API refactor, error handling refactor

Author: denpeshkov

README.md

@@ -14,11 +14,14 @@ The library provides the following signature algorithms:
 - [ECDSA](https://pkg.go.dev/github.com/denpeshkov/httpsign/ecdsa)
 - [Ed25519](https://pkg.go.dev/github.com/denpeshkov/httpsign/ed25519)
 
-The API is based on two interfaces: `Signer` and `Verifier`.
+The API is based on four interfaces: `Signer`, `Verifier` and `SignerSource`, `VerifierSource`.
+
 `Signer` is essentially a wrapper around the signature algorithm's private key.
 Because the private key also contains the corresponding public key, `Signer` can be used for verification as well.
+`SignerSource` abstracts the retrieval of `Signer` based on the provided key ID.
 
 `Verifier` uses the public key for verification. It is useful in situations where the user only has access to the public key and not the private key.
+`VerifierSource` abstracts the retrieval of `Verifier` based on the provided key ID.
 
 The HMAC algorithm is an exception, as it uses the same shared secret key for both signing and verification.
 Therefore, the API provides a single structure, [`HMAC`](https://pkg.go.dev/github.com/denpeshkov/httpsign/hmac#HMAC), for both signing and verification.
@@ -28,65 +31,93 @@ Therefore, the API provides a single structure, [`HMAC`](https://pkg.go.dev/gith
 Here is an example using `HMAC-SHA-256` algorithm:
 
 ```go
-sharedKey := []byte("shared-secret")
+type staticSource struct{ h *hmac.HMAC }
+
+func (s staticSource) Signer(ctx context.Context, kid string) (Signer, error) {
+	return s.h, nil
+}
+func (s staticSource) Verifier(ctx context.Context, kid string) (Verifier, error) {
+	return s.h, nil
+}
+
+const (
+	secret = "shared-secret"
+	kid    = "key-id"
+)
 
-// Create the Signer using the shared secret key.
-sgn, err := hshmac.New(sharedKey, crypto.SHA256)
+// Create the signer using the shared secret key.
+sgn, err := hmac.New([]byte(secret), crypto.SHA256)
 if err != nil {
 	log.Fatal(err)
 }
 
+// Create the source given the signer.
+src := staticSource{sgn}
+
 // Create the Transport.
-tr := httpsign.NewTransport(sgn)
+tr := NewTransport(src, kid)
 
 // Create an HTTP client using our transport to sign outgoing requests.
 c := &http.Client{Transport: tr}
 
 // Create the Middleware to verify incoming requests signatures.
-m := httpsign.NewMiddleware(sgn)
+m := Middleware(src, DefaultErrorHandler)
 
 // Wrap the handler.
 var handler http.Handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 	fmt.Fprintln(w, "Hello")
 })
-handler = m.Handler(handler)
+handler = m(handler)
 
 http.Handle("/api/foo", handler)
 ```
 
 Here is an example using `RSASSA-PKCS1-v1.5 SHA-256` algorithm:
 
 ```go
-privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
+type staticSource struct{ h *rsa.PKCSSigner }
+
+func (s staticSource) Signer(ctx context.Context, kid string) (Signer, error) {
+	return s.h, nil
+}
+func (s staticSource) Verifier(ctx context.Context, kid string) (Verifier, error) {
+	return s.h, nil
+}
+
+const kid = "key-id"
+
+privateKey, err := stdrsa.GenerateKey(rand.Reader, 2048)
 hash := crypto.SHA256
 
-// Create the Signer using the private key.
-sgn, err := hsrsa.NewPKCSSigner(privateKey, hash)
+// Create the signer using the shared secret key.
+sgn, err := rsa.NewPKCSSigner(privateKey, hash)
 if err != nil {
 	log.Fatal(err)
 }
 
+// Create the source given the signer.
+src := staticSource{sgn}
+
 // Create the Transport.
-tr := httpsign.NewTransport(sgn)
+tr := NewTransport(src, kid)
 
 // Create an HTTP client using our transport to sign outgoing requests.
 c := &http.Client{Transport: tr}
 
 // Create the Middleware to verify incoming requests signatures.
-m := httpsign.NewMiddleware(sgn)
+m := Middleware(src, DefaultErrorHandler)
 
 // Alternatively, we can explicitly create a Verifier using the public key.
 vrf, err := hsrsa.NewPKCSVerifier(&privateKey.PublicKey, hash)
 if err != nil {
 	log.Fatal(err)
 }
-m = httpsign.NewMiddleware(vrf)
 
 // Wrap the handler.
 var handler http.Handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 	fmt.Fprintln(w, "Hello")
 })
-handler = m.Handler(handler)
+handler = m(handler)
 
 http.Handle("/api/foo", handler)
 ```

