go/ucan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: go:attestation
Branches Tags
go:main go:attestation go:selfsigned go:gh-pages go:fork/alanshaw/ash/feat/invocation-test-vectors go:cont-naming go:proof-check go:v1 go:flacky-test go:match-tracing go:fix/meta-optional-in-delegation go:v1-policy-utf8-tokenizer go:v1-fix-policy-match-any go:policy-filtering go:feat/delegation/examples go:v1-policy-subset-selection go:feat/reorganize-packages go:feat/calculate-cid go:envelope go:v1-fix-policy-examples-test go:invocation go:v1.0.0-rc.1 go:b5/make-apache-mit-license
go:v1.1.0 go:v1.0.1 go:v1.0.0 go:v1.0.0-preview go:v0.7.0
..
compare: go:main
Branches Tags
go:main go:attestation go:selfsigned go:gh-pages go:fork/alanshaw/ash/feat/invocation-test-vectors go:cont-naming go:proof-check go:v1 go:flacky-test go:match-tracing go:fix/meta-optional-in-delegation go:v1-policy-utf8-tokenizer go:v1-fix-policy-match-any go:policy-filtering go:feat/delegation/examples go:v1-policy-subset-selection go:feat/reorganize-packages go:feat/calculate-cid go:envelope go:v1-fix-policy-examples-test go:invocation go:v1.0.0-rc.1 go:b5/make-apache-mit-license
go:v1.1.0 go:v1.0.1 go:v1.0.0 go:v1.0.0-preview go:v0.7.0

15 Commits
attestatio ... main

Author SHA1 Message Date
Prad Nukala
1fbb8568c0 build(config): bump go-varint dependency to v0.1.0
Some checks failed
go continuous benchmark / Run Go continuous benchmark (push) Has been cancelled
Details
Go Test / ubuntu (go 1.22.x) (push) Has been cancelled
Details
Go Test / ubuntu (go 1.23.x) (push) Has been cancelled
Details
2026-01-08 15:48:44 -05:00
Prad Nukala
36717a0826 refactor(token): migrate from ucan-wg to code.sonr.org/go
Some checks failed
go continuous benchmark / Run Go continuous benchmark (push) Has been cancelled
Details
Go Test / ubuntu (go 1.22.x) (push) Has been cancelled
Details
Go Test / ubuntu (go 1.23.x) (push) Has been cancelled
Details
2026-01-08 15:46:02 -05:00
Prad Nukala
fe8b5a6e4c refactor(server): migrate from ucan-wg to code.sonr.org/go/ucan 2026-01-08 15:46:01 -05:00
Prad Nukala
4c1ae3a0be refactor(pkg): Migrate package imports to use new code.sonr.org/go/ucan module path 2026-01-08 15:46:00 -05:00
Prad Nukala
1f69e9c2c4 refactor(meta): update import paths to use new code.sonr.org/go-ucan package 2026-01-08 15:45:59 -05:00
Prad Nukala
4895a069dd refactor(issuer): migrate from github.com/MetaMask/go-did-it to code.sonr.org/go/did-it 2026-01-08 15:45:58 -05:00
Prad Nukala
ec4cc024d4 refactor(invocation): migrate from MetaMask/go-did-it to code.sonr.org/go/did-it 2026-01-08 15:45:57 -05:00
Prad Nukala
0c35addf65 refactor(examples): migrate from MetaMask/go-did-it to code.sonr.org/go/did-it 2026-01-08 15:45:56 -05:00
Prad Nukala
c5b594dd69 docs(readme): update links and references to point to new repository location 2026-01-08 15:45:55 -05:00
Prad Nukala
b23a6de775 refactor(delegation): migrate from github.com/ucan-wg to code.sonr.org/go 2026-01-08 15:45:53 -05:00
Prad Nukala
499f83fd6f refactor(container): migrate to new ucan and did-it package paths 2026-01-08 15:45:52 -05:00
Prad Nukala
d660445190 chore(config): update go module dependencies and repo config 2026-01-08 15:45:51 -05:00
Prad Nukala
869e449383 test(command): update command_test imports to use code.sonr.org/go/ucan 2026-01-08 15:45:50 -05:00
Prad Nukala
6b9698c1e8 refactor(client): migrate from MetaMask/go-did-it to code.sonr.org/go/did-it 2026-01-08 15:45:49 -05:00
Prad Nukala
33841ea261 refactor(args): update import paths to use new repository location 2026-01-08 15:45:48 -05:00
91 changed files with 295 additions and 1724 deletions
Expand all files Collapse all files

20
.github/Repo.toml vendored Normal file
View File

@@ -0,0 +1,20 @@
[scopes]
ci = [".github/workflows"]
config = [".github", "go.mod", "go.sum"]
docs = ["Readme.md", "LICENSE.md"]
assets = ["assets"]
pkg = ["pkg"]
args = ["pkg/args"]
command = ["pkg/command"]
container = ["pkg/container"]
meta = ["pkg/meta"]
policy = ["pkg/policy"]
secretbox = ["pkg/secretbox"]
token = ["token"]
delegation = ["token/delegation"]
invocation = ["token/invocation"]
toolkit = ["toolkit"]
examples = ["toolkit/_example"]
client = ["toolkit/client"]
issuer = ["toolkit/issuer"]
server = ["toolkit/server"]

16
Readme.md
View File

@@ -1,5 +1,5 @@
<div align="center"> <div align="center">
<a href="https://github.com/ucan-wg/go-ucan" target="_blank"> <a href="https://code.sonr.org/go/ucan" target="_blank">
<img src="https://raw.githubusercontent.com/ucan-wg/go-ucan/v1/assets/logo.png" alt="go-ucan Logo" height="250"></img> <img src="https://raw.githubusercontent.com/ucan-wg/go-ucan/v1/assets/logo.png" alt="go-ucan Logo" height="250"></img>
</a> </a>
@@ -7,19 +7,19 @@
<p> <p>
<img src="https://img.shields.io/badge/UCAN-v1.0.0--rc.1-blue" alt="UCAN v1.0.0-rc.1"> <img src="https://img.shields.io/badge/UCAN-v1.0.0--rc.1-blue" alt="UCAN v1.0.0-rc.1">
<a href="https://github.com/ucan-wg/go-ucan/tags"> <a href="https://code.sonr.org/go/ucan/tags">
<img alt="GitHub Tag" src="https://img.shields.io/github/v/tag/ucan-wg/go-ucan"> <img alt="GitHub Tag" src="https://img.shields.io/github/v/tag/ucan-wg/go-ucan">
</a> </a>
<a href="https://github.com/ucan-wg/go-ucan/actions?query="> <a href="https://code.sonr.org/go/ucan/actions?query=">
<img src="https://github.com/ucan-wg/go-ucan/actions/workflows/gotest.yml/badge.svg" alt="Build Status"> <img src="https://code.sonr.org/go/ucan/actions/workflows/gotest.yml/badge.svg" alt="Build Status">
</a> </a>
<a href="https://ucan-wg.github.io/go-ucan/dev/bench/"> <a href="https://ucan-wg.github.io/go-ucan/dev/bench/">
<img alt="Go benchmarks" src="https://img.shields.io/badge/Benchmarks-go-blue"> <img alt="Go benchmarks" src="https://img.shields.io/badge/Benchmarks-go-blue">
</a> </a>
<a href="https://github.com/ucan-wg/go-ucan/blob/v1/LICENSE.md"> <a href="https://code.sonr.org/go/ucan/blob/v1/LICENSE.md">
<img alt="Apache 2.0 OR MIT License" src="https://img.shields.io/badge/License-Apache--2.0_OR_MIT-green"> <img alt="Apache 2.0 OR MIT License" src="https://img.shields.io/badge/License-Apache--2.0_OR_MIT-green">
</a> </a>
<a href="https://pkg.go.dev/github.com/ucan-wg/go-ucan"> <a href="https://pkg.go.dev/code.sonr.org/go/ucan">
<img src="https://img.shields.io/badge/Docs-godoc-blue" alt="Docs"> <img src="https://img.shields.io/badge/Docs-godoc-blue" alt="Docs">
</a> </a>
<a href="https://discord.gg/JSyFG6XgVM"> <a href="https://discord.gg/JSyFG6XgVM">
@@ -54,7 +54,7 @@ Not implemented yet:
## Status ## Status
`go-ucan` currently support the required parts of the UCAN specification: the main specification, delegation and invocation. It leverages the sibling project [`go-did-it`](https://github.com/MetaMask/go-did-it) for easy and extensible DID support. `go-ucan` currently support the required parts of the UCAN specification: the main specification, delegation and invocation. It leverages the sibling project [`go-did-it`](https://code.sonr.org/go/did-it) for easy and extensible DID support.
Besides that, `go-ucan` also includes: Besides that, `go-ucan` also includes:
- support for encrypted values in token's metadata - support for encrypted values in token's metadata
@@ -73,4 +73,4 @@ Artwork by [Bruno Monts](https://www.instagram.com/bruno_monts). Thank you [Rene
## License ## License
This project is licensed under the dual license [Apache 2.0 OR MIT](https://github.com/ucan-wg/go-ucan/blob/v1/LICENSE.md). This project is licensed under the dual license [Apache 2.0 OR MIT](https://code.sonr.org/go/ucan/blob/v1/LICENSE.md).

10
go.mod
View File

@@ -1,21 +1,21 @@
module github.com/ucan-wg/go-ucan module code.sonr.org/go/ucan
go 1.24.4 go 1.24.4
toolchain go1.24.5 toolchain go1.24.5
require ( require (
github.com/MetaMask/go-did-it v1.0.0-pre1 code.sonr.org/go/did-it v1.0.0
github.com/avast/retry-go/v4 v4.6.1 github.com/avast/retry-go/v4 v4.6.1
github.com/ipfs/go-cid v0.5.0 github.com/ipfs/go-cid v0.5.0
github.com/ipld/go-ipld-prime v0.21.0 github.com/ipld/go-ipld-prime v0.21.0
github.com/multiformats/go-multibase v0.2.0 github.com/multiformats/go-multibase v0.2.0
github.com/multiformats/go-multicodec v0.9.0 github.com/multiformats/go-multicodec v0.9.0
github.com/multiformats/go-multihash v0.2.3 github.com/multiformats/go-multihash v0.2.3
github.com/multiformats/go-varint v0.0.7 github.com/multiformats/go-varint v0.1.0
github.com/stretchr/testify v1.10.0 github.com/stretchr/testify v1.10.0
github.com/ucan-wg/go-varsig v1.0.0 github.com/ucan-wg/go-varsig v1.0.0
golang.org/x/crypto v0.40.0 golang.org/x/crypto v0.45.0
) )
require ( require (
@@ -29,7 +29,7 @@ require (
github.com/pmezard/go-difflib v1.0.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/polydawn/refmt v0.89.0 // indirect github.com/polydawn/refmt v0.89.0 // indirect
github.com/spaolacci/murmur3 v1.1.0 // indirect github.com/spaolacci/murmur3 v1.1.0 // indirect
golang.org/x/sys v0.34.0 // indirect golang.org/x/sys v0.38.0 // indirect
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect
lukechampine.com/blake3 v1.3.0 // indirect lukechampine.com/blake3 v1.3.0 // indirect

