Iron middleware for HMAC authentication
This package contains
BeforeMiddleware for authenticating HTTP requests and
for signing response. The HMAC stragegy is presently hardcoded as follows using an SHA-256 hash.
For requests, the expected hmac is
hmac(hmac(request.method) + hmac(request.path) + hmac(request.body))
The response is signed with an hmac generated with
Middleware can be obtained with the following calls
use iron_hmac::Hmac256Authentication; let secret = "<your shared hmac secret here>"; let header_name = "x-my-hmac"; let (hmac_before, hmac_after) = Hmac256Authentication::middleware(secret, header_name);
The middleware is linked in the usual way.
If you wish to use the openssl backed implementation, set
default-features = false in addition
features = ["hmac-openssl"].
Iron middleware for validation hmac headers on requests and signing responses.
Key used for HMAC computation