bblfish
commented
3 years ago I wrote a first version of RFC8941 in two days of coding using cats.parse: see PR in issue 13. I am not sure what Akka will do for Scala3, but perhaps cats.parser is a way to go?
Would be great if it could be the base for a library that would be independently used by different web server frameworks, on which Signing HTTP Messages could be build. I am writing this for Akka, and will implement Signing next, so that will give me an idea as to what kind of things may be involved.
raboof
I am looking to implement the Signing HTTP Messages RFC from the HTTP-Bis Working Group (IETF spec version), which is the continuation of the draft-cavage-http-signatures-12, which had numerous implementations and can be used for authentication. (e.g. new OAuth GNAP or XYZ protocol or even directly using a
WWW-Authenticate: Signatureheader as in the last 10 version from draft-cavage).The new HTTP-Bis version uses RFC 8941 Structured Field Values for HTTP (see introduction blog) which may be of interest in any case to Akka-HTTP. There is a Java implementation named structured-fields by @reschke.
I found @tomitribe's implementation of signing http messages (not yet updated to the newly released spec) that looks very clean: http-signatures-java.
I had written a partial implementation of the old spec in Akka HTTP Signatures 4 years ago, and was thinking of updating that to the latest version. I just thought I'd check here first in case this is already being worked on, if people can see a potential integration problem with Akka, or for tips on how I can write it so that it can later be integrated into Akka. In any case I thought it would be of interest to the akka-http group, especially the structured fields work.