16
go.sum
View File

@@ -1,6 +1,6 @@
code.sonr.org/go/did-it v1.0.0 h1:Wh8igUkD6cuf0Ul3gawi27z2/M1YfdnQ/mD9gBq/2EU=
code.sonr.org/go/did-it v1.0.0/go.mod h1:PFK6ItvNyB2xbnVqipBbkN9BK1Sq+E2lf1YfOyCA0Og=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/MetaMask/go-did-it v1.0.0-pre1 h1:NTGAC7z52TwFegEF7c+csUr/6Al1nAo6ValAAxOsjto=
github.com/MetaMask/go-did-it v1.0.0-pre1/go.mod h1:7m9syDnXFTg5GmUEcydpO4Rs3eYT4McFH7vCw5fp3A4=
github.com/avast/retry-go/v4 v4.6.1 h1:VkOLRubHdisGrHnTu89g08aQEWEgRU7LVEop3GbIcMk= github.com/avast/retry-go/v4 v4.6.1 h1:VkOLRubHdisGrHnTu89g08aQEWEgRU7LVEop3GbIcMk=
github.com/avast/retry-go/v4 v4.6.1/go.mod h1:V6oF8njAwxJ5gRo1Q7Cxab24xs5NCWZBeaHHBklR8mA= github.com/avast/retry-go/v4 v4.6.1/go.mod h1:V6oF8njAwxJ5gRo1Q7Cxab24xs5NCWZBeaHHBklR8mA=
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
@@ -43,8 +43,8 @@ github.com/multiformats/go-multicodec v0.9.0 h1:pb/dlPnzee/Sxv/j4PmkDRxCOi3hXTz3
github.com/multiformats/go-multicodec v0.9.0/go.mod h1:L3QTQvMIaVBkXOXXtVmYE+LI16i14xuaojr/H7Ai54k= github.com/multiformats/go-multicodec v0.9.0/go.mod h1:L3QTQvMIaVBkXOXXtVmYE+LI16i14xuaojr/H7Ai54k=
github.com/multiformats/go-multihash v0.2.3 h1:7Lyc8XfX/IY2jWb/gI7JP+o7JEq9hOa7BFvVU9RSh+U= github.com/multiformats/go-multihash v0.2.3 h1:7Lyc8XfX/IY2jWb/gI7JP+o7JEq9hOa7BFvVU9RSh+U=
github.com/multiformats/go-multihash v0.2.3/go.mod h1:dXgKXCXjBzdscBLk9JkjINiEsCKRVch90MdaGiKsvSM= github.com/multiformats/go-multihash v0.2.3/go.mod h1:dXgKXCXjBzdscBLk9JkjINiEsCKRVch90MdaGiKsvSM=
github.com/multiformats/go-varint v0.0.7 h1:sWSGR+f/eu5ABZA2ZpYKBILXTTs9JWpdEM/nEGOHFS8= github.com/multiformats/go-varint v0.1.0 h1:i2wqFp4sdl3IcIxfAonHQV9qU5OsZ4Ts9IOoETFs5dI=
github.com/multiformats/go-varint v0.0.7/go.mod h1:r8PUYw/fD/SjBCiKOoDlGF6QawOELpZAu9eioSos/OU= github.com/multiformats/go-varint v0.1.0/go.mod h1:5KVAVXegtfmNQQm/lCY+ATvDzvJJhSkUlGQV9wgObdI=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/polydawn/refmt v0.89.0 h1:ADJTApkvkeBZsN0tBTx8QjpD9JkmxbKp0cxfr9qszm4= github.com/polydawn/refmt v0.89.0 h1:ADJTApkvkeBZsN0tBTx8QjpD9JkmxbKp0cxfr9qszm4=
@@ -67,12 +67,12 @@ github.com/urfave/cli v1.22.10/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60Nt
github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0 h1:GDDkbFiaK8jsSDJfjId/PEGEShv6ugrt4kYsC5UIDaQ= github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0 h1:GDDkbFiaK8jsSDJfjId/PEGEShv6ugrt4kYsC5UIDaQ=
github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0/go.mod h1:x6AKhvSSexNrVSrViXSHUEbICjmGXhtgABaHIySUSGw= github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0/go.mod h1:x6AKhvSSexNrVSrViXSHUEbICjmGXhtgABaHIySUSGw=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.40.0 h1:r4x+VvoG5Fm+eJcxMaY8CQM7Lb0l1lsmjGBQ6s8BfKM= golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
golang.org/x/crypto v0.40.0/go.mod h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY= golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.34.0 h1:H5Y5sJ2L2JRdyv7ROF1he/lPdvFsd0mJHFw2ThKHxLA= golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
golang.org/x/sys v0.34.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

4
pkg/args/args.go
View File

@@ -16,8 +16,8 @@ import (
"github.com/ipld/go-ipld-prime/node/basicnode" "github.com/ipld/go-ipld-prime/node/basicnode"
"github.com/ipld/go-ipld-prime/printer" "github.com/ipld/go-ipld-prime/printer"
"github.com/ucan-wg/go-ucan/pkg/policy/limits" "code.sonr.org/go/ucan/pkg/policy/limits"
"github.com/ucan-wg/go-ucan/pkg/policy/literal" "code.sonr.org/go/ucan/pkg/policy/literal"
) )
var ErrNotFound = errors.New("key not found in meta") var ErrNotFound = errors.New("key not found in meta")

6
pkg/args/args_test.go
View File

@@ -14,9 +14,9 @@ import (
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/args" "code.sonr.org/go/ucan/pkg/args"
"github.com/ucan-wg/go-ucan/pkg/policy/limits" "code.sonr.org/go/ucan/pkg/policy/limits"
"github.com/ucan-wg/go-ucan/pkg/policy/literal" "code.sonr.org/go/ucan/pkg/policy/literal"
) )
func TestArgs(t *testing.T) { func TestArgs(t *testing.T) {

2
pkg/args/builder_test.go
View File

@@ -7,7 +7,7 @@ import (
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/args" "code.sonr.org/go/ucan/pkg/args"
) )
func TestBuilder_XXX(t *testing.T) { func TestBuilder_XXX(t *testing.T) {

265
pkg/claims/claims.go
View File

@@ -1,265 +0,0 @@
package claims
import (
"errors"
"fmt"
"iter"
"sort"
"strings"
"github.com/ipld/go-ipld-prime"
"github.com/ipld/go-ipld-prime/printer"
"github.com/ucan-wg/go-ucan/pkg/policy/literal"
"github.com/ucan-wg/go-ucan/pkg/secretbox"
)
var ErrNotFound = errors.New("key not found in claims")
var ErrNotEncryptable = errors.New("value of this type cannot be encrypted")
// Claims is a container for claims key-value pairs in an attestation token.
// This also serves as a way to construct the underlying IPLD data with minimum allocations
// and transformations, while hiding the IPLD complexity from the caller.
type Claims struct {
// This type must be compatible with the IPLD type represented by the IPLD
// schema { String : Any }.
Keys []string
Values map[string]ipld.Node
}
// NewClaims constructs a new Claims.
func NewClaims() *Claims {
return &Claims{Values: map[string]ipld.Node{}}
}
// GetBool retrieves a value as a bool.
// Returns ErrNotFound if the given key is missing.
// Returns datamodel.ErrWrongKind if the value has the wrong type.
func (m *Claims) GetBool(key string) (bool, error) {
v, ok := m.Values[key]
if !ok {
return false, ErrNotFound
}
return v.AsBool()
}
// GetString retrieves a value as a string.
// Returns ErrNotFound if the given key is missing.
// Returns datamodel.ErrWrongKind if the value has the wrong type.
func (m *Claims) GetString(key string) (string, error) {
v, ok := m.Values[key]
if !ok {
return "", ErrNotFound
}
return v.AsString()
}
// GetEncryptedString decorates GetString and decrypt its output with the given symmetric encryption key.
func (m *Claims) GetEncryptedString(key string, encryptionKey []byte) (string, error) {
v, err := m.GetBytes(key)
if err != nil {
return "", err
}
decrypted, err := secretbox.DecryptStringWithKey(v, encryptionKey)
if err != nil {
return "", err
}
return string(decrypted), nil
}
// GetInt64 retrieves a value as an int64.
// Returns ErrNotFound if the given key is missing.
// Returns datamodel.ErrWrongKind if the value has the wrong type.
func (m *Claims) GetInt64(key string) (int64, error) {
v, ok := m.Values[key]
if !ok {
return 0, ErrNotFound
}
return v.AsInt()
}
// GetFloat64 retrieves a value as a float64.
// Returns ErrNotFound if the given key is missing.
// Returns datamodel.ErrWrongKind if the value has the wrong type.
func (m *Claims) GetFloat64(key string) (float64, error) {
v, ok := m.Values[key]
if !ok {
return 0, ErrNotFound
}
return v.AsFloat()
}
// GetBytes retrieves a value as a []byte.
// Returns ErrNotFound if the given key is missing.
// Returns datamodel.ErrWrongKind if the value has the wrong type.
func (m *Claims) GetBytes(key string) ([]byte, error) {
v, ok := m.Values[key]
if !ok {
return nil, ErrNotFound
}
return v.AsBytes()
}
// GetEncryptedBytes decorates GetBytes and decrypt its output with the given symmetric encryption key.
func (m *Claims) GetEncryptedBytes(key string, encryptionKey []byte) ([]byte, error) {
v, err := m.GetBytes(key)
if err != nil {
return nil, err
}
decrypted, err := secretbox.DecryptStringWithKey(v, encryptionKey)
if err != nil {
return nil, err
}
return decrypted, nil
}
// GetNode retrieves a value as a raw IPLD node.
// Returns ErrNotFound if the given key is missing.
func (m *Claims) GetNode(key string) (ipld.Node, error) {
v, ok := m.Values[key]
if !ok {
return nil, ErrNotFound
}
return v, nil
}
// Add adds a key/value pair in the claims set.
// Accepted types for val are any CBOR compatible type, or directly IPLD values.
func (m *Claims) Add(key string, val any) error {
if _, ok := m.Values[key]; ok {
return fmt.Errorf("duplicate key %q", key)
}
node, err := literal.Any(val)
if err != nil {
return err
}
m.Keys = append(m.Keys, key)
m.Values[key] = node
return nil
}
// AddEncrypted adds a key/value pair in the claims set.
// The value is encrypted with the given encryptionKey.
// Accepted types for the value are: string, []byte.
// The ciphertext will be 40 bytes larger than the plaintext due to encryption overhead.
func (m *Claims) AddEncrypted(key string, val any, encryptionKey []byte) error {
var encrypted []byte
var err error
switch val := val.(type) {
case string:
encrypted, err = secretbox.EncryptWithKey([]byte(val), encryptionKey)
if err != nil {
return err
}
case []byte:
encrypted, err = secretbox.EncryptWithKey(val, encryptionKey)
if err != nil {
return err
}
default:
return ErrNotEncryptable
}
return m.Add(key, encrypted)
}
type Iterator interface {
Iter() iter.Seq2[string, ipld.Node]
}
// Include merges the provided claims into the existing one.
//
// If duplicate keys are encountered, the new value is silently dropped
// without causing an error.
func (m *Claims) Include(other Iterator) {
for key, value := range other.Iter() {
if _, ok := m.Values[key]; ok {
// don't overwrite
continue
}
m.Values[key] = value
m.Keys = append(m.Keys, key)
}
}
// Len returns the number of key/values.
func (m *Claims) Len() int {
return len(m.Values)
}
// Iter iterates over the claims key/values
func (m *Claims) Iter() iter.Seq2[string, ipld.Node] {
return func(yield func(string, ipld.Node) bool) {
for _, key := range m.Keys {
if !yield(key, m.Values[key]) {
return
}
}
}
}
// Equals tells if two Claims hold the same key/values.
func (m *Claims) Equals(other *Claims) bool {
if len(m.Keys) != len(other.Keys) {
return false
}
if len(m.Values) != len(other.Values) {
return false
}
for _, key := range m.Keys {
if !ipld.DeepEqual(m.Values[key], other.Values[key]) {
return false
}
}
return true
}
func (m *Claims) String() string {
sort.Strings(m.Keys)
buf := strings.Builder{}
buf.WriteString("{")
for key, node := range m.Values {
buf.WriteString("\n\t")
buf.WriteString(key)
buf.WriteString(": ")
buf.WriteString(strings.ReplaceAll(printer.Sprint(node), "\n", "\n\t"))
buf.WriteString(",")
}
if len(m.Values) > 0 {
buf.WriteString("\n")
}
buf.WriteString("}")
return buf.String()
}
// ReadOnly returns a read-only version of Claims.
func (m *Claims) ReadOnly() ReadOnly {
return ReadOnly{claims: m}
}
// Clone makes a deep copy.
func (m *Claims) Clone() *Claims {
res := &Claims{
Keys: make([]string, len(m.Keys)),
Values: make(map[string]ipld.Node, len(m.Values)),
}
copy(res.Keys, m.Keys)
for k, v := range m.Values {
res.Values[k] = v
}
return res
}

