AlgorandAuthentication 1.0.0

There is a newer version of this package available.
See the version list below for details.
dotnet add package AlgorandAuthentication --version 1.0.0                
NuGet\Install-Package AlgorandAuthentication -Version 1.0.0                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="AlgorandAuthentication" Version="1.0.0" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add AlgorandAuthentication --version 1.0.0                
#r "nuget: AlgorandAuthentication, 1.0.0"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install AlgorandAuthentication as a Cake Addin
#addin nuget:?package=AlgorandAuthentication&version=1.0.0

// Install AlgorandAuthentication as a Cake Tool
#tool nuget:?package=AlgorandAuthentication&version=1.0.0                

ams: 1 title: Algorand Message Standard for authentication status: Draft

Algorand Message Standard for authentication

Summary

This document introduces the standard for authentication using the algorand accounts.

Abstract

The goal of this standard is to define authorization process and authentication procedures for communication between web application and backend services or between two backend services.

Specification

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119.

Base64 is the standard described in RFC-4648.

Request for comments

Please comment or suggest pull request for this document here: https://github.com/scholtz/AMS/issues

Authentication

Authentication is process in which person generates the authorization token for communication with backend service.

Token MUST be generated from Algorand public and private key - from algorand address.

In the first step of the authentication, the message to be signed is generated. The message MUST contain note field with configurable Realm. Realm is identifier of the service. It MAY be the web address of the service for intended purpose.

The message MUST be self signed - the receiver is the same as the sender.

The message MUST have network parameters filled in. The network genesis hash SHOULD be configured for validation pursposes. The latest block is the time of expiration of the token. The latest block MUST be provided.

In the second step, the message MUST be signed by the account private key.

The message MUST not be submitted to network nor should be published in any way.

Authorization

Authentication is the process of validating authorized message by the backend application and allowing the account permissions to the backend services.

Authorization token SHOULD be send to backend service using the authorization header.

Header data MUST start with prefix "SigTx "

Authorization message must follow prefix in Base64 encoding.

Example of the header:

Authorization: SigTx gqNzaWfEQJ4FWNWiXuRz5DKu1RYL5qHlR+iP/3qW4BF+pPD/ok20tJSqBICQn2jWysFD88W3a0ojEBM+IWvh5tyfvZyZ+AKjdHhuiaNmZWXNA+iiZnbOAQx8LaNnZW6sdGVzdG5ldC12MS4womdoxCBIY7UYpLPITsgQ8i1PEIHLD3HwWaesIN7GL39w5Qk6IqJsds4BDIAVpG5vdGXEEURSRU0tQXV0aGVudGljYXRlo3JjdsQgG1z5khU3SjAofF/H7uWij05Nzy1ZVn2sYVEzIHauIAWjc25kxCAbXPmSFTdKMCh8X8fu5aKPTk3PLVlWfaxhUTMgdq4gBaR0eXBlo3BheQ==

Service MUST return 401 response if the service is configured to check for validity of the expiration of the token and the current block at the specified network is higher. Service SHOULD be configured to check for validity of the expiration of the token.

Service MUST return 401 response if the token data is not Base64 valid data.

Service MUST return 401 response if the token data cannot be parsed to Algorand signed transaction.

Service MUST return 401 response if the signed transaction has invalid signature.

Product Compatible and additional computed target framework versions.
.NET net5.0 is compatible.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.0.11 97 10/15/2024
1.0.10 90 10/15/2024
1.0.9 270 6/25/2023
1.0.8 170 5/22/2023
1.0.7 477 9/16/2022
1.0.6 481 9/14/2022
1.0.5 481 9/14/2022
1.0.4 466 4/5/2022
1.0.3 436 4/5/2022
1.0.2 433 4/4/2022
1.0.0 412 10/31/2021