git.squeep.com Git - squeep-resource-authentication-module/blob - README.md

   1 # @squeep/resource-authentication-module
   2
   3 Inter-server API authentication management.
   4
   5 Specific to Squeep Framework Applications, this module has strong opinions and makes many assumptions.
   6
   7 This is just a time-gated pre-shared-secret HMAC bearer-token scheme.
   8
   9 ## Details
  10
  11 A token is constructed with:
  12
  13 - a resource identifier, which is a UUID, rendered as 24 bytes of base64url encoded string
  14 - the current epoch, which is rendered as a base10 string
  15 - a salt value, which is random data rendered in 28 bytes of base64url encoded string
  16 - a sha256 hmac of the above data, rendered as a base64url encoded string
  17
  18 These fields are all joined with ':' to form the token.