114 lines
3.2 KiB
Rust
114 lines
3.2 KiB
Rust
//! Authentication module for Circle WebSocket client
|
|
//!
|
|
//! This module provides core cryptographic authentication support for WebSocket connections
|
|
//! using secp256k1 signatures. It includes:
|
|
//!
|
|
//! - **Cryptographic utilities**: Key generation, signing, and verification
|
|
//! - **Nonce management**: Fetching nonces from authentication servers
|
|
//! - **Basic types**: Core authentication data structures
|
|
//!
|
|
//! ## Features
|
|
//!
|
|
//! - **Cross-platform**: Works in both WASM and native environments
|
|
//! - **Ethereum-compatible**: Uses Ethereum-style message signing
|
|
//! - **Secure**: Implements proper nonce-based replay protection
|
|
//!
|
|
//! ## Usage
|
|
//!
|
|
//! ```rust
|
|
//! use circle_client_ws::auth::{generate_private_key, derive_public_key, sign_message};
|
|
//! use tokio::runtime::Runtime;
|
|
//!
|
|
//! # fn main() -> Result<(), Box<dyn std::error::Error>> {
|
|
//! # let rt = Runtime::new()?;
|
|
//! # rt.block_on(async {
|
|
//! // Generate a private key
|
|
//! let private_key = generate_private_key()?;
|
|
//!
|
|
//! // Derive public key from private key
|
|
//! let public_key = derive_public_key(&private_key)?;
|
|
//!
|
|
//! // The nonce would typically be fetched from a server
|
|
//! let nonce = "some_nonce_from_server";
|
|
//!
|
|
//! // Authentication Module
|
|
//!
|
|
//! This module handles the client-side authentication flow, including:
|
|
//! - Fetching a nonce from the server
|
|
//! - Signing the nonce with a private key
|
|
//! - Sending the credentials to the server for verification
|
|
//!
|
|
//! // Sign the nonce
|
|
//! let signature = sign_message(&private_key, nonce)?;
|
|
//! # Ok(())
|
|
//! # })
|
|
//! # }
|
|
//! ```
|
|
|
|
pub mod types;
|
|
pub use types::{AuthCredentials, AuthError, AuthResult, NonceResponse};
|
|
|
|
pub mod crypto_utils;
|
|
pub use crypto_utils::{
|
|
derive_public_key, generate_keypair, generate_private_key, parse_private_key, sign_message,
|
|
validate_private_key, verify_signature,
|
|
};
|
|
|
|
/// Check if the authentication feature is enabled
|
|
///
|
|
/// This function can be used to conditionally enable authentication features
|
|
/// based on compile-time feature flags.
|
|
///
|
|
/// # Returns
|
|
///
|
|
/// `true` if crypto features are available, `false` otherwise
|
|
pub fn is_auth_enabled() -> bool {
|
|
cfg!(feature = "crypto")
|
|
}
|
|
|
|
/// Get version information for the authentication module
|
|
///
|
|
/// # Returns
|
|
///
|
|
/// A string containing version and feature information
|
|
pub fn auth_version_info() -> String {
|
|
let crypto_status = if cfg!(feature = "crypto") {
|
|
"enabled"
|
|
} else {
|
|
"disabled (fallback mode)"
|
|
};
|
|
|
|
let platform = if cfg!(target_arch = "wasm32") {
|
|
"WASM"
|
|
} else {
|
|
"native"
|
|
};
|
|
|
|
format!(
|
|
"circles-client-ws auth module - crypto: {}, platform: {}",
|
|
crypto_status, platform
|
|
)
|
|
}
|
|
|
|
#[cfg(test)]
|
|
mod tests {
|
|
use super::*;
|
|
|
|
#[test]
|
|
fn test_module_exports() {
|
|
// Test utility functions
|
|
assert!(auth_version_info().contains("circles-client-ws auth module"));
|
|
|
|
// Test feature detection
|
|
let _is_enabled = is_auth_enabled();
|
|
}
|
|
|
|
#[test]
|
|
fn test_version_info() {
|
|
let version = auth_version_info();
|
|
assert!(version.contains("circles-client-ws auth module"));
|
|
assert!(version.contains("crypto:"));
|
|
assert!(version.contains("platform:"));
|
|
}
|
|
}
|