Skip to content

kiranandcode/http_sig_ocaml

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Http_sig - Http Signature Signing Scheme for OCaml

This library implements the Http_sig RFC (or a subset therein).

Examples

  • For validating incoming requests:
let resolve_public_key url =
  let+ (_, body) = activity_req (Uri.of_string url) in
  let+ pub_key = Cohttp_lwt.Body.to_string body in
  let pub_key =
    pub_key
    |> Cstruct.of_string
    |> X509.Public_key.decode_pem
    |> Result.map_err (fun (`Msg err) -> err) in
  Lwt.return pub_key


let handle_post req =
  let+ valid_request =
    Http_sig.verify_request
      ~resolve_public_key req in
  if not valid 
  then Dream.respond ~status:`Bad_Request ""
  else Dream.respond "OK"
  • For sending requests:
let req_post ~headers url body =
  let body = Cohttp_lwt.Body.of_string body in
  try
    Cohttp_lwt_unix.Client.post
      ~headers
      ~body
      url >> Result.return
  with exn ->
    Lwt.return (Result.of_exn exn)

let signed_post ~headers (key_id, priv_key) uri body_str =
  let current_time = Ptime_clock.now () in
  let headers =
    Http_sig.build_signed_headers
      ~current_time ~method_:"POST" ~body_str
      ~headers ~key_id ~priv_key ~uri
    |> Cohttp.Header.of_list in
  req_post ~headers uri body_str

Releases

No releases published

Packages

No packages published

Languages