130
pkg/claims/claims_test.go
View File

@@ -1,130 +0,0 @@
package claims_test
import (
"crypto/rand"
"maps"
"testing"
"github.com/ipld/go-ipld-prime"
"github.com/ipld/go-ipld-prime/node/basicnode"
"github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/claims"
)
func TestClaims_Add(t *testing.T) {
t.Parallel()
type Unsupported struct{}
t.Run("error if not primitive or Node", func(t *testing.T) {
t.Parallel()
err := (&claims.Claims{}).Add("invalid", &Unsupported{})
require.Error(t, err)
})
t.Run("encrypted claims", func(t *testing.T) {
t.Parallel()
key := make([]byte, 32)
_, err := rand.Read(key)
require.NoError(t, err)
m := claims.NewClaims()
// string encryption
err = m.AddEncrypted("secret", "hello world", key)
require.NoError(t, err)
_, err = m.GetString("secret")
require.Error(t, err) // the ciphertext is saved as []byte instead of string
decrypted, err := m.GetEncryptedString("secret", key)
require.NoError(t, err)
require.Equal(t, "hello world", decrypted)
// bytes encryption
originalBytes := make([]byte, 128)
_, err = rand.Read(originalBytes)
require.NoError(t, err)
err = m.AddEncrypted("secret-bytes", originalBytes, key)
require.NoError(t, err)
encryptedBytes, err := m.GetBytes("secret-bytes")
require.NoError(t, err)
require.NotEqual(t, originalBytes, encryptedBytes)
decryptedBytes, err := m.GetEncryptedBytes("secret-bytes", key)
require.NoError(t, err)
require.Equal(t, originalBytes, decryptedBytes)
// error cases
t.Run("error on unsupported type", func(t *testing.T) {
err := m.AddEncrypted("invalid", 123, key)
require.ErrorIs(t, err, claims.ErrNotEncryptable)
})
t.Run("error on invalid key size", func(t *testing.T) {
err := m.AddEncrypted("invalid", "test", []byte("short-key"))
require.Error(t, err)
require.Contains(t, err.Error(), "invalid key size")
})
t.Run("error on nil key", func(t *testing.T) {
err := m.AddEncrypted("invalid", "test", nil)
require.Error(t, err)
require.Contains(t, err.Error(), "encryption key is required")
})
})
}
func TestIterCloneEquals(t *testing.T) {
m := claims.NewClaims()
require.NoError(t, m.Add("foo", "bar"))
require.NoError(t, m.Add("baz", 1234))
expected := map[string]ipld.Node{
"foo": basicnode.NewString("bar"),
"baz": basicnode.NewInt(1234),
}
// claims -> iter
require.Equal(t, expected, maps.Collect(m.Iter()))
// readonly -> iter
ro := m.ReadOnly()
require.Equal(t, expected, maps.Collect(ro.Iter()))
// claims -> clone -> iter
clone := m.Clone()
require.Equal(t, expected, maps.Collect(clone.Iter()))
// readonly -> WriteableClone -> iter
wclone := ro.WriteableClone()
require.Equal(t, expected, maps.Collect(wclone.Iter()))
require.True(t, m.Equals(wclone))
require.True(t, ro.Equals(wclone.ReadOnly()))
}
func TestInclude(t *testing.T) {
m1 := claims.NewClaims()
require.NoError(t, m1.Add("samekey", "bar"))
require.NoError(t, m1.Add("baz", 1234))
m2 := claims.NewClaims()
require.NoError(t, m2.Add("samekey", "othervalue")) // check no overwrite
require.NoError(t, m2.Add("otherkey", 1234))
m1.Include(m2)
require.Equal(t, map[string]ipld.Node{
"samekey": basicnode.NewString("bar"),
"baz": basicnode.NewInt(1234),
"otherkey": basicnode.NewInt(1234),
}, maps.Collect(m1.Iter()))
}

64
pkg/claims/readonly.go
View File

@@ -1,64 +0,0 @@
package claims
import (
"iter"
"github.com/ipld/go-ipld-prime"
)
// ReadOnly wraps a Claims into a read-only facade.
type ReadOnly struct {
claims *Claims
}
func (r ReadOnly) GetBool(key string) (bool, error) {
return r.claims.GetBool(key)
}
func (r ReadOnly) GetString(key string) (string, error) {
return r.claims.GetString(key)
}
func (r ReadOnly) GetEncryptedString(key string, encryptionKey []byte) (string, error) {
return r.claims.GetEncryptedString(key, encryptionKey)
}
func (r ReadOnly) GetInt64(key string) (int64, error) {
return r.claims.GetInt64(key)
}
func (r ReadOnly) GetFloat64(key string) (float64, error) {
return r.claims.GetFloat64(key)
}
func (r ReadOnly) GetBytes(key string) ([]byte, error) {
return r.claims.GetBytes(key)
}
func (r ReadOnly) GetEncryptedBytes(key string, encryptionKey []byte) ([]byte, error) {
return r.claims.GetEncryptedBytes(key, encryptionKey)
}
func (r ReadOnly) GetNode(key string) (ipld.Node, error) {
return r.claims.GetNode(key)
}
func (r ReadOnly) Len() int {
return r.claims.Len()
}
func (r ReadOnly) Iter() iter.Seq2[string, ipld.Node] {
return r.claims.Iter()
}
func (r ReadOnly) Equals(other ReadOnly) bool {
return r.claims.Equals(other.claims)
}
func (r ReadOnly) String() string {
return r.claims.String()
}
func (r ReadOnly) WriteableClone() *Claims {
return r.claims.Clone()
}

2
pkg/command/command_test.go
View File

@@ -5,7 +5,7 @@ import (
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
) )
func TestTop(t *testing.T) { func TestTop(t *testing.T) {

6
pkg/container/reader.go
View File

@@ -12,9 +12,9 @@ import (
"github.com/ipld/go-ipld-prime/codec/cbor" "github.com/ipld/go-ipld-prime/codec/cbor"
"github.com/ipld/go-ipld-prime/datamodel" "github.com/ipld/go-ipld-prime/datamodel"
"github.com/ucan-wg/go-ucan/token" "code.sonr.org/go/ucan/token"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/token/invocation" "code.sonr.org/go/ucan/token/invocation"
) )
var ErrNotFound = fmt.Errorf("not found") var ErrNotFound = fmt.Errorf("not found")

14
pkg/container/serial_test.go
View File

@@ -9,16 +9,16 @@ import (
"testing" "testing"
"time" "time"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/MetaMask/go-did-it/controller/did-key" "code.sonr.org/go/did-it/controller/did-key"
"github.com/MetaMask/go-did-it/crypto/ed25519" "code.sonr.org/go/did-it/crypto/ed25519"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/pkg/policy/literal" "code.sonr.org/go/ucan/pkg/policy/literal"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
) )
func TestContainerRoundTrip(t *testing.T) { func TestContainerRoundTrip(t *testing.T) {

4
pkg/meta/meta.go
View File

@@ -10,8 +10,8 @@ import (
"github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime"
"github.com/ipld/go-ipld-prime/printer" "github.com/ipld/go-ipld-prime/printer"
"github.com/ucan-wg/go-ucan/pkg/policy/literal" "code.sonr.org/go/ucan/pkg/policy/literal"
"github.com/ucan-wg/go-ucan/pkg/secretbox" "code.sonr.org/go/ucan/pkg/secretbox"
) )
var ErrNotFound = errors.New("key not found in meta") var ErrNotFound = errors.New("key not found in meta")

2
pkg/meta/meta_test.go
View File

@@ -9,7 +9,7 @@ import (
"github.com/ipld/go-ipld-prime/node/basicnode" "github.com/ipld/go-ipld-prime/node/basicnode"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/meta" "code.sonr.org/go/ucan/pkg/meta"
) )
func TestMeta_Add(t *testing.T) { func TestMeta_Add(t *testing.T) {

4
pkg/policy/ipld.go
View File

@@ -9,8 +9,8 @@ import (
"github.com/ipld/go-ipld-prime/must" "github.com/ipld/go-ipld-prime/must"
"github.com/ipld/go-ipld-prime/node/basicnode" "github.com/ipld/go-ipld-prime/node/basicnode"
"github.com/ucan-wg/go-ucan/pkg/policy/limits" "code.sonr.org/go/ucan/pkg/policy/limits"
"github.com/ucan-wg/go-ucan/pkg/policy/selector" "code.sonr.org/go/ucan/pkg/policy/selector"
) )
func FromIPLD(node datamodel.Node) (Policy, error) { func FromIPLD(node datamodel.Node) (Policy, error) {

2
pkg/policy/literal/literal.go
View File

@@ -13,7 +13,7 @@ import (
cidlink "github.com/ipld/go-ipld-prime/linking/cid" cidlink "github.com/ipld/go-ipld-prime/linking/cid"
"github.com/ipld/go-ipld-prime/node/basicnode" "github.com/ipld/go-ipld-prime/node/basicnode"
"github.com/ucan-wg/go-ucan/pkg/policy/limits" "code.sonr.org/go/ucan/pkg/policy/limits"
) )
var Bool = basicnode.NewBool var Bool = basicnode.NewBool

2
pkg/policy/literal/literal_test.go
View File

@@ -9,7 +9,7 @@ import (
"github.com/ipld/go-ipld-prime/printer" "github.com/ipld/go-ipld-prime/printer"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/policy/limits" "code.sonr.org/go/ucan/pkg/policy/limits"
) )
func TestList(t *testing.T) { func TestList(t *testing.T) {

2
pkg/policy/match_test.go
View File

@@ -11,7 +11,7 @@ import (
"github.com/ipld/go-ipld-prime/node/basicnode" "github.com/ipld/go-ipld-prime/node/basicnode"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/policy/literal" "code.sonr.org/go/ucan/pkg/policy/literal"
) )
func TestMatch(t *testing.T) { func TestMatch(t *testing.T) {

2
pkg/policy/policy.go
View File

@@ -9,7 +9,7 @@ import (
"github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime"
"github.com/ipld/go-ipld-prime/codec/dagjson" "github.com/ipld/go-ipld-prime/codec/dagjson"
selpkg "github.com/ucan-wg/go-ucan/pkg/policy/selector" selpkg "code.sonr.org/go/ucan/pkg/policy/selector"
) )
const ( const (

4
pkg/policy/policy_test.go
View File

@@ -6,8 +6,8 @@ import (
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/pkg/policy/literal" "code.sonr.org/go/ucan/pkg/policy/literal"
) )
func ExamplePolicy() { func ExamplePolicy() {

6
pkg/policy/policytest/spec.go
View File

@@ -3,9 +3,9 @@ package policytest
import ( import (
"github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime"
"github.com/ucan-wg/go-ucan/pkg/args" "code.sonr.org/go/ucan/pkg/args"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/pkg/policy/literal" "code.sonr.org/go/ucan/pkg/policy/literal"
) )
// EmptyPolicy provides a Policy with no statements. // EmptyPolicy provides a Policy with no statements.