http.go

@@ -2,6 +2,7 @@
 package httpsign
 
 import (
+	"context"
 	"encoding/base64"
 	"errors"
 	"fmt"
@@ -13,33 +14,65 @@ import (
 )
 
 const (
-	signatureHeader = "X-Signature"
-	timestampHeader = "X-Signature-Timestamp"
+	SignatureHeader = "X-Signature"
+	TimestampHeader = "X-Signature-Timestamp"
+	KidHeader       = "X-Key-ID"
 )
 
 var (
-	// ErrVerification represents a failure to verify a signature.
-	ErrVerification = errors.New("signature verification error")
+	// ErrRequestVerification represents a failure to verify an HTTP request.
+	ErrRequestVerification = errors.New("failed to verify HTTP request")
 )
 
-// Transport is an HTTP [http.RoundTripper] which signs outgoing HTTP requests.
+// Sign signs the HTTP request using the provided signer and timestamp.
+func Sign(s Signer, timestamp time.Time, r *http.Request) error {
+	var (
+		method = r.Method
+		host   = r.Host
+		path   = r.URL.EscapedPath()
+		query  = query{r.URL.Query()}.Encode()
+		ts     = timestamp.UTC().Format(time.RFC3339)
+	)
+	if path == "" {
+		path = "/" // See https://www.rfc-editor.org/rfc/rfc9110#section-4.2.3
+	}
+	data := fmt.Sprintf("%s%s%s%s%s", method, host, path, query, ts)
+	sig, err := s.Sign([]byte(data))
+	if err != nil {
+		return err
+	}
+	sige := base64.RawURLEncoding.EncodeToString(sig)
+	r.Header.Add(TimestampHeader, ts)
+	r.Header.Add(SignatureHeader, sige)
+	return nil
+}
+
+// SignerSource provides a [Signer] given a key ID.
+// It must be safe for concurrent use by multiple goroutines.
+type SignerSource interface {
+	Signer(ctx context.Context, kid string) (Signer, error)
+}
+
+// Transport is an [http.RoundTripper] which signs outgoing HTTP requests.
 type Transport struct {
 	// Base is the base http.RoundTripper used to make HTTP requests.
 	// By default, http.DefaultTransport is used.
 	Base http.RoundTripper
 
-	signer Signer
+	source SignerSource
+	kid    string
 }
 
-// NewTransport returns a new [Transport] given a [Signer].
-func NewTransport(signer Signer) *Transport {
+// NewTransport returns a new [Transport] using a [SignerSource] with the provided key ID.
+func NewTransport(source SignerSource, kid string) *Transport {
 	return &Transport{
 		Base:   http.DefaultTransport,
-		signer: signer,
+		source: source,
+		kid:    kid,
 	}
 }
 
-// RoundTrip implements the [http.RoundTripper] interface, signing the request using provided [Signer].
+// RoundTrip signs the request.
 func (t *Transport) RoundTrip(r *http.Request) (*http.Response, error) {
 	bodyClosed := false
 	if r.Body != nil {
@@ -51,103 +84,98 @@ func (t *Transport) RoundTrip(r *http.Request) (*http.Response, error) {
 	}
 
 	r = r.Clone(r.Context()) // per RoundTripper contract.
-	if err := t.sign(r); err != nil {
+	r.Header.Set(KidHeader, t.kid)
+	signer, err := t.source.Signer(r.Context(), t.kid)
+	if err != nil {
+		return nil, fmt.Errorf("obtain signer: %w", err)
+	}
+	if err := Sign(signer, time.Now(), r); err != nil {
 		return nil, fmt.Errorf("sign request: %w", err)
 	}
 	bodyClosed = true // r.Body is closed by the base RoundTripper.
 	return t.Base.RoundTrip(r)
 }
 
