-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauth.go
37 lines (30 loc) · 1.11 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
package sendowl
import (
"crypto/hmac"
"crypto/sha1"
"encoding/base64"
"fmt"
"net/http"
"net/url"
)
const SignatureQueryParam = "signature"
func Signature(signingKey, signingKeySecret string, vs url.Values) string {
return base64.StdEncoding.EncodeToString(generateSignature(signingKey, signingKeySecret, vs))
}
func generateSignature(signingKey, signingKeySecret string, vs url.Values) []byte {
mac := hmac.New(sha1.New, []byte(SigningKey(signingKey, signingKeySecret)))
mac.Write([]byte(SigningText(signingKeySecret, vs)))
return mac.Sum(nil)
}
func VerifySignatureFromRequest(signingKey, signingKeySecret string, r *http.Request) bool {
expectedMAC := []byte(Signature(signingKey, signingKeySecret, r.URL.Query()))
givenMAC := []byte(r.URL.Query().Get(SignatureQueryParam))
return hmac.Equal(expectedMAC, givenMAC)
}
func SigningText(signingKeySecret string, vs url.Values) string {
vs.Del("signature")
return fmt.Sprintf("%s&secret=%s", vs.Encode(), url.QueryEscape(signingKeySecret))
}
func SigningKey(signingKey, signingKeySecret string) string {
return fmt.Sprintf("%s&%s", signingKey, signingKeySecret)
}