service: ad BearerToken to signed payload of the requests
This commit is contained in:
Leonard Lyubich
parent
3f7d3f8a86
commit
a3569ad99e
3 changed files with 26 additions and 1 deletions
|
|
@ -209,6 +209,9 @@ func SignRequestData(key *ecdsa.PrivateKey, src RequestSignedData) error {
|
|||
NewSignedSessionToken(
|
||||
src.GetSessionToken(),
|
||||
),
|
||||
NewSignedBearerToken(
|
||||
src.GetBearerToken(),
|
||||
),
|
||||
)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
@ -231,6 +234,9 @@ func VerifyRequestData(src RequestVerifyData) error {
|
|||
NewVerifiedSessionToken(
|
||||
src.GetSessionToken(),
|
||||
),
|
||||
NewVerifiedBearerToken(
|
||||
src.GetBearerToken(),
|
||||
),
|
||||
)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
|
|||
|
|
@ -279,14 +279,21 @@ func TestSignVerifyDataWithSessionToken(t *testing.T) {
|
|||
var (
|
||||
token = new(Token)
|
||||
initVerb = Token_Info_Verb(1)
|
||||
|
||||
bearer = wrapBearerTokenMsg(new(BearerTokenMsg))
|
||||
bearerEpoch = uint64(8)
|
||||
)
|
||||
|
||||
token.SetVerb(initVerb)
|
||||
|
||||
bearer.SetExpirationEpoch(bearerEpoch)
|
||||
|
||||
// create test data with token
|
||||
src := &testSignedDataSrc{
|
||||
data: testData(t, 10),
|
||||
token: token,
|
||||
|
||||
bearer: bearer,
|
||||
}
|
||||
|
||||
// create test private key
|
||||
|
|
@ -319,6 +326,18 @@ func TestSignVerifyDataWithSessionToken(t *testing.T) {
|
|||
// ascertain that verification is passed
|
||||
require.NoError(t, VerifyRequestData(src))
|
||||
|
||||
// break the Bearer token
|
||||
bearer.SetExpirationEpoch(bearerEpoch + 1)
|
||||
|
||||
// ascertain that verification is failed
|
||||
require.Error(t, VerifyRequestData(src))
|
||||
|
||||
// restore the Bearer token
|
||||
bearer.SetExpirationEpoch(bearerEpoch)
|
||||
|
||||
// ascertain that verification is passed
|
||||
require.NoError(t, VerifyRequestData(src))
|
||||
|
||||
// wrap to data reader
|
||||
rdr := &testSignedDataReader{
|
||||
testSignedDataSrc: src,
|
||||
|
|
|
|||
|
|
@ -104,7 +104,7 @@ func (t testCustomField) MarshalTo(data []byte) (int, error) { return 0, nil }
|
|||
// Marshal skip, it's for test usage only.
|
||||
func (t testCustomField) Marshal() ([]byte, error) { return nil, nil }
|
||||
|
||||
// GetBearerToken returns wraps Bearer field and return BearerToken interface.
|
||||
// GetBearerToken wraps Bearer field and return BearerToken interface.
|
||||
//
|
||||
// If Bearer field value is nil, nil returns.
|
||||
func (m RequestVerificationHeader) GetBearerToken() BearerToken {
|
||||
|
|
|
|||
Loading…
Reference in a new issue