GC Auth
Auth application for Graffiticode applications.
API
-
uid
: user id, in practice this is a non0x
prefixed ethereum address.
GET /certs
Gets a JSON Web Key Set for the current set of keys being used to sign tokens.
-
AUTH:
none
GET /authenticate/ethereum/:address
Returns the current nonce for an ethereum address. This will generate a nonce if one does not currently exist.
-
AUTH:
none
- Request
-
address
: used as the user id
-
- Response
-
nonce
: Opaque random string used for authenticating with ethereum.
-
POST /authenticate/ethereum/:address
Performs Sign In With Ethereum processing for an address. If authentication succeeds a accessToken
and refreshToken
are issued to the caller.
-
AUTH:
none
- Request
-
address
: used as the user id -
signature
: signed ethereum message with contents "Nonce: <nonce>"
-
- Response
-
accessToken
: a short lived JWT that can be used to make authenticated calls to GC APIs (i.e. compilers or the API). This is optimization over the client having to callPOST /authenticate/refresh_token
. -
refreshToken
: a long lived opaque token for retrieving authaccessToken
s.
-
POST /authenticate/refresh_token
Exchanges a refreshToken
issued during authentication for a short lived JWT that can be used to make authenticated calls to the GC APIs.
-
AUTH:
none
- Request
-
refreshToken
: the token issued during authentication
-
- Response
-
accessToken
: a short lived JWT that can be used to make authenticated calls to GC APIs.
-
Development
- Start firebase emulators (NOTE: you only to do this once per GCP project).
npx firebase emulators:start
- Run GC Auth application (in another terminal)
npm run dev
- Run example usage
# Generate a signing key
curl -i -X POST http://localhost:4100/certs
node tools/run-ethereum.js