2
pkg/policy/selector/parsing.go
View File

@@ -7,7 +7,7 @@ import (
"strconv" "strconv"
"strings" "strings"
"github.com/ucan-wg/go-ucan/pkg/policy/limits" "code.sonr.org/go/ucan/pkg/policy/limits"
) )
var ( var (

2
pkg/policy/selector/parsing_test.go
View File

@@ -7,7 +7,7 @@ import (
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/policy/limits" "code.sonr.org/go/ucan/pkg/policy/limits"
) )
func TestParse(t *testing.T) { func TestParse(t *testing.T) {

2
pkg/policy/selector/supported_test.go
View File

@@ -9,7 +9,7 @@ import (
basicnode "github.com/ipld/go-ipld-prime/node/basic" basicnode "github.com/ipld/go-ipld-prime/node/basic"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/policy/selector" "code.sonr.org/go/ucan/pkg/policy/selector"
) )
// TestSupported Forms runs tests against the Selector according to the // TestSupported Forms runs tests against the Selector according to the

210
token/attestation/attestation.go
View File

@@ -1,210 +0,0 @@
// Package attestation implements the UCAN [attestation] specification with
// an immutable Token type as well as methods to convert the Token to and
// from the [envelope]-enclosed, signed and DAG-CBOR-encoded form that
// should most commonly be used for transport and storage.
//
// [envelope]: https://github.com/ucan-wg/spec#envelope
// [attestation]: TBD
package attestation
import (
"encoding/base64"
"errors"
"fmt"
"strings"
"time"
"github.com/MetaMask/go-did-it"
"github.com/ucan-wg/go-ucan/pkg/claims"
"github.com/ucan-wg/go-ucan/pkg/meta"
"github.com/ucan-wg/go-ucan/token/internal/nonce"
"github.com/ucan-wg/go-ucan/token/internal/parse"
)
// Token is an immutable type that holds the fields of a UCAN attestation.
type Token struct {
// The DID of the Invoker
issuer did.DID
// TODO: should this exist?
// audience did.DID
// Arbitrary Claims
claims *claims.Claims
// Arbitrary Metadata
meta *meta.Meta
// A unique, random nonce
nonce []byte
// The timestamp at which the Invocation becomes invalid
expiration *time.Time
// The timestamp at which the Invocation was created
issuedAt *time.Time
}
// New creates an attestation Token with the provided options.
//
// If no nonce is provided, a random 12-byte nonce is generated. Use the
// WithNonce or WithEmptyNonce options to specify provide your own nonce
// or to leave the nonce empty respectively.
//
// If no IssuedAt is provided, the current time is used. Use the
// IssuedAt or WithIssuedAtIn Options to specify a different time
// or the WithoutIssuedAt Option to clear the Token's IssuedAt field.
//
// With the exception of the WithMeta option, all others will overwrite
// the previous contents of their target field.
//
// You can read it as "(Issuer - I) attest (arbitrary claim)".
func New(iss did.DID, opts ...Option) (*Token, error) {
iat := time.Now()
tkn := Token{
issuer: iss,
claims: claims.NewClaims(),
meta: meta.NewMeta(),
nonce: nil,
issuedAt: &iat,
}
for _, opt := range opts {
if err := opt(&tkn); err != nil {
return nil, err
}
}
var err error
if len(tkn.nonce) == 0 {
tkn.nonce, err = nonce.Generate()
if err != nil {
return nil, err
}
}
if err := tkn.validate(); err != nil {
return nil, err
}
return &tkn, nil
}
// Issuer returns the did.DID representing the Token's issuer.
func (t *Token) Issuer() did.DID {
return t.issuer
}
// Claims returns the Token's claims.
func (t *Token) Claims() claims.ReadOnly {
return t.claims.ReadOnly()
}
// Meta returns the Token's metadata.
func (t *Token) Meta() meta.ReadOnly {
return t.meta.ReadOnly()
}
// Nonce returns the random Nonce encapsulated in this Token.
func (t *Token) Nonce() []byte {
return t.nonce
}
// Expiration returns the time at which the Token expires.
func (t *Token) Expiration() *time.Time {
return t.expiration
}
// IssuedAt returns the time.Time at which the invocation token was
// created.
func (t *Token) IssuedAt() *time.Time {
return t.issuedAt
}
// IsValidNow verifies that the token can be used at the current time, based on expiration or "not before" fields.
// This does NOT do any other kind of verifications.
func (t *Token) IsValidNow() bool {
return t.IsValidAt(time.Now())
}
// IsValidAt verifies that the token can be used at the given time, based on expiration or "not before" fields.
// This does NOT do any other kind of verifications.
func (t *Token) IsValidAt(ti time.Time) bool {
if t.expiration != nil && ti.After(*t.expiration) {
return false
}
return true
}
func (t *Token) String() string {
var res strings.Builder
res.WriteString(fmt.Sprintf("Issuer: %s\n", t.Issuer()))
res.WriteString(fmt.Sprintf("Nonce: %s\n", base64.StdEncoding.EncodeToString(t.Nonce())))
res.WriteString(fmt.Sprintf("Meta: %s\n", t.Meta()))
res.WriteString(fmt.Sprintf("Expiration: %v\n", t.Expiration()))
res.WriteString(fmt.Sprintf("Issued At: %v\n", t.IssuedAt()))
return res.String()
}
func (t *Token) validate() error {
var errs error
requiredDID := func(id did.DID, fieldname string) {
if id == nil {
errs = errors.Join(errs, fmt.Errorf(`a valid did is required for %s: %s`, fieldname, id.String()))
}
}
requiredDID(t.issuer, "Issuer")
if len(t.nonce) < 12 {
errs = errors.Join(errs, fmt.Errorf("token nonce too small"))
}
return errs
}
// tokenFromModel build a decoded view of the raw IPLD data.
// This function also serves as validation.
func tokenFromModel(m tokenPayloadModel) (*Token, error) {
var (
tkn Token
err error
)
if tkn.issuer, err = did.Parse(m.Iss); err != nil {
return nil, fmt.Errorf("parse iss: %w", err)
}
tkn.claims = m.Claims
if tkn.claims == nil {
tkn.claims = claims.NewClaims()
}
tkn.meta = m.Meta
if tkn.meta == nil {
tkn.meta = meta.NewMeta()
}
if len(m.Nonce) == 0 {
return nil, fmt.Errorf("nonce is required")
}
tkn.nonce = m.Nonce
tkn.expiration, err = parse.OptionalTimestamp(m.Exp)
if err != nil {
return nil, fmt.Errorf("parse expiration: %w", err)
}
tkn.issuedAt, err = parse.OptionalTimestamp(m.Iat)
if err != nil {
return nil, fmt.Errorf("parse IssuedAt: %w", err)
}
if err := tkn.validate(); err != nil {
return nil, err
}
return &tkn, nil
}

22
token/attestation/attestation.ipldsch
View File

@@ -1,22 +0,0 @@
type DID string
# The Attestation payload
type Payload struct {
# Issuer DID (sender)
iss DID
# Audience DID (receiver) TODO: should that exist?
# aud DID
# Arbitrary claims
claims optional {String: Any}
# Arbitrary Metadata
meta optional {String : Any}
# A unique, random nonce
nonce Bytes
# The timestamp at which the Invocation becomes invalid
exp nullable Int
# The Timestamp at which the Invocation was created
iat optional Int
}

132
token/attestation/examples_test.go
View File

@@ -1,132 +0,0 @@
package attestation_test
import (
"bytes"
"encoding/json"
"errors"
"fmt"
"time"
"github.com/MetaMask/go-did-it"
didkeyctl "github.com/MetaMask/go-did-it/controller/did-key"
"github.com/MetaMask/go-did-it/crypto/ed25519"
"github.com/ipld/go-ipld-prime"
"github.com/ipld/go-ipld-prime/codec/dagcbor"
"github.com/ipld/go-ipld-prime/codec/dagjson"
"github.com/ipld/go-ipld-prime/node/basicnode"
"github.com/ucan-wg/go-ucan/token/attestation"
)
func ExampleNew() {
privKey, iss, _, _, err := setupExampleNew()
if err != nil {
fmt.Println("failed to create setup:", err.Error())
return
}
att, err := attestation.New(iss,
attestation.WithClaim("claim1", "UCAN is great"),
attestation.WithMeta("env", "development"),
attestation.WithExpirationIn(time.Minute),
attestation.WithoutIssuedAt())
if err != nil {
fmt.Println("failed to create attestation:", err.Error())
return
}
// foo, _ := att.ToDagJson(privKey)
// os.WriteFile("testdata/new.dagjson", foo, 0666)
// fmt.Println(base64.StdEncoding.EncodeToString(privKey.ToBytes()))
data, cid, err := att.ToSealed(privKey)
if err != nil {
fmt.Println("failed to seal attestation:", err.Error())
return
}
json, err := prettyDAGJSON(data)
if err != nil {
fmt.Println("failed to pretty DAG-JSON:", err.Error())
return
}
fmt.Println("CID:", cid)
fmt.Println("Token (pretty DAG-JSON):")
fmt.Println(json)
// Expected CID and DAG-JSON output:
// CID: bafyreibm5vo6gk75oreefkg6xkrrfb4d5dgkccgmutirjgtzi5j45svjm4
// Token (pretty DAG-JSON):
// [
// {
// "/": {
// "bytes": "ApuXUsUYhqostO2zfKZK50GW0gXYPtrlpoVA8EwGFdyYahQecOizVpl+9wy64aqk2rMP4Q0UEUKCTV0ONMdPAw"
// }
// },
// {
// "h": {
// "/": {
// "bytes": "NAHtAe0BE3E"
// }
// },
// "ucan/att@tbd": {
// "claims": {
// "claim1": "UCAN is great"
// },
// "exp": 1767790971,
// "iss": "did:key:z6Mkm4RzzBDfSHqmwV9dp5jFsLkVgKRYp1PhSj7VybCcLHC4",
// "meta": {
// "env": "development"
// },
// "nonce": {
// "/": {
// "bytes": "NjS8QPvft97jbtUG"
// }
// }
// }
// }
// ]
}
func prettyDAGJSON(data []byte) (string, error) {
var node ipld.Node
node, err := ipld.Decode(data, dagcbor.Decode)
if err != nil {
return "", err
}
jsonData, err := ipld.Encode(node, dagjson.Encode)
if err != nil {
return "", err
}
var out bytes.Buffer
if err := json.Indent(&out, jsonData, "", " "); err != nil {
return "", err
}
return out.String(), nil
}
func setupExampleNew() (privKey ed25519.PrivateKey, iss did.DID, claims map[string]any, meta map[string]any, errs error) {
var err error
_, privKey, err = ed25519.GenerateKeyPair()
if err != nil {
errs = errors.Join(errs, fmt.Errorf("failed to generate Ed25519 keypair: %w", err))
return
}
iss = didkeyctl.FromPrivateKey(privKey)
claims = map[string]any{
"claim1": "UCAN is great",
}
meta = map[string]any{
"env": basicnode.NewString("development"),
}
return // WARNING: named return values
}

