taigrr/nats.docs
1
0
Fork 0
mirror of https://github.com/taigrr/nats.docs synced 2025-01-18 04:03:23 -08:00
Code Issues Projects Releases Wiki Activity

updating docs

Browse Source
This commit is contained in:
ainsley
2019-05-30 12:43:58 -05:00
parent 0ce229b29d
commit 7765f4b86a
162 changed files with 426 additions and 307 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
docs/developer/security/nkey.html
View File

@@ -2302,7 +2302,7 @@
<section class="normal markdown-section">
<h1 id="authenticating-with-an-nkey"><a name="authenticating-with-an-nkey" class="plugin-anchor" href="#authenticating-with-an-nkey"><i class="fa fa-link" aria-hidden="true"></i></a>Authenticating with an NKey</h1>
<p>The 2.0 version of NATS server introduces a new challenge response authentication option. This challenge response is based on a wrapper we call NKeys which uses ED25519 signing. The server can use these keys in several ways for authentication. The simplest is for the server to be configured with a list of known public keys and for the clients to respond to the challenge by signing it with its private key. This challenge-response insures security by insuring that the client has the private key, but also protects the private key from the server which never has to actually see it.</p>
<p>The 2.0 version of NATS server introduces a new challenge response authentication option. This challenge response is based on a wrapper we call NKeys which uses <a href="https://ed25519.cr.yp.to/" target="_blank">Ed25519</a> signing. The server can use these keys in several ways for authentication. The simplest is for the server to be configured with a list of known public keys and for the clients to respond to the challenge by signing it with its private key. This challenge-response insures security by insuring that the client has the private key, but also protects the private key from the server which never has to actually see it.</p>
<p>Handling challenge response may require more than just a setting in the connection options, depending on the client library.</p>
<div class="tab-wrap">
@@ -2316,6 +2316,16 @@
<label for="connect_nkey_java" class="api-lang" data-language="java">Java</label>
<input type="radio" id="connect_nkey_js" name="connect_nkey" class="tab">
<label for="connect_nkey_js" class="api-lang" data-language="js">JavaScript</label>
<input type="radio" id="connect_nkey_ts" name="connect_nkey" class="tab">
<label for="connect_nkey_ts" class="api-lang" data-language="ts">TypeScript</label>
<div class="tab__content">
@@ -2365,6 +2375,30 @@ nc<span class="token punctuation">,</span> err <span class="token operator">:=</
<span class="token comment">// Do something with the connection</span>
nc<span class="token punctuation">.</span><span class="token function">close</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
</code></pre>
</div>
<div class="tab__content">
<pre id="connect_nkey_js_content"><a class="toolbar-icons pull-right" target="_blank" href="https://github.com/nats-io/node-nats-examples/blob/master/src/auth_examples.js#L122-131"><i class="mdi mdi-github-circle" title="View on GitHub"></i></a><a class="toolbar-icons pull-right"><i class="mdi mdi-content-copy js-copy" title="Copy to Clipboard"></i></a><span class="copy-msg pull-right"></span><code class="language-javascript"><span class="token keyword">let</span> nc <span class="token operator">=</span> <span class="token constant">NATS</span><span class="token punctuation">.</span><span class="token function">connect</span><span class="token punctuation">(</span><span class="token punctuation">{</span>
url<span class="token punctuation">:</span> server<span class="token punctuation">.</span>nats<span class="token punctuation">,</span>
nkey<span class="token punctuation">:</span> uPub<span class="token punctuation">,</span>
<span class="token function-variable function">sigCB</span><span class="token punctuation">:</span> <span class="token keyword">function</span> <span class="token punctuation">(</span><span class="token parameter">nonce</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token keyword">const</span> sk <span class="token operator">=</span> nkeys<span class="token punctuation">.</span><span class="token function">fromSeed</span><span class="token punctuation">(</span>Buffer<span class="token punctuation">.</span><span class="token function">from</span><span class="token punctuation">(</span>uSeed<span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">return</span> sk<span class="token punctuation">.</span><span class="token function">sign</span><span class="token punctuation">(</span>nonce<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
</code></pre>
</div>
<div class="tab__content">
<pre id="connect_nkey_ts_content"><a class="toolbar-icons pull-right" target="_blank" href="https://github.com/nats-io/ts-nats-examples/blob/master/src/auth_examples.ts#L92-101"><i class="mdi mdi-github-circle" title="View on GitHub"></i></a><a class="toolbar-icons pull-right"><i class="mdi mdi-content-copy js-copy" title="Copy to Clipboard"></i></a><span class="copy-msg pull-right"></span><code class="language-javascript"><span class="token keyword">let</span> nc <span class="token operator">=</span> <span class="token keyword">await</span> <span class="token function">connect</span><span class="token punctuation">(</span><span class="token punctuation">{</span>