-func (t *Transport) sign(r *http.Request) error {
+// Verify verifies the HTTP request using the provided verifier.
+func Verify(v Verifier, r *http.Request) error {
 	var (
 		method    = r.Method
 		host      = r.Host
 		path      = r.URL.EscapedPath()
 		query     = query{r.URL.Query()}.Encode()
-		timestamp = time.Now().UTC().Format(time.RFC3339)
+		timestamp = r.Header.Get(TimestampHeader)
 	)
-	if path == "" {
-		path = "/" // See https://www.rfc-editor.org/rfc/rfc9110#section-4.2.3
+	if timestamp == "" {
+		return fmt.Errorf("missing %s header", TimestampHeader)
+	}
+	sigRaw := r.Header.Get(SignatureHeader)
+	if sigRaw == "" {
+		return fmt.Errorf("missing %s header", SignatureHeader)
 	}
-	data := fmt.Sprintf("%s%s%s%s%s", method, host, path, query, timestamp)
-	sig, err := t.signer.Sign([]byte(data))
+	sig, err := base64.RawURLEncoding.DecodeString(sigRaw)
 	if err != nil {
-		return err
+		return fmt.Errorf("malformed signature: %w", err)
+	}
+	msg := fmt.Sprintf("%s%s%s%s%s", method, host, path, query, timestamp)
+
+	valid, err := v.Verify([]byte(msg), sig)
+	if err != nil {
+		return fmt.Errorf("verification failure: %w", err)
+	}
+	if !valid {
+		return errors.New("invalid signature")
 	}
-	esig := base64.RawURLEncoding.EncodeToString(sig)
-	r.Header.Add(timestampHeader, timestamp)
-	r.Header.Add(signatureHeader, esig)
 	return nil
 }
 
+// VerifierSource provides a [Verifier] given a key ID.
+// It must be safe for concurrent use by multiple goroutines.
+type VerifierSource interface {
+	Verifier(ctx context.Context, kid string) (Verifier, error)
+}
+
 // DefaultErrorHandler handles errors as follows:
-//   - If the error is [ErrVerification], it sends a 401 Unauthorized response.
+//   - If the error is [ErrRequestVerification], it sends a 401 Unauthorized response.
 //   - For any other errors, it defaults to sending a 500 Internal Server Error response.
 func DefaultErrorHandler(w http.ResponseWriter, r *http.Request, err error) {
 	if err == nil {
 		return
 	}
 	switch {
-	case errors.Is(err, ErrVerification):
+	case errors.Is(err, ErrRequestVerification):
 		http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
 	default:
 		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
 	}
 }
 
-type Middleware struct {
-	// ErrorHandler is used to handle errors that occur during signature verification.
-	// If not provided, DefaultErrorHandler is used.
-	ErrorHandler func(w http.ResponseWriter, r *http.Request, err error)
-
-	verifier Verifier
-}
-
-// NewMiddleware returns a new [Middleware] given a [Verifier].
-func NewMiddleware(verifier Verifier) *Middleware {
-	return &Middleware{
-		ErrorHandler: DefaultErrorHandler,
-		verifier:     verifier,
+// Middleware creates middleware that verifies HTTP request signatures using a [Verifier]
+// from the provided source and handles errors with a custom handler.
+func Middleware(
+	source VerifierSource,
+	errHandler func(w http.ResponseWriter, r *http.Request, err error),
+) func(http.Handler) http.Handler {
+	return func(h http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			kid := r.Header.Get(KidHeader)
+			if kid == "" {
+				errHandler(w, r, fmt.Errorf("%w: missing %s header", ErrRequestVerification, KidHeader))
+				return
+			}
+			v, err := source.Verifier(r.Context(), kid)
+			if err != nil {
+				errHandler(w, r, fmt.Errorf("obtain verifier: %w", err))
+				return
+			}
+			if err := Verify(v, r); err != nil {
+				errHandler(w, r, fmt.Errorf("%w: %w", ErrRequestVerification, err))
+				return
+			}
+			h.ServeHTTP(w, r)
+		})
 	}
 }
 
-// Handler returns a handler that serves requests with signature verification.
-func (m *Middleware) Handler(h http.Handler) http.Handler {
-	return m.handler(func(w http.ResponseWriter, r *http.Request) error {
-		var (
-			method    = r.Method
-			host      = r.Host
-			path      = r.URL.EscapedPath()
-			query     = query{r.URL.Query()}.Encode()
-			timestamp = r.Header.Get(timestampHeader)
-		)
-		msg := fmt.Sprintf("%s%s%s%s%s", method, host, path, query, timestamp)
-
-		sig, err := base64.RawURLEncoding.DecodeString(r.Header.Get(signatureHeader))
-		if err != nil {
-			return fmt.Errorf("%w: %w", ErrVerification, err)
-		}
-
-		valid, err := m.verifier.Verify([]byte(msg), sig)
-		if err != nil {
-			return err
-		}
-		if !valid {
-			return ErrVerification
-		}
-		h.ServeHTTP(w, r)
-		return nil
-	})
-}
-
-func (m *Middleware) handler(h func(w http.ResponseWriter, r *http.Request) error) http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if err := h(w, r); err != nil {
-			m.ErrorHandler(w, r, err)
-		}
-	})
-}
-
 // query embeds [url.Values] overriding [url.Values.Encode] to sort by both key and value.
 type query struct{ url.Values }