227
token/attestation/ipld.go
View File

@@ -1,227 +0,0 @@
package attestation
import (
"io"
"github.com/MetaMask/go-did-it"
"github.com/MetaMask/go-did-it/crypto"
"github.com/ipfs/go-cid"
"github.com/ipld/go-ipld-prime"
"github.com/ipld/go-ipld-prime/codec"
"github.com/ipld/go-ipld-prime/codec/dagcbor"
"github.com/ipld/go-ipld-prime/codec/dagjson"
"github.com/ipld/go-ipld-prime/datamodel"
"github.com/ucan-wg/go-ucan/token/internal/envelope"
)
// ToSealed wraps the attestation token in an envelope, generates the
// signature, encodes the result to DAG-CBOR and calculates the CID of
// the resulting binary data.
func (t *Token) ToSealed(privKey crypto.PrivateKeySigningBytes) ([]byte, cid.Cid, error) {
data, err := t.ToDagCbor(privKey)
if err != nil {
return nil, cid.Undef, err
}
id, err := envelope.CIDFromBytes(data)
if err != nil {
return nil, cid.Undef, err
}
return data, id, nil
}
// ToSealedWriter is the same as ToSealed but accepts an io.Writer.
func (t *Token) ToSealedWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes) (cid.Cid, error) {
cidWriter := envelope.NewCIDWriter(w)
if err := t.ToDagCborWriter(cidWriter, privKey); err != nil {
return cid.Undef, err
}
return cidWriter.CID()
}
// FromSealed decodes the provided binary data from the DAG-CBOR format,
// verifies that the envelope's signature is correct based on the public
// key taken from the issuer (iss) field and calculates the CID of the
// incoming data.
func FromSealed(data []byte, resolvOpts ...did.ResolutionOption) (*Token, cid.Cid, error) {
tkn, err := FromDagCbor(data, resolvOpts...)
if err != nil {
return nil, cid.Undef, err
}
id, err := envelope.CIDFromBytes(data)
if err != nil {
return nil, cid.Undef, err
}
return tkn, id, nil
}
// FromSealedReader is the same as Unseal but accepts an io.Reader.
func FromSealedReader(r io.Reader, resolvOpts ...did.ResolutionOption) (*Token, cid.Cid, error) {
cidReader := envelope.NewCIDReader(r)
tkn, err := FromDagCborReader(cidReader, resolvOpts...)
if err != nil {
return nil, cid.Undef, err
}
id, err := cidReader.CID()
if err != nil {
return nil, cid.Undef, err
}
return tkn, id, nil
}
// Encode marshals a Token to the format specified by the provided
// codec.Encoder.
func (t *Token) Encode(privKey crypto.PrivateKeySigningBytes, encFn codec.Encoder) ([]byte, error) {
node, err := t.toIPLD(privKey)
if err != nil {
return nil, err
}
return ipld.Encode(node, encFn)
}
// EncodeWriter is the same as Encode, but accepts an io.Writer.
func (t *Token) EncodeWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes, encFn codec.Encoder) error {
node, err := t.toIPLD(privKey)
if err != nil {
return err
}
return ipld.EncodeStreaming(w, node, encFn)
}
// ToDagCbor marshals the Token to the DAG-CBOR format.
func (t *Token) ToDagCbor(privKey crypto.PrivateKeySigningBytes) ([]byte, error) {
return t.Encode(privKey, dagcbor.Encode)
}
// ToDagCborWriter is the same as ToDagCbor, but it accepts an io.Writer.
func (t *Token) ToDagCborWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes) error {
return t.EncodeWriter(w, privKey, dagcbor.Encode)
}
// ToDagJson marshals the Token to the DAG-JSON format.
func (t *Token) ToDagJson(privKey crypto.PrivateKeySigningBytes) ([]byte, error) {
return t.Encode(privKey, dagjson.Encode)
}
// ToDagJsonWriter is the same as ToDagJson, but it accepts an io.Writer.
func (t *Token) ToDagJsonWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes) error {
return t.EncodeWriter(w, privKey, dagjson.Encode)
}
// Decode unmarshals the input data using the format specified by the
// provided codec.Decoder into a Token.
//
// An error is returned if the conversion fails or if the resulting
// Token is invalid.
func Decode(b []byte, decFn codec.Decoder, resolvOpts ...did.ResolutionOption) (*Token, error) {
node, err := ipld.Decode(b, decFn)
if err != nil {
return nil, err
}
return FromIPLD(node, resolvOpts...)
}
// DecodeReader is the same as Decode, but accept an io.Reader.
func DecodeReader(r io.Reader, decFn codec.Decoder, resolvOpts ...did.ResolutionOption) (*Token, error) {
node, err := ipld.DecodeStreaming(r, decFn)
if err != nil {
return nil, err
}
return FromIPLD(node, resolvOpts...)
}
// FromDagCbor unmarshals the input data into a Token.
//
// An error is returned if the conversion fails or if the resulting
// Token is invalid.
func FromDagCbor(data []byte, resolvOpts ...did.ResolutionOption) (*Token, error) {
pay, err := envelope.FromDagCbor[*tokenPayloadModel](data, resolvOpts...)
if err != nil {
return nil, err
}
tkn, err := tokenFromModel(*pay)
if err != nil {
return nil, err
}
return tkn, err
}
// FromDagCborReader is the same as FromDagCbor, but accept an io.Reader.
func FromDagCborReader(r io.Reader, resolvOpts ...did.ResolutionOption) (*Token, error) {
return DecodeReader(r, dagcbor.Decode, resolvOpts...)
}
// FromDagJson unmarshals the input data into a Token.
//
// An error is returned if the conversion fails or if the resulting
// Token is invalid.
func FromDagJson(data []byte, resolvOpts ...did.ResolutionOption) (*Token, error) {
return Decode(data, dagjson.Decode, resolvOpts...)
}
// FromDagJsonReader is the same as FromDagJson, but accept an io.Reader.
func FromDagJsonReader(r io.Reader, resolvOpts ...did.ResolutionOption) (*Token, error) {
return DecodeReader(r, dagjson.Decode, resolvOpts...)
}
// FromIPLD decode the given IPLD representation into a Token.
func FromIPLD(node datamodel.Node, resolvOpts ...did.ResolutionOption) (*Token, error) {
pay, err := envelope.FromIPLD[*tokenPayloadModel](node, resolvOpts...)
if err != nil {
return nil, err
}
tkn, err := tokenFromModel(*pay)
if err != nil {
return nil, err
}
return tkn, err
}
func (t *Token) toIPLD(privKey crypto.PrivateKeySigningBytes) (datamodel.Node, error) {
var exp *int64
if t.expiration != nil {
u := t.expiration.Unix()
exp = &u
}
var iat *int64
if t.issuedAt != nil {
i := t.issuedAt.Unix()
iat = &i
}
model := &tokenPayloadModel{
Iss: t.issuer.String(),
Claims: t.claims,
Meta: t.meta,
Nonce: t.nonce,
Exp: exp,
Iat: iat,
}
if len(model.Claims.Keys) == 0 {
model.Claims = nil
}
// seems like it's a requirement to have a null meta if there are no values?
if len(model.Meta.Keys) == 0 {
model.Meta = nil
}
return envelope.ToIPLD(privKey, model)
}

35
token/attestation/ipld_test.go
View File

@@ -1,35 +0,0 @@
package attestation_test
import (
"testing"
"time"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/token/attestation"
)
func TestSealUnsealRoundtrip(t *testing.T) {
t.Parallel()
privKey, iss, claims, meta, err := setupExampleNew()
require.NoError(t, err)
tkn1, err := attestation.New(iss,
attestation.WithClaimMap(claims),
attestation.WithMetaMap(meta),
attestation.WithExpirationIn(time.Minute),
attestation.WithoutIssuedAt(),
)
require.NoError(t, err)
data, cid1, err := tkn1.ToSealed(privKey)
require.NoError(t, err)
tkn2, cid2, err := attestation.FromSealed(data)
require.NoError(t, err)
assert.Equal(t, cid1, cid2)
assert.Equal(t, tkn1, tkn2)
}

168
token/attestation/options.go
View File

@@ -1,168 +0,0 @@
package attestation
import (
"time"
)
// Option is a type that allows optional fields to be set during the
// creation of a Token.
type Option func(*Token) error
// WithClaim adds a key/value pair in the "claims" field.
//
// WithClaims can be used multiple times in the same call.
// Accepted types for the value are: bool, string, int, int32, int64, []byte,
// and ipld.Node.
func WithClaim(key string, val any) Option {
return func(t *Token) error {
return t.claims.Add(key, val)
}
}
// WithClaimsMap adds all key/value pairs in the provided map to the
// Token's "claims" field.
//
// WithClaimsMap can be used multiple times in the same call.
// Accepted types for the value are: bool, string, int, int32, int64, []byte,
// and ipld.Node.
func WithClaimMap(m map[string]any) Option {
return func(t *Token) error {
for k, v := range m {
if err := t.claims.Add(k, v); err != nil {
return err
}
}
return nil
}
}
// WithEncryptedClaimsString adds a key/value pair in the "claims" field.
// The string value is encrypted with the given aesKey.
func WithEncryptedClaimsString(key, val string, encryptionKey []byte) Option {
return func(t *Token) error {
return t.claims.AddEncrypted(key, val, encryptionKey)
}
}
// WithEncryptedClaimsBytes adds a key/value pair in the "claims" field.
// The []byte value is encrypted with the given aesKey.
func WithEncryptedClaimsBytes(key string, val, encryptionKey []byte) Option {
return func(t *Token) error {
return t.claims.AddEncrypted(key, val, encryptionKey)
}
}
// WithMeta adds a key/value pair in the "meta" field.
//
// WithMeta can be used multiple times in the same call.
// Accepted types for the value are: bool, string, int, int32, int64, []byte,
// and ipld.Node.
func WithMeta(key string, val any) Option {
return func(t *Token) error {
return t.meta.Add(key, val)
}
}
// WithMetaMap adds all key/value pairs in the provided map to the
// Token's "meta" field.
//
// WithMetaMap can be used multiple times in the same call.
// Accepted types for the value are: bool, string, int, int32, int64, []byte,
// and ipld.Node.
func WithMetaMap(m map[string]any) Option {
return func(t *Token) error {
for k, v := range m {
if err := t.meta.Add(k, v); err != nil {
return err
}
}
return nil
}
}
// WithEncryptedMetaString adds a key/value pair in the "meta" field.
// The string value is encrypted with the given aesKey.
func WithEncryptedMetaString(key, val string, encryptionKey []byte) Option {
return func(t *Token) error {
return t.meta.AddEncrypted(key, val, encryptionKey)
}
}
// WithEncryptedMetaBytes adds a key/value pair in the "meta" field.
// The []byte value is encrypted with the given aesKey.
func WithEncryptedMetaBytes(key string, val, encryptionKey []byte) Option {
return func(t *Token) error {
return t.meta.AddEncrypted(key, val, encryptionKey)
}
}
// WithNonce sets the Token's nonce with the given value.
//
// If this option is not used, a random 12-byte nonce is generated for
// this required field. If you truly want to create an invocation Token
// without a nonce, use the WithEmptyNonce Option which will set the
// nonce to an empty byte array.
func WithNonce(nonce []byte) Option {
return func(t *Token) error {
t.nonce = nonce
return nil
}
}
// WithEmptyNonce sets the Token's nonce to an empty byte slice as
// suggested by the UCAN spec for invocation tokens that represent
// idempotent operations.
func WithEmptyNonce() Option {
return func(t *Token) error {
t.nonce = []byte{}
return nil
}
}
// WithExpiration set's the Token's optional "expiration" field to the
// value of the provided time.Time.
func WithExpiration(exp time.Time) Option {
return func(t *Token) error {
exp = exp.Round(time.Second)
t.expiration = &exp
return nil
}
}
// WithExpirationIn set's the Token's optional "expiration" field to
// Now() plus the given duration.
func WithExpirationIn(after time.Duration) Option {
return WithExpiration(time.Now().Add(after))
}
// WithIssuedAt sets the Token's IssuedAt field to the provided
// time.Time.
//
// If this Option is not provided, the invocation Token's iat field will
// be set to the value of time.Now(). If you want to create an invocation
// Token without this field being set, use the WithoutIssuedAt Option.
func WithIssuedAt(iat time.Time) Option {
return func(t *Token) error {
t.issuedAt = &iat
return nil
}
}
// WithIssuedAtIn sets the Token's IssuedAt field to Now() plus the
// given duration.
func WithIssuedAtIn(after time.Duration) Option {
return WithIssuedAt(time.Now().Add(after))
}
// WithoutIssuedAt clears the Token's IssuedAt field.
func WithoutIssuedAt() Option {
return func(t *Token) error {
t.issuedAt = nil
return nil
}
}

73
token/attestation/schema.go
View File

@@ -1,73 +0,0 @@
package attestation
import (
_ "embed"
"fmt"
"sync"
"github.com/ipld/go-ipld-prime"
"github.com/ipld/go-ipld-prime/node/bindnode"
"github.com/ipld/go-ipld-prime/schema"
"github.com/ucan-wg/go-ucan/pkg/claims"
"github.com/ucan-wg/go-ucan/pkg/meta"
"github.com/ucan-wg/go-ucan/token/internal/envelope"
)
// [Tag] is the string used as a key within the SigPayload that identifies
// that the TokenPayload is an attestation.
//
// [Tag]: TODO: TBD
const Tag = "ucan/att@tbd" // TODO: TBD
//go:embed attestation.ipldsch
var schemaBytes []byte
var (
once sync.Once
ts *schema.TypeSystem
errSchema error
)
func mustLoadSchema() *schema.TypeSystem {
once.Do(func() {
ts, errSchema = ipld.LoadSchemaBytes(schemaBytes)
})
if errSchema != nil {
panic(fmt.Errorf("failed to load IPLD schema: %s", errSchema))
}
return ts
}
func payloadType() schema.Type {
return mustLoadSchema().TypeByName("Payload")
}
var _ envelope.Tokener = (*tokenPayloadModel)(nil)
type tokenPayloadModel struct {
// The DID of the Invoker
Iss string
// Arbitrary claims
Claims *claims.Claims
// Arbitrary Metadata
Meta *meta.Meta
// A unique, random nonce
Nonce []byte
// The timestamp at which the Invocation becomes invalid
// optional: can be nil
Exp *int64
// The timestamp at which the Invocation was created
Iat *int64
}
func (e *tokenPayloadModel) Prototype() schema.TypedPrototype {
return bindnode.Prototype((*tokenPayloadModel)(nil), payloadType())
}
func (*tokenPayloadModel) Tag() string {
return Tag
}

