MokoConsulting/MokoGitea-Fork
1
0
Fork 0
Code Issues 171 Pull Requests Releases 96 Wiki Activity

Signed download endpoint — ed25519 time-limited download URLs #622

New Issue
Open
opened 2026-06-12 07:58:57 +00:00 by jmiller · 1 comment
jmiller commented 2026-06-12 07:58:57 +00:00
Owner
Copy Link
Copy Source

Phase 2.2 — Signed Downloads

Parent: #616 | Depends on: #621

routers/api/v1/licensing/download.go + services/licensing/signer.go:

Route

GET /api/v1/licensing/download/{product}/{version}.zip?token=SIGNED&expires=TIMESTAMP

Signing (ed25519, Go stdlib)

  • Generate ed25519 keypair on first run, store private key in Gitea's app.ini or data dir
  • Token = base64url(ed25519.Sign(privateKey, "product|version|dlid|expires"))
  • Validation: verify signature, check expiry (5 min TTL), serve release asset from Gitea's existing release attachment system

Flow

  1. Token generated by update XML endpoint (#621) with 5-minute expiry
  2. Joomla downloads the ZIP within the window
  3. Gitea verifies signature + expiry
  4. Serves the release asset (ZIP) from the corresponding repo's latest release
  5. Logs the download (license_id, product, version, domain, timestamp)

Acceptance criteria

  • ed25519 signing with Go crypto/ed25519 (no external deps)
  • 5-minute TTL on download tokens
  • Expired/invalid tokens return 403
  • Downloads served from existing Gitea release attachments
  • Download logged for analytics
## Phase 2.2 — Signed Downloads Parent: #616 | Depends on: #621 `routers/api/v1/licensing/download.go` + `services/licensing/signer.go`: ### Route `GET /api/v1/licensing/download/{product}/{version}.zip?token=SIGNED&expires=TIMESTAMP` ### Signing (ed25519, Go stdlib) - Generate ed25519 keypair on first run, store private key in Gitea's app.ini or data dir - Token = base64url(ed25519.Sign(privateKey, "product|version|dlid|expires")) - Validation: verify signature, check expiry (5 min TTL), serve release asset from Gitea's existing release attachment system ### Flow 1. Token generated by update XML endpoint (#621) with 5-minute expiry 2. Joomla downloads the ZIP within the window 3. Gitea verifies signature + expiry 4. Serves the release asset (ZIP) from the corresponding repo's latest release 5. Logs the download (license_id, product, version, domain, timestamp) ### Acceptance criteria - [ ] ed25519 signing with Go crypto/ed25519 (no external deps) - [ ] 5-minute TTL on download tokens - [ ] Expired/invalid tokens return 403 - [ ] Downloads served from existing Gitea release attachments - [ ] Download logged for analytics
jmiller commented 2026-06-12 07:58:59 +00:00
Author
Owner
Copy Link
Copy Source

Branch created: feature/622-signed-download-endpoint-ed25519-time-li

git fetch origin
git checkout feature/622-signed-download-endpoint-ed25519-time-li
Branch created: [`feature/622-signed-download-endpoint-ed25519-time-li`](https://code.mokoconsulting.tech/MokoConsulting/MokoGitea-APP/src/branch/feature/622-signed-download-endpoint-ed25519-time-li) ```bash git fetch origin git checkout feature/622-signed-download-endpoint-ed25519-time-li ```
Sign in to join this conversation.
Labels
Clear labels
breaking-change
Breaking API or behavior change
 ci-cd
CI/CD pipeline changes
 config
Configuration changes
 dependencies
Dependency updates
 deploy-failure
Deployment failed
 docker
Docker/container changes
 documentation
Documentation changes
 good first issue
Good for newcomers
 health-check
Repo health check result
 help wanted
Extra attention needed
 mokostandards
Related to MokoStandards framework
 push-failure
Git push operation failed
 security
Security vulnerability or hardening
 size/l
200-500 lines changed
 size/m
50-200 lines changed
 size/s
10-50 lines changed
 size/xl
500+ lines changed
 size/xs
< 10 lines changed
 standards-drift
Deviates from MokoStandards
 standards-update
MokoStandards compliance update
 sync-failure
Sync or mirror failed
 tech-debt
Technical debt and TODO/FIXME items
 upstream
upstream
Inherited from upstream Gitea
 work-in-progress
Draft or incomplete work
No labels
Priority Medium
Type Feature
Milestone
No items
No Milestone
Assignees
Clear assignees
jmiller (Jonathan Miller) moko-deploy (Moko Deploy Bot)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: MokoConsulting/MokoGitea-Fork#622
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?