AlgorandAuthentication 1.0.0
See the version list below for details.
dotnet add package AlgorandAuthentication --version 1.0.0
NuGet\Install-Package AlgorandAuthentication -Version 1.0.0
<PackageReference Include="AlgorandAuthentication" Version="1.0.0" />
paket add AlgorandAuthentication --version 1.0.0
#r "nuget: AlgorandAuthentication, 1.0.0"
// Install AlgorandAuthentication as a Cake Addin #addin nuget:?package=AlgorandAuthentication&version=1.0.0 // Install AlgorandAuthentication as a Cake Tool #tool nuget:?package=AlgorandAuthentication&version=1.0.0
ams: 1 title: Algorand Message Standard for authentication status: Draft
Algorand Message Standard for authentication
Summary
This document introduces the standard for authentication using the algorand accounts.
Abstract
The goal of this standard is to define authorization process and authentication procedures for communication between web application and backend services or between two backend services.
Specification
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119.
Base64 is the standard described in RFC-4648.
Request for comments
Please comment or suggest pull request for this document here: https://github.com/scholtz/AMS/issues
Authentication
Authentication is process in which person generates the authorization token for communication with backend service.
Token MUST be generated from Algorand public and private key - from algorand address.
In the first step of the authentication, the message to be signed is generated. The message MUST contain note field with configurable Realm. Realm is identifier of the service. It MAY be the web address of the service for intended purpose.
The message MUST be self signed - the receiver is the same as the sender.
The message MUST have network parameters filled in. The network genesis hash SHOULD be configured for validation pursposes. The latest block is the time of expiration of the token. The latest block MUST be provided.
In the second step, the message MUST be signed by the account private key.
The message MUST not be submitted to network nor should be published in any way.
Authorization
Authentication is the process of validating authorized message by the backend application and allowing the account permissions to the backend services.
Authorization token SHOULD be send to backend service using the authorization header.
Header data MUST start with prefix "SigTx "
Authorization message must follow prefix in Base64 encoding.
Example of the header:
Authorization: SigTx gqNzaWfEQJ4FWNWiXuRz5DKu1RYL5qHlR+iP/3qW4BF+pPD/ok20tJSqBICQn2jWysFD88W3a0ojEBM+IWvh5tyfvZyZ+AKjdHhuiaNmZWXNA+iiZnbOAQx8LaNnZW6sdGVzdG5ldC12MS4womdoxCBIY7UYpLPITsgQ8i1PEIHLD3HwWaesIN7GL39w5Qk6IqJsds4BDIAVpG5vdGXEEURSRU0tQXV0aGVudGljYXRlo3JjdsQgG1z5khU3SjAofF/H7uWij05Nzy1ZVn2sYVEzIHauIAWjc25kxCAbXPmSFTdKMCh8X8fu5aKPTk3PLVlWfaxhUTMgdq4gBaR0eXBlo3BheQ==
Service MUST return 401 response if the service is configured to check for validity of the expiration of the token and the current block at the specified network is higher. Service SHOULD be configured to check for validity of the expiration of the token.
Service MUST return 401 response if the token data is not Base64 valid data.
Service MUST return 401 response if the token data cannot be parsed to Algorand signed transaction.
Service MUST return 401 response if the signed transaction has invalid signature.
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net5.0 is compatible. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. |
-
net5.0
- Algorand (>= 0.2.0.8)
- Microsoft.AspNetCore.Authentication.Negotiate (>= 5.0.11)
- Microsoft.Extensions.Caching.Abstractions (>= 5.0.0)
- Microsoft.Extensions.Logging.Abstractions (>= 5.0.0)
- Microsoft.Extensions.Options (>= 5.0.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.