mediocregopher
/
dehub
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
A read-only clone of the dehub project, for until dehub.dev can be brought back online.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
70 Commits
2 Branches
0 Tags
311 KiB
 
 
Tag: Branch: Tree: main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
dehub/sigcred/credential.go

77 lines
3.0 KiB
Raw Permalink Blame History

package sigcred
import (
"fmt"
"dehub.dev/src/dehub.git/typeobj"
)
// CredentialUnion represents a credential, signifying a user's approval of a
// payload. Exactly one field tagged with "type" should be set.
type CredentialUnion struct {
PGPSignature *CredentialPGPSignature `type:"pgp_signature"`
// AccountID specifies the account which generated this CredentialUnion.
//
// NOTE that credentials produced by the direct implementations of Signifier
// won't fill in this field, unless specifically documented. The Signifier
// produced by the Signifier() method of SignifierUnion _will_ fill this
// field in, however.
AccountID string `yaml:"account,omitempty"`
// AnonID specifies an identifier for the anonymous user which produced this
// credential. This field is mutually exclusive with AccountID, and won't be
// set by any Signifier implementation unless specifically documented.
AnonID string `yaml:"-"`
}
// MarshalYAML implements the yaml.Marshaler interface.
func (c CredentialUnion) MarshalYAML() (interface{}, error) {
return typeobj.MarshalYAML(c)
}
// UnmarshalYAML implements the yaml.Unmarshaler interface.
func (c *CredentialUnion) UnmarshalYAML(unmarshal func(interface{}) error) error {
return typeobj.UnmarshalYAML(c, unmarshal)
}
// ErrNotSelfVerifying is returned from the SelfVerify method of CredentialUnion
// when the credential does not implement the SelfVerifyingCredential interface.
// It may also be returned from the SelfVerify method of the
// SelfVerifyingCredential itself, if the credential can only self-verify under
// certain circumstances.
type ErrNotSelfVerifying struct {
// Subject is a descriptor of the value which could not be verified. It may
// be a type name or some other identifying piece of information.
Subject string
}
func (e ErrNotSelfVerifying) Error() string {
return fmt.Sprintf("%s cannot verify itself", e.Subject)
}
// SelfVerify will attempt to cast the credential as a SelfVerifyingCredential,
// and returns the result of the SelfVerify method being called on it.
func (c CredentialUnion) SelfVerify(data []byte) error {
el, _, err := typeobj.Element(c)
if err != nil {
return err
} else if selfVerifyingCred, ok := el.(SelfVerifyingCredential); !ok {
return ErrNotSelfVerifying{Subject: fmt.Sprintf("credential of type %T", el)}
} else if err := selfVerifyingCred.SelfVerify(data); err != nil {
return fmt.Errorf("self-verifying credential of type %T: %w", el, err)
}
return nil
}
// SelfVerifyingCredential is one which is able to prove its own authenticity by
// some means or another. It is not required for a Credential to implement this
// interface.
type SelfVerifyingCredential interface {
// SelfVerify should return nil if the Credential has successfully verified
// that it has accredited the given data, or an error describing why it
// could not do so. It may return ErrNotSelfVerifying if the Credential can
// only self-verify under certain circumstances, and those circumstances are
// not met.
SelfVerify(data []byte) error
}