url<span class="token punctuation">:</span> server<span class="token punctuation">.</span>nats<span class="token punctuation">,</span>
nkey<span class="token punctuation">:</span> uPub<span class="token punctuation">,</span>
<span class="token function-variable function">nonceSigner</span><span class="token punctuation">:</span> <span class="token keyword">function</span> <span class="token punctuation">(</span><span class="token parameter">nonce</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token keyword">const</span> sk <span class="token operator">=</span> <span class="token function">fromSeed</span><span class="token punctuation">(</span>Buffer<span class="token punctuation">.</span><span class="token function">from</span><span class="token punctuation">(</span>uSeed<span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">return</span> sk<span class="token punctuation">.</span><span class="token function">sign</span><span class="token punctuation">(</span>Buffer<span class="token punctuation">.</span><span class="token function">from</span><span class="token punctuation">(</span>nonce<span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
</code></pre>
</div>
@@ -2411,7 +2445,7 @@ nc<span class="token punctuation">.</span><span class="token function">close</sp
<script>
var gitbook = gitbook || [];
gitbook.push(function() {
gitbook.page.hasChanged({"page":{"title":"Authenticating with an NKey","level":"3.4.3","depth":2,"next":{"title":"Authenticating with a Credentials File","level":"3.4.4","depth":2,"path":"developer/security/creds.md","ref":"developer/security/creds.md","articles":[]},"previous":{"title":"Authenticating with a Token","level":"3.4.2","depth":2,"path":"developer/security/token.md","ref":"developer/security/token.md","articles":[]},"dir":"ltr"},"config":{"plugins":["prism","-highlight","include-html","toggle-chapters","anchors"],"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"pluginsConfig":{"prism":{"lang":{"ascii":"markup","text":"markup"}},"search":{},"lunr":{"maxIndexSize":1000000,"ignoreSpecialCharacters":false},"include-html":{},"fontsettings":{"theme":"white","family":"sans","size":2},"sharing":{"facebook":true,"twitter":true,"google":false,"weibo":false,"instapaper":false,"vk":false,"all":["facebook","google","twitter","weibo","instapaper"]},"theme-default":{"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"showLevel":false},"anchors":{},"toggle-chapters":{}},"theme":"default","author":"The NATS Maintainers","pdf":{"pageNumbers":true,"fontSize":12,"fontFamily":"Arial","paperSize":"a4","chapterMark":"pagebreak","pageBreaksBefore":"/","margin":{"right":62,"left":62,"top":56,"bottom":56}},"structure":{"langs":"LANGS.md","readme":"README.md","glossary":"GLOSSARY.md","summary":"SUMMARY.md"},"variables":{},"title":"NATS","gitbook":"*","description":"Administrative, developer and conceptual documentation for the NATS messaging system."},"file":{"path":"developer/security/nkey.md","mtime":"2019-05-29T16:43:54.756Z","type":"markdown"},"gitbook":{"version":"3.2.3","time":"2019-05-29T16:45:48.381Z"},"basePath":"../..","book":{"language":""}});
gitbook.page.hasChanged({"page":{"title":"Authenticating with an NKey","level":"3.4.3","depth":2,"next":{"title":"Authenticating with a Credentials File","level":"3.4.4","depth":2,"path":"developer/security/creds.md","ref":"developer/security/creds.md","articles":[]},"previous":{"title":"Authenticating with a Token","level":"3.4.2","depth":2,"path":"developer/security/token.md","ref":"developer/security/token.md","articles":[]},"dir":"ltr"},"config":{"plugins":["prism","-highlight","include-html","toggle-chapters","anchors"],"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"pluginsConfig":{"prism":{"lang":{"ascii":"markup","text":"markup"}},"search":{},"lunr":{"maxIndexSize":1000000,"ignoreSpecialCharacters":false},"include-html":{},"fontsettings":{"theme":"white","family":"sans","size":2},"sharing":{"facebook":true,"twitter":true,"google":false,"weibo":false,"instapaper":false,"vk":false,"all":["facebook","google","twitter","weibo","instapaper"]},"theme-default":{"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"showLevel":false},"anchors":{},"toggle-chapters":{}},"theme":"default","author":"The NATS Maintainers","pdf":{"pageNumbers":true,"fontSize":12,"fontFamily":"Arial","paperSize":"a4","chapterMark":"pagebreak","pageBreaksBefore":"/","margin":{"right":62,"left":62,"top":56,"bottom":56}},"structure":{"langs":"LANGS.md","readme":"README.md","glossary":"GLOSSARY.md","summary":"SUMMARY.md"},"variables":{},"title":"NATS","gitbook":"*","description":"Administrative, developer and conceptual documentation for the NATS messaging system."},"file":{"path":"developer/security/nkey.md","mtime":"2019-05-30T17:42:13.279Z","type":"markdown"},"gitbook":{"version":"3.2.3","time":"2019-05-30T17:42:48.393Z"},"basePath":"../..","book":{"language":""}});
});
</script>
</div>