does NOT do any other kind of verifications.
|
||||
IsValidNow() bool
|
||||
// IsValidNow verifies that the token can be used at the given time, based on expiration or "not before" fields.
|
||||
// This does NOT do any other kind of verifications.
|
||||
IsValidAt(t time.Time) bool
|
||||
|
||||
// // Issuer returns the did.DID representing the Token's issuer.
|
||||
// Issuer() did.DID
|
||||
// // Meta returns the Token's metadata.
|
||||
// Meta() *meta.Meta
|
||||
}
|
||||
|
||||
type Marshaller interface {
|
||||
|
||||
@@ -187,8 +187,7 @@ func FromIPLD[T Tokener](node datamodel.Node) (T, error) {
|
||||
return zero, errors.New("the VarsigHeader key type doesn't match the issuer's key type")
|
||||
}
|
||||
|
||||
// TODO: this re-encode the payload! Is there a less wasteful way?
|
||||
|
||||
// TODO: can we use the already serialized CBOR data here, instead of encoding again the payload?
|
||||
data, err := ipld.Encode(info.sigPayloadNode, dagcbor.Encode)
|
||||
if err != nil {
|
||||
return zero, err
|
||||
|
||||
@@ -18,6 +18,7 @@ import (
|
||||
"github.com/ucan-wg/go-ucan/pkg/args"
|
||||
"github.com/ucan-wg/go-ucan/pkg/command"
|
||||
"github.com/ucan-wg/go-ucan/pkg/meta"
|
||||
"github.com/ucan-wg/go-ucan/token/delegation"
|
||||
"github.com/ucan-wg/go-ucan/token/internal/nonce"
|
||||
"github.com/ucan-wg/go-ucan/token/internal/parse"
|
||||
)
|
||||
@@ -33,11 +34,12 @@ type Token struct {
|
||||
|
||||
// The Command
|
||||
command command.Command
|
||||
// The Command's Arguments
|
||||
// The Command's arguments
|
||||
arguments *args.Args
|
||||
// Delegations that prove the chain of authority
|
||||
// CIDs of the delegation.Token that prove the chain of authority
|
||||
// They need to form a strictly linear chain, and being ordered starting from the root Delegation (issued by the Subject),
|
||||
// in a strict sequence where the aud of the previous Delegation matches the iss of the next Delegation.
|
||||
proof []cid.Cid
|
||||
|
||||
// Arbitrary Metadata
|
||||
meta *meta.Meta
|
||||
|
||||
@@ -98,6 +100,22 @@ func New(iss, sub did.DID, cmd command.Command, prf []cid.Cid, opts ...Option) (
|
||||
return &tkn, nil
|
||||
}
|
||||
|
||||
type DelegationLoader interface {
|
||||
GetDelegation(cid cid.Cid) (*delegation.Token, error)
|
||||
}
|
||||
|
||||
func (t *Token) ExecutionAllowed(loader DelegationLoader) bool {
|
||||
return t.executionAllowed(loader, t.arguments)
|
||||
}
|
||||
|
||||
func (t *Token) ExecutionAllowedWithArgsHook(loader DelegationLoader, hook func(*args.Args) *args.Args) bool {
|
||||
return t.executionAllowed(loader, hook(t.arguments))
|
||||
}
|
||||
|
||||
func (t *Token) executionAllowed(loader DelegationLoader, arguments *args.Args) bool {
|
||||
panic("TODO")
|
||||
}
|
||||
|
||||
// Issuer returns the did.DID representing the Token's issuer.
|
||||
func (t *Token) Issuer() did.DID {
|
||||
return t.issuer
|
||||
@@ -157,6 +175,21 @@ func (t *Token) Cause() *cid.Cid {
|
||||
return t.cause
|
||||
}
|
||||
|
||||
// IsValidNow verifies that the token can be used at the current time, based on expiration or "not before" fields.
|
||||
// This does NOT do any other kind of verifications.
|
||||
func (t *Token) IsValidNow() bool {
|
||||
return t.IsValidAt(time.Now())
|
||||
}
|
||||
|
||||
// IsValidNow verifies that the token can be used at the given time, based on expiration or "not before" fields.
|
||||
// This does NOT do any other kind of verifications.
|
||||
func (t *Token) IsValidAt(ti time.Time) bool {
|
||||
if t.expiration == nil && ti.After(*t.expiration) {
|
||||
return false
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
func (t *Token) validate() error {
|
||||
var errs error
|
||||
|
||||
|
||||
Reference in New Issue
Block a user