89
token/attestation/schema_test.go
View File

@@ -1,89 +0,0 @@
package attestation_test
import (
"bytes"
_ "embed"
"encoding/base64"
"testing"
"github.com/MetaMask/go-did-it/crypto"
"github.com/MetaMask/go-did-it/crypto/ed25519"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/token/attestation"
"github.com/ucan-wg/go-ucan/token/internal/envelope"
)
//go:embed testdata/new.dagjson
var newDagJson []byte
const (
issuerPrivKeyCfg = "8bX3+HJxxlIGgNZ8yFG+t48oMGygEGyWD5Cy8ugeCIRksEIVyCabkuLVXbMZYj1lpXgL22Fok8nv52clGfEMXA=="
newCID = "zdpuAyWCG3GWfebFME3e4oG926tzpJodw4WTa9VjBwqPNiVWF"
)
func TestSchemaRoundTrip(t *testing.T) {
t.Parallel()
privKey := privKey(t, issuerPrivKeyCfg)
t.Run("via buffers", func(t *testing.T) {
t.Parallel()
// format: dagJson --> PayloadModel --> dagCbor --> PayloadModel --> dagJson
// function: DecodeDagJson() Seal() Unseal() EncodeDagJson()
p1, err := attestation.FromDagJson(newDagJson)
require.NoError(t, err)
cborBytes, id, err := p1.ToSealed(privKey)
require.NoError(t, err)
assert.Equal(t, newCID, envelope.CIDToBase58BTC(id))
p2, c2, err := attestation.FromSealed(cborBytes)
require.NoError(t, err)
assert.Equal(t, id, c2)
readJson, err := p2.ToDagJson(privKey)
require.NoError(t, err)
assert.JSONEq(t, string(newDagJson), string(readJson))
})
t.Run("via streaming", func(t *testing.T) {
t.Parallel()
buf := bytes.NewBuffer(newDagJson)
// format: dagJson --> PayloadModel --> dagCbor --> PayloadModel --> dagJson
// function: DecodeDagJson() Seal() Unseal() EncodeDagJson()
p1, err := attestation.FromDagJsonReader(buf)
require.NoError(t, err)
cborBytes := &bytes.Buffer{}
id, err := p1.ToSealedWriter(cborBytes, privKey)
require.NoError(t, err)
assert.Equal(t, newCID, envelope.CIDToBase58BTC(id))
p2, c2, err := attestation.FromSealedReader(cborBytes)
require.NoError(t, err)
assert.Equal(t, envelope.CIDToBase58BTC(id), envelope.CIDToBase58BTC(c2))
readJson := &bytes.Buffer{}
require.NoError(t, p2.ToDagJsonWriter(readJson, privKey))
assert.JSONEq(t, string(newDagJson), readJson.String())
})
}
func privKey(t require.TestingT, privKeyCfg string) crypto.PrivateKeySigningBytes {
privBytes, err := base64.StdEncoding.DecodeString(privKeyCfg)
require.NoError(t, err)
privKey, err := ed25519.PrivateKeyFromBytes(privBytes)
require.NoError(t, err)
return privKey
}

1
token/attestation/testdata/new.dagjson vendored
View File

@@ -1 +0,0 @@
[{"/":{"bytes":"9lfCwLn+HqFGPNMbD9mIuMjhZarhZk1mOSq2eGLIBfRM6B5dtIftDh25TOG3qJrWRvZtvupd0az/PiVv/8zMCg"}},{"h":{"/":{"bytes":"NAHtAe0BE3E"}},"ucan/att@tbd":{"claims":{"claim1":"UCAN is great"},"exp":1767790946,"iss":"did:key:z6MkmEJhVC9xHMREKTw1HpPrwVh6fcUbJ8hoVEa3UQdP9sNs","meta":{"env":"development"},"nonce":{"/":{"bytes":"jPnfQhL20Eoq/8fu"}}}}]

12
token/delegation/delegation.go
View File

@@ -16,13 +16,13 @@ import (
"strings" "strings"
"time" "time"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/meta" "code.sonr.org/go/ucan/pkg/meta"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/token/internal/nonce" "code.sonr.org/go/ucan/token/internal/nonce"
"github.com/ucan-wg/go-ucan/token/internal/parse" "code.sonr.org/go/ucan/token/internal/parse"
) )
// Token is an immutable type that holds the fields of a UCAN delegation. // Token is an immutable type that holds the fields of a UCAN delegation.

8
token/delegation/delegation_test.go
View File

@@ -6,12 +6,12 @@ import (
"testing" "testing"
"time" "time"
"github.com/MetaMask/go-did-it/didtest" "code.sonr.org/go/did-it/didtest"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
) )
//go:embed testdata/new.dagjson //go:embed testdata/new.dagjson

20
token/delegation/delegationtest/generator/generator.go
View File

@@ -9,17 +9,17 @@ import (
"slices" "slices"
"time" "time"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
didkeyctl "github.com/MetaMask/go-did-it/controller/did-key" didkeyctl "code.sonr.org/go/did-it/controller/did-key"
"github.com/MetaMask/go-did-it/crypto" "code.sonr.org/go/did-it/crypto"
"github.com/MetaMask/go-did-it/didtest" "code.sonr.org/go/did-it/didtest"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/pkg/policy/policytest" "code.sonr.org/go/ucan/pkg/policy/policytest"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/token/delegation/delegationtest" "code.sonr.org/go/ucan/token/delegation/delegationtest"
) )
const ( const (
@@ -215,7 +215,7 @@ func (g *generator) writeGoFile() error {
Println("import (") Println("import (")
Println("\t\"github.com/ipfs/go-cid\"") Println("\t\"github.com/ipfs/go-cid\"")
Println() Println()
Println("\t\"github.com/ucan-wg/go-ucan/token/delegation\"") Println("\t\"code.sonr.org/go/ucan/token/delegation\"")
Println(")") Println(")")
refs := make(map[cid.Cid]string, len(g.dlgs)) refs := make(map[cid.Cid]string, len(g.dlgs))

2
token/delegation/delegationtest/generator/main.go
View File

@@ -1,7 +1,7 @@
package main package main
import ( import (
"github.com/MetaMask/go-did-it/didtest" "code.sonr.org/go/did-it/didtest"
) )
func main() { func main() {

6
token/delegation/delegationtest/token.go
View File

@@ -5,11 +5,11 @@ import (
"path/filepath" "path/filepath"
"sync" "sync"
_ "github.com/MetaMask/go-did-it/verifiers/did-key" _ "code.sonr.org/go/did-it/verifiers/did-key"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
) )
var ( var (

2
token/delegation/delegationtest/token_gen.go
View File

@@ -5,7 +5,7 @@ package delegationtest
import ( import (
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
) )
var ( var (

4
token/delegation/delegationtest/token_test.go
View File

@@ -7,8 +7,8 @@ import (
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/token/delegation/delegationtest" "code.sonr.org/go/ucan/token/delegation/delegationtest"
) )
func TestGetDelegation(t *testing.T) { func TestGetDelegation(t *testing.T) {

12
token/delegation/examples_test.go
View File

@@ -8,17 +8,17 @@ import (
"fmt" "fmt"
"time" "time"
"github.com/MetaMask/go-did-it/didtest" "code.sonr.org/go/did-it/didtest"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime"
"github.com/ipld/go-ipld-prime/codec/dagcbor" "github.com/ipld/go-ipld-prime/codec/dagcbor"
"github.com/ipld/go-ipld-prime/codec/dagjson" "github.com/ipld/go-ipld-prime/codec/dagjson"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/pkg/policy/literal" "code.sonr.org/go/ucan/pkg/policy/literal"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/token/internal/envelope" "code.sonr.org/go/ucan/token/internal/envelope"
) )
// The following example shows how to create a delegation.Token with // The following example shows how to create a delegation.Token with

4
token/delegation/interop_test.go
View File

@@ -7,8 +7,8 @@ import (
"fmt" "fmt"
"testing" "testing"
"github.com/MetaMask/go-did-it/crypto" "code.sonr.org/go/did-it/crypto"
"github.com/MetaMask/go-did-it/crypto/ed25519" "code.sonr.org/go/did-it/crypto/ed25519"
"github.com/multiformats/go-varint" "github.com/multiformats/go-varint"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
) )

6
token/delegation/ipld.go
View File

@@ -3,8 +3,8 @@ package delegation
import ( import (
"io" "io"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/MetaMask/go-did-it/crypto" "code.sonr.org/go/did-it/crypto"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime"
"github.com/ipld/go-ipld-prime/codec" "github.com/ipld/go-ipld-prime/codec"
@@ -12,7 +12,7 @@ import (
"github.com/ipld/go-ipld-prime/codec/dagjson" "github.com/ipld/go-ipld-prime/codec/dagjson"
"github.com/ipld/go-ipld-prime/datamodel" "github.com/ipld/go-ipld-prime/datamodel"
"github.com/ucan-wg/go-ucan/token/internal/envelope" "code.sonr.org/go/ucan/token/internal/envelope"
) )
// ToSealed wraps the delegation token in an envelope, generates the // ToSealed wraps the delegation token in an envelope, generates the

17
token/delegation/options.go
View File

@@ -42,23 +42,6 @@ func WithMeta(key string, val any) Option {
} }
} }
// WithMetaMap adds all key/value pairs in the provided map to the
// Token's "meta" field.
//
// WithMetaMap can be used multiple times in the same call.
// Accepted types for the value are: bool, string, int, int32, int64, []byte,
// and ipld.Node.
func WithMetaMap(m map[string]any) Option {
return func(t *Token) error {
for k, v := range m {
if err := t.meta.Add(k, v); err != nil {
return err
}
}
return nil
}
}
// WithEncryptedMetaString adds a key/value pair in the "meta" field. // WithEncryptedMetaString adds a key/value pair in the "meta" field.
// The string value is encrypted with the given key. // The string value is encrypted with the given key.
// The ciphertext will be 40 bytes larger than the plaintext due to encryption overhead. // The ciphertext will be 40 bytes larger than the plaintext due to encryption overhead.

4
token/delegation/schema.go
View File

@@ -10,8 +10,8 @@ import (
"github.com/ipld/go-ipld-prime/node/bindnode" "github.com/ipld/go-ipld-prime/node/bindnode"
"github.com/ipld/go-ipld-prime/schema" "github.com/ipld/go-ipld-prime/schema"
"github.com/ucan-wg/go-ucan/pkg/meta" "code.sonr.org/go/ucan/pkg/meta"
"github.com/ucan-wg/go-ucan/token/internal/envelope" "code.sonr.org/go/ucan/token/internal/envelope"
) )
// Tag is the string used as a key within the SigPayload that identifies // Tag is the string used as a key within the SigPayload that identifies

6
token/delegation/schema_test.go
View File

@@ -5,13 +5,13 @@ import (
_ "embed" _ "embed"
"testing" "testing"
"github.com/MetaMask/go-did-it/didtest" "code.sonr.org/go/did-it/didtest"
"github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/token/internal/envelope" "code.sonr.org/go/ucan/token/internal/envelope"
) )
//go:embed delegation.ipldsch //go:embed delegation.ipldsch

2
token/inspect.go
View File

@@ -3,7 +3,7 @@ package token
import ( import (
"github.com/ipld/go-ipld-prime/datamodel" "github.com/ipld/go-ipld-prime/datamodel"
"github.com/ucan-wg/go-ucan/token/internal/envelope" "code.sonr.org/go/ucan/token/internal/envelope"
) )
type Info = envelope.Info type Info = envelope.Info

2
token/interface.go
View File

@@ -4,7 +4,7 @@ import (
"io" "io"
"time" "time"
"github.com/MetaMask/go-did-it/crypto" "code.sonr.org/go/did-it/crypto"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ipld/go-ipld-prime/codec" "github.com/ipld/go-ipld-prime/codec"
) )

2
token/internal/envelope/cid_test.go
View File

@@ -10,7 +10,7 @@ import (
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/token/internal/envelope" "code.sonr.org/go/ucan/token/internal/envelope"
) )
func TestCidFromBytes(t *testing.T) { func TestCidFromBytes(t *testing.T) {

