Skip to content
This repository has been archived by the owner on Nov 16, 2020. It is now read-only.

ito-org/authorization-server

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

db

db

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

db.go

db.go

 
 

diagram.svg

diagram.svg

 
 

docker-compose.yml

docker-compose.yml

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

main.go

main.go

 
 

server.go

server.go

 
 

server_test.go

server_test.go

 
 

Repository files navigation

Authorization Server (Draft)

License

The authorization server gives out upload tokens to health authorities / doctors / ...

They can then give these tokens to an infected person to upload his/her contact numbers.

Each upload token is valid once for max. ~5 days.

Diagram

Upload token

A token is a random sequence of ~10 numbers and letters. Numbers and letters should be chosen to be well distinguishable in text and speech.

API for TCN Backend

HTTP API with pinned public keys (peer auth)

POST /check_and_invalidate_token 
params: token=XXXXXXXXX
returns: "valid" or "invalid"

This has to be somehow transaction safe, i.e. token invalidation and upload should either both fail or none of them. I'm not sure how to best do that right now.

Interface for Health Authorities/Doctors

Webinterface to generate tokens

Authentication using smartcard e.g. https://uziregister.nl/ for the Netherlands, Praxisausweis (SMC-B) for Germany

Database schema

TABLE tokens:
	token 
	created_at

About

Infected status verification server for health system integration

Resources

Readme

License

View license
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages