A system for mutual authentication of two parties over a communications channel


License
OpenSSL
Install
npm install authrite-js@0.2.0

Documentation

authrite-js

JavaScript client for Authrite

The code is available on GitHub and the package is published on NPM.

Overview

Authrite is a system for mutual authentication over a communications channel where both parties come to know the identity of the counterparty. authrite-js provides an API for making authenticated HTTP requests from a client to a server that uses the authrite-express middleware.

During setup, the client asks for some basic information from the server and provides their identity key. The server sends back a reply, proving custody over the identity key they send back. Then, every message sent between the two parties is signed and verified, enabling everyone to have confidence in message integrity. Messages are not encrypted by Authrite, but encryption is provided by HTTPS.

Installation

npm i authrite-js

Example HTTP Usage

This example demonstrates sending a simple request sent with authrite-js

const { Authrite } = require('authrite-js')

// Authrite required parameters
const TEST_CLIENT_PRIVATE_KEY = 
'0d7889a0e56684ba795e9b1e28eb906df43454f8172ff3f6807b8cf9464994df'

const init = async () => {
    // Create a new instance of the Authrite class
    // Provide the server baseUrl, and your private identity key
    const authrite = new Authrite({
        clientPrivateKey: TEST_CLIENT_PRIVATE_KEY
    })
    // Construct a payload to send as the body of your request
    const body = {
        user: 'Bob',
        message: 'message from client'
    }
    // Create a new request to the server
    const response = await authrite.request('http://localhost:5000/sendSomeData', {
        body,
        method: 'POST',
        headers: {
        'Content-Type': 'application/json'
        }
    })
    // Retrieve the response from the server
    const responseData = JSON.parse(Buffer.from(response.body).toString('utf8'))
}

init()

Example WebSocket Usage

const { Authrite } = require('authrite-js')

// Authrite required parameters
// Note: The MetaNet Client can be used as a signing strategy as well
const TEST_CLIENT_PRIVATE_KEY = 
'0d7889a0e56684ba795e9b1e28eb906df43454f8172ff3f6807b8cf9464994df'

const init = async () => {
    // Create a new instance of the Authrite class
    // Provide the server baseUrl, and your private identity key
    // And make a connection request to the server with an open socket connection
    const io = await new Authrite({
        clientPrivateKey: TEST_CLIENT_PRIVATE_KEY
    }).connect('http://localhost:3000')

    // Setup an event handler
    io.on('chatMessage', (msg) => {
        // Mutual authentication has already happened at this point
        console.log(msg.text)
    })

    // Send a message to the server to get a response
    // Note: The server side must be configured correctly to receive a response
    await io.emit('chatMessage', { text: 'Hello server!' })
}

init()

API

Table of Contents

Authrite

Client-side API for establishing authenticated server communication

Parameters

  • $0 Object (optional, default {})

    • $0.clientPrivateKey
    • $0.initialRequestPath (optional, default '/authrite/initialRequest')
    • $0.signingStrategy (optional, default 'Babbage')
    • $0.certificates (optional, default [])
  • obj object All parameters are given in an object.

request

Creates a new signed authrite request and returns the result

Parameters
  • requestUrl String The URL to request on an Authrite-enabled server
  • fetchConfig object Config object passed to the Fetch API. The current version of Authrite only supports JSON structures for the fetch body. However, you can include a Buffer as part of the json object. (optional, default {})

Returns object The response object. Fields are 'status', 'headers' and 'body' (containing an ArrayBuffer of the HTTP response body)

connect

Support initializing a socket connection to a server Currently implemented as a drop-in replacement for the socket.io wrapper of WebSockets

Parameters
  • connectionUrl string the url of the server to connect to over web sockets
  • config object standard socket.io configuration param (optional, default {})

on

Configures custom client events for incoming server websocket events

Parameters

emit

Emits a message to a connected server over web sockets

Parameters

addCertificate

Parameters
  • certificate object Certificate produced by createCertificate to be added to the cache.

License

The license for the code in this repository is the Open BSV License.