web-bot-auth
| Crates.io | web-bot-auth |
| lib.rs | web-bot-auth |
| version | 0.6.0 |
| created_at | 2025-05-28 14:32:28.906612+00 |
| updated_at | 2025-12-19 14:56:08.790941+00 |
| description | Web Bot Authentication using HTTP Message Signatures |
| homepage | https://github.com/cloudflare/web-bot-auth |
| repository | https://github.com/cloudflare/web-bot-auth |
| max_upload_size | |
| id | 1692848 |
| size | 112,826 |
Simon Newton (ThePlexus)
documentation
README
web-bot-auth
A pure Rust implementation of web-bot-auth as defined by draft-meunier-web-bot-auth-architecture.
Tables of Content
Features
- Plug-and-play HTTP message signature support: generate and verify signatures for any arbitrary HTTP message, independent of framework or library, by implementing the traits
UnsignedMessage/SignedMessage. - Out-of-the-box support for verifying and generating secure
web-bot-authsignatures specifically.
Usage
- Signing a message: See signing.rs to generate the contents of
SignatureandSignature-Inputheader for the tagweb-bot-auth. - Verifying a Web Bot Auth message: See verify.rs.
- Verifying an arbitrary message signature, not necessarily
web-bot-auth: See verify_arbitrary.rs.
Security Considerations
This software has not been audited. Please use at your sole discretion.
License
This project is under the Apache-2.0 license.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you shall be Apache-2.0 licensed as above, without any additional terms or conditions.