6
token/internal/envelope/example_test.go
View File

@@ -7,8 +7,8 @@ import (
"sync" "sync"
"testing" "testing"
"github.com/MetaMask/go-did-it/crypto" "code.sonr.org/go/did-it/crypto"
"github.com/MetaMask/go-did-it/crypto/ed25519" "code.sonr.org/go/did-it/crypto/ed25519"
"github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime"
"github.com/ipld/go-ipld-prime/codec/dagcbor" "github.com/ipld/go-ipld-prime/codec/dagcbor"
"github.com/ipld/go-ipld-prime/datamodel" "github.com/ipld/go-ipld-prime/datamodel"
@@ -18,7 +18,7 @@ import (
"github.com/ipld/go-ipld-prime/schema" "github.com/ipld/go-ipld-prime/schema"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/token/internal/envelope" "code.sonr.org/go/ucan/token/internal/envelope"
) )
const ( const (

4
token/internal/envelope/ipld.go
View File

@@ -42,8 +42,8 @@ import (
"github.com/ipld/go-ipld-prime/schema" "github.com/ipld/go-ipld-prime/schema"
"github.com/ucan-wg/go-varsig" "github.com/ucan-wg/go-varsig"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/MetaMask/go-did-it/crypto" "code.sonr.org/go/did-it/crypto"
) )
const ( const (

4
token/internal/envelope/ipld_test.go
View File

@@ -8,13 +8,13 @@ import (
"os" "os"
"testing" "testing"
_ "github.com/MetaMask/go-did-it/verifiers/did-key" _ "code.sonr.org/go/did-it/verifiers/did-key"
"github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime"
"github.com/ipld/go-ipld-prime/codec/dagcbor" "github.com/ipld/go-ipld-prime/codec/dagcbor"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/token/internal/envelope" "code.sonr.org/go/ucan/token/internal/envelope"
) )
func TestDecode(t *testing.T) { func TestDecode(t *testing.T) {

4
token/internal/parse/parse.go
View File

@@ -4,9 +4,9 @@ import (
"fmt" "fmt"
"time" "time"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/ucan-wg/go-ucan/pkg/policy/limits" "code.sonr.org/go/ucan/pkg/policy/limits"
) )
func OptionalDID(s *string) (did.DID, error) { func OptionalDID(s *string) (did.DID, error) {

2
token/internal/parse/parse_test.go
View File

@@ -5,7 +5,7 @@ import (
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/policy/limits" "code.sonr.org/go/ucan/pkg/policy/limits"
) )
func TestOptionalTimestamp(t *testing.T) { func TestOptionalTimestamp(t *testing.T) {

10
token/invocation/examples_test.go
View File

@@ -7,17 +7,17 @@ import (
"fmt" "fmt"
"time" "time"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
didkeyctl "github.com/MetaMask/go-did-it/controller/did-key" didkeyctl "code.sonr.org/go/did-it/controller/did-key"
"github.com/MetaMask/go-did-it/crypto/ed25519" "code.sonr.org/go/did-it/crypto/ed25519"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime"
"github.com/ipld/go-ipld-prime/codec/dagcbor" "github.com/ipld/go-ipld-prime/codec/dagcbor"
"github.com/ipld/go-ipld-prime/codec/dagjson" "github.com/ipld/go-ipld-prime/codec/dagjson"
"github.com/ipld/go-ipld-prime/node/basicnode" "github.com/ipld/go-ipld-prime/node/basicnode"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/token/invocation" "code.sonr.org/go/ucan/token/invocation"
) )
func ExampleNew() { func ExampleNew() {

14
token/invocation/invocation.go
View File

@@ -14,15 +14,15 @@ import (
"strings" "strings"
"time" "time"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ucan-wg/go-ucan/pkg/args" "code.sonr.org/go/ucan/pkg/args"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/meta" "code.sonr.org/go/ucan/pkg/meta"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/token/internal/nonce" "code.sonr.org/go/ucan/token/internal/nonce"
"github.com/ucan-wg/go-ucan/token/internal/parse" "code.sonr.org/go/ucan/token/internal/parse"
) )
// Token is an immutable type that holds the fields of a UCAN invocation. // Token is an immutable type that holds the fields of a UCAN invocation.

12
token/invocation/invocation_test.go
View File

@@ -4,15 +4,15 @@ import (
_ "embed" _ "embed"
"testing" "testing"
"github.com/MetaMask/go-did-it/didtest" "code.sonr.org/go/did-it/didtest"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/args" "code.sonr.org/go/ucan/pkg/args"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/policy/policytest" "code.sonr.org/go/ucan/pkg/policy/policytest"
"github.com/ucan-wg/go-ucan/token/delegation/delegationtest" "code.sonr.org/go/ucan/token/delegation/delegationtest"
"github.com/ucan-wg/go-ucan/token/invocation" "code.sonr.org/go/ucan/token/invocation"
) )
//go:embed testdata/new.dagjson //go:embed testdata/new.dagjson

6
token/invocation/ipld.go
View File

@@ -3,8 +3,8 @@ package invocation
import ( import (
"io" "io"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/MetaMask/go-did-it/crypto" "code.sonr.org/go/did-it/crypto"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime"
"github.com/ipld/go-ipld-prime/codec" "github.com/ipld/go-ipld-prime/codec"
@@ -12,7 +12,7 @@ import (
"github.com/ipld/go-ipld-prime/codec/dagjson" "github.com/ipld/go-ipld-prime/codec/dagjson"
"github.com/ipld/go-ipld-prime/datamodel" "github.com/ipld/go-ipld-prime/datamodel"
"github.com/ucan-wg/go-ucan/token/internal/envelope" "code.sonr.org/go/ucan/token/internal/envelope"
) )
// ToSealed wraps the invocation token in an envelope, generates the // ToSealed wraps the invocation token in an envelope, generates the

2
token/invocation/ipld_test.go
View File

@@ -7,7 +7,7 @@ import (
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/token/invocation" "code.sonr.org/go/ucan/token/invocation"
) )
func TestSealUnsealRoundtrip(t *testing.T) { func TestSealUnsealRoundtrip(t *testing.T) {

22
token/invocation/options.go
View File

@@ -3,10 +3,10 @@ package invocation
import ( import (
"time" "time"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ucan-wg/go-ucan/pkg/args" "code.sonr.org/go/ucan/pkg/args"
) )
// Option is a type that allows optional fields to be set during the // Option is a type that allows optional fields to be set during the
@@ -31,6 +31,7 @@ func WithArgument(key string, val any) Option {
func WithArguments(args *args.Args) Option { func WithArguments(args *args.Args) Option {
return func(t *Token) error { return func(t *Token) error {
t.arguments.Include(args) t.arguments.Include(args)
return nil return nil
} }
} }
@@ -64,23 +65,6 @@ func WithMeta(key string, val any) Option {
} }
} }
// WithMetaMap adds all key/value pairs in the provided map to the
// Token's "meta" field.
//
// WithMetaMap can be used multiple times in the same call.
// Accepted types for the value are: bool, string, int, int32, int64, []byte,
// and ipld.Node.
func WithMetaMap(m map[string]any) Option {
return func(t *Token) error {
for k, v := range m {
if err := t.meta.Add(k, v); err != nil {
return err
}
}
return nil
}
}
// WithEncryptedMetaString adds a key/value pair in the "meta" field. // WithEncryptedMetaString adds a key/value pair in the "meta" field.
// The string value is encrypted with the given aesKey. // The string value is encrypted with the given aesKey.
func WithEncryptedMetaString(key, val string, encryptionKey []byte) Option { func WithEncryptedMetaString(key, val string, encryptionKey []byte) Option {

6
token/invocation/proof.go
View File

@@ -4,9 +4,9 @@ import (
"fmt" "fmt"
"time" "time"
"github.com/ucan-wg/go-ucan/pkg/args" "code.sonr.org/go/ucan/pkg/args"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
) )
// # Invocation token validation // # Invocation token validation

6
token/invocation/schema.go
View File

@@ -10,9 +10,9 @@ import (
"github.com/ipld/go-ipld-prime/node/bindnode" "github.com/ipld/go-ipld-prime/node/bindnode"
"github.com/ipld/go-ipld-prime/schema" "github.com/ipld/go-ipld-prime/schema"
"github.com/ucan-wg/go-ucan/pkg/args" "code.sonr.org/go/ucan/pkg/args"
"github.com/ucan-wg/go-ucan/pkg/meta" "code.sonr.org/go/ucan/pkg/meta"
"github.com/ucan-wg/go-ucan/token/internal/envelope" "code.sonr.org/go/ucan/token/internal/envelope"
) )
// [Tag] is the string used as a key within the SigPayload that identifies // [Tag] is the string used as a key within the SigPayload that identifies

8
token/invocation/schema_test.go
View File

@@ -5,13 +5,13 @@ import (
"encoding/base64" "encoding/base64"
"testing" "testing"
"github.com/MetaMask/go-did-it/crypto" "code.sonr.org/go/did-it/crypto"
"github.com/MetaMask/go-did-it/crypto/ed25519" "code.sonr.org/go/did-it/crypto/ed25519"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/token/internal/envelope" "code.sonr.org/go/ucan/token/internal/envelope"
"github.com/ucan-wg/go-ucan/token/invocation" "code.sonr.org/go/ucan/token/invocation"
) )
const ( const (

8
token/read.go
View File

@@ -4,7 +4,7 @@ import (
"fmt" "fmt"
"io" "io"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime"
"github.com/ipld/go-ipld-prime/codec" "github.com/ipld/go-ipld-prime/codec"
@@ -12,9 +12,9 @@ import (
"github.com/ipld/go-ipld-prime/codec/dagjson" "github.com/ipld/go-ipld-prime/codec/dagjson"
"github.com/ipld/go-ipld-prime/datamodel" "github.com/ipld/go-ipld-prime/datamodel"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/token/internal/envelope" "code.sonr.org/go/ucan/token/internal/envelope"
"github.com/ucan-wg/go-ucan/token/invocation" "code.sonr.org/go/ucan/token/invocation"
) )
// FromSealed decodes an arbitrary token type from the binary data, // FromSealed decodes an arbitrary token type from the binary data,

6
toolkit/_example/_protocol-issuer/request-resolver.go
View File

@@ -4,10 +4,10 @@ import (
"encoding/json" "encoding/json"
"net/http" "net/http"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/toolkit/issuer" "code.sonr.org/go/ucan/toolkit/issuer"
) )
func RequestResolver(r *http.Request) (*issuer.ResolvedRequest, error) { func RequestResolver(r *http.Request) (*issuer.ResolvedRequest, error) {

10
toolkit/_example/_protocol-issuer/requester.go
View File

@@ -8,13 +8,13 @@ import (
"log" "log"
"net/http" "net/http"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/toolkit/client" "code.sonr.org/go/ucan/toolkit/client"
"github.com/ucan-wg/go-ucan/toolkit/issuer" "code.sonr.org/go/ucan/toolkit/issuer"
) )
var _ client.DelegationRequester = &Requester{} var _ client.DelegationRequester = &Requester{}

24
toolkit/_example/alice-client-issuer/alice.go
View File

@@ -13,20 +13,20 @@ import (
"syscall" "syscall"
"time" "time"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/MetaMask/go-did-it/crypto" "code.sonr.org/go/did-it/crypto"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/container" "code.sonr.org/go/ucan/pkg/container"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/pkg/policy/literal" "code.sonr.org/go/ucan/pkg/policy/literal"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
example "github.com/ucan-wg/go-ucan/toolkit/_example" example "code.sonr.org/go/ucan/toolkit/_example"
protocol "github.com/ucan-wg/go-ucan/toolkit/_example/_protocol-issuer" protocol "code.sonr.org/go/ucan/toolkit/_example/_protocol-issuer"
"github.com/ucan-wg/go-ucan/toolkit/client" "code.sonr.org/go/ucan/toolkit/client"
"github.com/ucan-wg/go-ucan/toolkit/issuer" "code.sonr.org/go/ucan/toolkit/issuer"
"github.com/ucan-wg/go-ucan/toolkit/server/bearer" "code.sonr.org/go/ucan/toolkit/server/bearer"
) )
func main() { func main() {

