diff options
author | Jacob Vosmaer <contact@jacobvosmaer.nl> | 2020-02-20 16:49:19 +0300 |
---|---|---|
committer | Jacob Vosmaer <contact@jacobvosmaer.nl> | 2020-02-20 16:49:19 +0300 |
commit | a51521d682c0a424d22c4adba027030d7a8ccb4d (patch) | |
tree | 8257d89324e84f15380b1c16bb223589fcf8231c /auth/README.md | |
parent | fde7ec76313edd43f55704239b5ad50dac6af663 (diff) |
Clarify how Gitaly v2 auth works
Diffstat (limited to 'auth/README.md')
-rw-r--r-- | auth/README.md | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/auth/README.md b/auth/README.md new file mode 100644 index 000000000..b5dc6f568 --- /dev/null +++ b/auth/README.md @@ -0,0 +1,27 @@ +# Gitaly authentication middleware for Go + +This package contains code that plugs into +github.com/grpc-ecosystem/go-grpc-middleware/auth to provide client +and server authentication middleware for Gitaly. + +Gitaly has two authentication schemes. + +## V1 authentication (deprecated) + +This scheme uses a shared secret. The shared secret is base64-encoded +and passed by the client as a bearer token. + +## V2 authentication + +This scheme uses a time limited token derived from a shared secret. + +The client creates a timestamp and computes the SHA256 HMAC signature +for that timestamp, treating the timestamp as the message. The shared +secret is used as the key for the HMAC. The client then sends both the +message and the signature to the server as a bearer token. + +The server takes the message and computes the signature. If the +client-provided signature matches the computed signature the message is +accepted. Next, the server checks if its current time is no more than +30 seconds ahead or behind the timestamp. If the timestamp is too old +or too new the request is denied. Otherwise it goes ahead. |