feat: Add alternative verification API and expand MessageDetails #14
Conversation
- Add `Message` struct with a `Verify` method that can be used in place of `VerifyRequest` + `RequestDetails`, and `VerifyResponse` + `ResponseDetails`. - `MessageDetails` now contains created, expires, nonce, and tag params.
| @@ -81,7 +82,11 @@ func testHTTP(t *testing.T, proto string) { | |||
| if err != nil { | |||
| t.Errorf("could not create verifier") | |||
| } | |||
| sigInput, err := verifyRequestDebug("sig1", *verifier, r) | |||
There was a problem hiding this comment.
Why change the old test instead of creating a new one?
| @@ -1406,15 +1407,19 @@ func TestMultipleSignatures(t *testing.T) { | |||
| SetVerifyCreated(false).SetKeyID("test-key-ecc-p256"), Headers("@method", "@authority", "@path", "content-digest", | |||
| "content-type", "content-length")) | |||
| assert.NoError(t, err, "cannot create verifier1") | |||
| _, err = verifyRequestDebug("sig1", *verifier1, req) | |||
There was a problem hiding this comment.
Please add new tests rather than changing existing ones, since we're not deprecating the existing library's API.
|
Hi @jvatic, thank you for the pull request. This is a reasonably large PR so it might take a bit of iteration. Here are some initial comments:
|
|
Thanks for the review @yaronf!
RE code deletion/test changes: My thinking was that it felt cleaner to for While code coverage remains about the same overall, there are a few error paths not covered when calling |
Thanks for creating & maintaining this library @yaronf!
This PR resolves a need we have at $employer to do some additional verification on the message artifacts (and removes having to build an intermediate
http.Requestobject since we're using this in an rpc context).Messagestruct with aVerifymethod that can be used in place ofVerifyRequest+RequestDetails, andVerifyResponse+ResponseDetails.MessageDetailsnow contains created, expires, nonce, and tag params.I'm happy to iterate on this a bit if there's any changes you'd like to see before accepting.