18
toolkit/_example/bob-client/bob.go
View File

@@ -12,17 +12,17 @@ import (
"syscall" "syscall"
"time" "time"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
didkeyctl "github.com/MetaMask/go-did-it/controller/did-key" didkeyctl "code.sonr.org/go/did-it/controller/did-key"
"github.com/MetaMask/go-did-it/crypto/ed25519" "code.sonr.org/go/did-it/crypto/ed25519"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/container" "code.sonr.org/go/ucan/pkg/container"
example "github.com/ucan-wg/go-ucan/toolkit/_example" example "code.sonr.org/go/ucan/toolkit/_example"
protocol "github.com/ucan-wg/go-ucan/toolkit/_example/_protocol-issuer" protocol "code.sonr.org/go/ucan/toolkit/_example/_protocol-issuer"
"github.com/ucan-wg/go-ucan/toolkit/client" "code.sonr.org/go/ucan/toolkit/client"
"github.com/ucan-wg/go-ucan/toolkit/server/bearer" "code.sonr.org/go/ucan/toolkit/server/bearer"
) )
func main() { func main() {

18
toolkit/_example/service-issuer/issuer.go
View File

@@ -11,17 +11,17 @@ import (
"syscall" "syscall"
"time" "time"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/MetaMask/go-did-it/crypto" "code.sonr.org/go/did-it/crypto"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/pkg/policy/literal" "code.sonr.org/go/ucan/pkg/policy/literal"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
example "github.com/ucan-wg/go-ucan/toolkit/_example" example "code.sonr.org/go/ucan/toolkit/_example"
protocol "github.com/ucan-wg/go-ucan/toolkit/_example/_protocol-issuer" protocol "code.sonr.org/go/ucan/toolkit/_example/_protocol-issuer"
"github.com/ucan-wg/go-ucan/toolkit/issuer" "code.sonr.org/go/ucan/toolkit/issuer"
) )
func main() { func main() {

6
toolkit/_example/service/service.go
View File

@@ -9,10 +9,10 @@ import (
"os/signal" "os/signal"
"syscall" "syscall"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
example "github.com/ucan-wg/go-ucan/toolkit/_example" example "code.sonr.org/go/ucan/toolkit/_example"
"github.com/ucan-wg/go-ucan/toolkit/server/exectx" "code.sonr.org/go/ucan/toolkit/server/exectx"
) )
func main() { func main() {

8
toolkit/_example/shared_values.go
View File

@@ -3,10 +3,10 @@ package example
import ( import (
"encoding/base64" "encoding/base64"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
didkeyctl "github.com/MetaMask/go-did-it/controller/did-key" didkeyctl "code.sonr.org/go/did-it/controller/did-key"
"github.com/MetaMask/go-did-it/crypto" "code.sonr.org/go/did-it/crypto"
"github.com/MetaMask/go-did-it/crypto/ed25519" "code.sonr.org/go/did-it/crypto/ed25519"
) )
// Endpoints // Endpoints

14
toolkit/client/client.go
View File

@@ -5,15 +5,15 @@ import (
"fmt" "fmt"
"iter" "iter"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/MetaMask/go-did-it/crypto" "code.sonr.org/go/did-it/crypto"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/container" "code.sonr.org/go/ucan/pkg/container"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/token/invocation" "code.sonr.org/go/ucan/token/invocation"
) )
type Client struct { type Client struct {

12
toolkit/client/client_test.go
View File

@@ -6,13 +6,13 @@ import (
"iter" "iter"
"time" "time"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/MetaMask/go-did-it/didtest" "code.sonr.org/go/did-it/didtest"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/token/invocation" "code.sonr.org/go/ucan/token/invocation"
) )
func ExampleNewClient() { func ExampleNewClient() {

8
toolkit/client/clientissuer.go
View File

@@ -5,12 +5,12 @@ import (
"fmt" "fmt"
"iter" "iter"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/MetaMask/go-did-it/crypto" "code.sonr.org/go/did-it/crypto"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
) )
// DlgIssuingLogic is a function that decides what powers are given to a client. // DlgIssuingLogic is a function that decides what powers are given to a client.

6
toolkit/client/pool.go
View File

@@ -6,11 +6,11 @@ import (
"sync" "sync"
"time" "time"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
) )
type Pool struct { type Pool struct {

6
toolkit/client/proof.go
View File

@@ -4,11 +4,11 @@ import (
"iter" "iter"
"math" "math"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
) )
// FindProof find in the pool the best (shortest, smallest in bytes) chain of delegation(s) matching the given invocation parameters. // FindProof find in the pool the best (shortest, smallest in bytes) chain of delegation(s) matching the given invocation parameters.

8
toolkit/client/proof_test.go
View File

@@ -4,12 +4,12 @@ import (
"iter" "iter"
"testing" "testing"
"github.com/MetaMask/go-did-it/didtest" "code.sonr.org/go/did-it/didtest"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/token/delegation/delegationtest" "code.sonr.org/go/ucan/token/delegation/delegationtest"
) )
func TestFindProof(t *testing.T) { func TestFindProof(t *testing.T) {

6
toolkit/client/requester.go
View File

@@ -5,11 +5,11 @@ import (
"iter" "iter"
"time" "time"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/avast/retry-go/v4" "github.com/avast/retry-go/v4"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
) )
type DelegationRequester interface { type DelegationRequester interface {

10
toolkit/issuer/http_wrapper.go
View File

@@ -6,12 +6,12 @@ import (
"iter" "iter"
"net/http" "net/http"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/container" "code.sonr.org/go/ucan/pkg/container"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/toolkit/client" "code.sonr.org/go/ucan/toolkit/client"
) )
type RequestResolver func(r *http.Request) (*ResolvedRequest, error) type RequestResolver func(r *http.Request) (*ResolvedRequest, error)

12
toolkit/issuer/root_issuer.go
View File

@@ -5,13 +5,13 @@ import (
"fmt" "fmt"
"iter" "iter"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
didkeyctl "github.com/MetaMask/go-did-it/controller/did-key" didkeyctl "code.sonr.org/go/did-it/controller/did-key"
"github.com/MetaMask/go-did-it/crypto" "code.sonr.org/go/did-it/crypto"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/toolkit/client" "code.sonr.org/go/ucan/toolkit/client"
) )
// RootIssuingLogic is a function that decides what powers are given to a client. // RootIssuingLogic is a function that decides what powers are given to a client.

2
toolkit/server/bearer/bearer.go
View File

@@ -5,7 +5,7 @@ import (
"net/http" "net/http"
"strings" "strings"
"github.com/ucan-wg/go-ucan/pkg/container" "code.sonr.org/go/ucan/pkg/container"
) )
var ErrNoUcan = fmt.Errorf("no ucan") var ErrNoUcan = fmt.Errorf("no ucan")

6
toolkit/server/bearer/bearer_test.go
View File

@@ -4,11 +4,11 @@ import (
"net/http" "net/http"
"testing" "testing"
_ "github.com/MetaMask/go-did-it/verifiers/did-key" _ "code.sonr.org/go/did-it/verifiers/did-key"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/container" "code.sonr.org/go/ucan/pkg/container"
"github.com/ucan-wg/go-ucan/pkg/container/containertest" "code.sonr.org/go/ucan/pkg/container/containertest"
) )
func TestHTTPBearer(t *testing.T) { func TestHTTPBearer(t *testing.T) {

4
toolkit/server/exectx/middlewares.go
View File

@@ -4,9 +4,9 @@ import (
"errors" "errors"
"net/http" "net/http"
"github.com/MetaMask/go-did-it" "code.sonr.org/go/did-it"
"github.com/ucan-wg/go-ucan/toolkit/server/bearer" "code.sonr.org/go/ucan/toolkit/server/bearer"
) )
// ExtractMW returns an HTTP middleware tasked with: // ExtractMW returns an HTTP middleware tasked with:

8
toolkit/server/exectx/middlewares_test.go
View File

@@ -6,13 +6,13 @@ import (
"net/http/httptest" "net/http/httptest"
"testing" "testing"
"github.com/MetaMask/go-did-it/didtest" "code.sonr.org/go/did-it/didtest"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/container" "code.sonr.org/go/ucan/pkg/container"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/token/invocation" "code.sonr.org/go/ucan/token/invocation"
) )
func TestExtractMW(t *testing.T) { func TestExtractMW(t *testing.T) {

16
toolkit/server/exectx/ucanctx.go
View File

@@ -9,14 +9,14 @@ import (
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ipld/go-ipld-prime/datamodel" "github.com/ipld/go-ipld-prime/datamodel"
"github.com/ucan-wg/go-ucan/pkg/args" "code.sonr.org/go/ucan/pkg/args"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/container" "code.sonr.org/go/ucan/pkg/container"
"github.com/ucan-wg/go-ucan/pkg/meta" "code.sonr.org/go/ucan/pkg/meta"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/token/invocation" "code.sonr.org/go/ucan/token/invocation"
"github.com/ucan-wg/go-ucan/toolkit/server/extargs" "code.sonr.org/go/ucan/toolkit/server/extargs"
) )
var _ delegation.Loader = &UcanCtx{} var _ delegation.Loader = &UcanCtx{}

16
toolkit/server/exectx/ucanctx_test.go
View File

@@ -8,19 +8,19 @@ import (
"testing" "testing"
"time" "time"
"github.com/MetaMask/go-did-it/didtest" "code.sonr.org/go/did-it/didtest"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
"github.com/ipld/go-ipld-prime/datamodel" "github.com/ipld/go-ipld-prime/datamodel"
"github.com/ipld/go-ipld-prime/fluent/qp" "github.com/ipld/go-ipld-prime/fluent/qp"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/container" "code.sonr.org/go/ucan/pkg/container"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/pkg/policy/literal" "code.sonr.org/go/ucan/pkg/policy/literal"
"github.com/ucan-wg/go-ucan/token/delegation" "code.sonr.org/go/ucan/token/delegation"
"github.com/ucan-wg/go-ucan/token/invocation" "code.sonr.org/go/ucan/token/invocation"
"github.com/ucan-wg/go-ucan/toolkit/server/exectx" "code.sonr.org/go/ucan/toolkit/server/exectx"
) )
const ( const (

4
toolkit/server/extargs/custom.go
View File

@@ -9,8 +9,8 @@ import (
"github.com/ipld/go-ipld-prime/fluent/qp" "github.com/ipld/go-ipld-prime/fluent/qp"
"github.com/ipld/go-ipld-prime/node/basicnode" "github.com/ipld/go-ipld-prime/node/basicnode"
"github.com/ucan-wg/go-ucan/pkg/args" "code.sonr.org/go/ucan/pkg/args"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
) )
type CustomExtArgs struct { type CustomExtArgs struct {

4
toolkit/server/extargs/custom_test.go
View File

@@ -8,8 +8,8 @@ import (
"github.com/ipld/go-ipld-prime/fluent/qp" "github.com/ipld/go-ipld-prime/fluent/qp"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/pkg/policy/literal" "code.sonr.org/go/ucan/pkg/policy/literal"
) )
func ExampleCustomExtArgs() { func ExampleCustomExtArgs() {

6
toolkit/server/extargs/http.go
View File

@@ -14,9 +14,9 @@ import (
"github.com/ipld/go-ipld-prime/node/basicnode" "github.com/ipld/go-ipld-prime/node/basicnode"
"github.com/multiformats/go-multihash" "github.com/multiformats/go-multihash"
"github.com/ucan-wg/go-ucan/pkg/args" "code.sonr.org/go/ucan/pkg/args"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/token/invocation" "code.sonr.org/go/ucan/token/invocation"
) )
// HttpArgsKey is the key in the args, used for: // HttpArgsKey is the key in the args, used for:

12
toolkit/server/extargs/http_test.go
View File

@@ -5,15 +5,15 @@ import (
"net/http/httptest" "net/http/httptest"
"testing" "testing"
"github.com/MetaMask/go-did-it/didtest" "code.sonr.org/go/did-it/didtest"
"github.com/multiformats/go-multihash" "github.com/multiformats/go-multihash"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/ucan-wg/go-ucan/pkg/args" "code.sonr.org/go/ucan/pkg/args"
"github.com/ucan-wg/go-ucan/pkg/command" "code.sonr.org/go/ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/policy" "code.sonr.org/go/ucan/pkg/policy"
"github.com/ucan-wg/go-ucan/pkg/policy/literal" "code.sonr.org/go/ucan/pkg/policy/literal"
"github.com/ucan-wg/go-ucan/token/invocation" "code.sonr.org/go/ucan/token/invocation"
) )
func TestHttp(t *testing.T) { func TestHttp(t *testing.T) {