datashare-network-tokenserver

A server to issue tokens based on blind signature

It is based on springlab@EPFL SScred based itself on petlib and itelf based on openssl.

It is supposed to be secured behind an SSO/OAuth2 server.

Configuration

Configuration is provided with environment variables :

• TOKEN_SERVER_REDIS_URL: redis url (default: redis://redis)
• TOKEN_SERVER_REDIS_TTL: time to live for commitments internal parameters (default 30s)
• TOKEN_SERVER_SKEY: master secret key for the server encoded in msgpack hex string

Endpoints

All endpoints should be secured with HTTPS (TLS).

• GET /publickey
  • returns the server public key
• POST /commitments?uid=foo&number=3
  • parameters :
    • number: (int) number of token to generate
    • uid: (string) user id
  • returns a commitment list msg pack encoded
• POST /tokens?uid=foo
  • parameters :
    • uid: (string) user id
    • payload: list of pretokens msg pack encoded
    • returns a token list msg pack encoded