From cb48f7ffc89126c6b9e5c8b4c32bdfbedafa84c0 Mon Sep 17 00:00:00 2001 From: Bronwen Date: Thu, 27 Feb 2020 16:40:51 -0500 Subject: [PATCH] Add Documentation --- README.md | 35 ++++++++++++++++++++++ api/README.md | 81 +++++++++++++++++++++++++++++++++++++++++++++++++++ package.json | 3 +- 3 files changed, 118 insertions(+), 1 deletion(-) create mode 100644 README.md create mode 100644 api/README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..2916469 --- /dev/null +++ b/README.md @@ -0,0 +1,35 @@ +# Socurity + +Socurity is a PKI approach to SSO. It utilizes a local Identity server for storing keypairs, and a chrome/firefox extension to facilitate communication and provide a front end with/for said server. + +This is mostly academic in nature, but serves to prove that very basic PKI can be used in place of traditional username/password as an account model. + +## Extension + +the `/extension` folder is the root of the unpacked extension. + +### Installation +- navigate to `edge://extensions` or `chrome://extensions` +- check developer mode is turned on +- select `load unpacked extension` +- select the `/extension` folder in this repo. + +## Identity Server + +The identity server stores all of your keypairs. The api can be found in [api](/api/.README.md) + +### Starting the server + +``` +yarn start +``` + +## Test Website + +Included in this repo is a mock website to exhibit Socurity's functionality and facilitate development. + +### Starting the mock site + +``` +yarn serve -l 8080 test +``` \ No newline at end of file diff --git a/api/README.md b/api/README.md new file mode 100644 index 0000000..5d3e353 --- /dev/null +++ b/api/README.md @@ -0,0 +1,81 @@ +# Identity API + +The root endpoint for the server is `/api` on port 6565. For a local machine that looks like `http://localhost:6565/api` + +The use of HTTP here, is potentially concerning, however, SSL complications with localhost are the main bottleneck. As a precaution, the server will only accept connection from localhost (127.0.0.1). This should limit the range of potential attacks to malware already present on the machine. at which point, your keypairs are already at risk. + +# Endpoints + +## `GET` - `/identity` alias `/identities` + +List all identities (an object keyed by the identity's Identifier, with friendly names as the values.) + +### `200` + +```json +{ + "identities": { + "m3bpZMBdp5uea4r7": "Default" + } +} +``` + +## `GET` - `/identity/:uid` + +Retrieve data about a particular Identity with a given `uid`. + +### `200` + +```json +{ + "name": "Default", + "public": "-----BEGIN RSA PUBLIC KEY-----\nMIIBCgKCAQEAlulSpSeS1vAjUwXgcSlj+J6ncHScwujPYMWi8cza5IfdI5Od2g4A\nlk48mOQXkQFeiftc2YEn298NnzVQIEjGZIgCH+59VGN8aCNvHosbgXxcUnivAjKl\ny5Kk7M9Q8+rh01nd0Vv+xv5yFVSDKbtfB6pSeGsFEfy2r1rieBCg6pno5Dib+8EQ\nA9zcrb+zlolOL8c/YSx+JXiT5LKd/7Vu4Pkw85kyMtfmxu/nujepqnjJPkYTAa6Q\nYGFdGubST6Kb7OGZlT23xJ0WAn26oYQZ93wCQAxWIchvSTAzaGSkqiXtZf3gxIEz\nqGads0PMIJcGvtX4Kbggfy354w1vhTRlJQIDAQAB\n-----END RSA PUBLIC KEY-----", + "_id":"m3bpZMBdp5uea4r7" +} +``` + +## `POST` - `/encrypt/:uid` + +Encrypt a string using the private key of a particular Identity with a given `uid`. + +### `POST` Parameters + +``` +Content-Type: application/json +``` +```json +{ + "data": "My String to Encrypt" +} +``` + +### `200` + +```json +{ + "data": "someBase64ContentWithoutAnyPrefixOrSuffix" +} +``` + +## `POST` - `/decrypt/:uid` + +Decrypt a string using the public key of a particular Identity with a given `uid`. + +### `POST` Parameters + +``` +Content-Type: application/json +``` +```json +{ + "data": "someBase64ContentWithoutAnyPrefixOrSuffix" +} +``` + +### `200` + +```json +{ + "data": "My Original String" +} +``` \ No newline at end of file diff --git a/package.json b/package.json index c9c2b19..227d123 100644 --- a/package.json +++ b/package.json @@ -5,7 +5,8 @@ "main": "index.js", "scripts": { "test": "echo \"Error: no test specified\" && exit 1", - "serve": "serve" + "serve": "serve", + "start": "node index.js" }, "repository": { "type": "git",