#security #protocols #signature #generate #m-auth #medidata

mauth-core

Generate and verify Medidata MAuth protocol signatures

2 unstable releases

0.5.0 Jun 7, 2024
0.4.1 May 22, 2024

#532 in Authentication


Used in mauth-client

MIT license

19KB
278 lines

MAuth Core

A library to generate and verify MAuth signatures

Usage

Add the following to your Cargo.toml:

[dependencies]
mauth-core = "0.5"

Here is an example of generating and verifying a signature:

use mauth_core::signer::Signer;
use mauth_core::verifier::Verifier;
use mauth_core::error::Error;

let mauth_version = 2;
let private_key_data = std::fs::read_to_string("tests/mauth-protocol-test-suite/signing-params/rsa-key").unwrap();
let public_key_data = std::fs::read_to_string("tests/mauth-protocol-test-suite/signing-params/rsa-key-pub").unwrap();
let app_uuid = "101c139a-236c-11ef-b5e3-125eb8485a60".to_string();
let verb = "GET";
let path = "/item";
let query = "page=2";
let body = b"";
let timestamp = "2024-01-28T19:11:35.000";

let signer = Signer::new(app_uuid.clone(), private_key_data);
assert!(signer.is_ok());
let signature = signer.unwrap().sign_string(mauth_version, verb, path, query, body, timestamp);
assert!(signature.is_ok());

let verifier = Verifier::new(app_uuid.clone(), public_key_data);
assert!(verifier.is_ok());
let result = verifier.unwrap().verify_signature(mauth_version, verb, path, query, body, timestamp, signature.unwrap());
assert!(result.is_ok());

You can find an example of binding MAuth Core to Ruby here.

Contributing

See CONTRIBUTING.

Dependencies

~6–8MB
~152K SLoC