Split code into smaller parts within the auth package
This commit is contained in:
parent
6c0ddca8d0
commit
ea7286c875
3 changed files with 62 additions and 50 deletions
|
@ -4,12 +4,8 @@ import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
"crypto/ecdsa"
|
"crypto/ecdsa"
|
||||||
"crypto/rand"
|
|
||||||
"crypto/rsa"
|
"crypto/rsa"
|
||||||
"crypto/sha256"
|
|
||||||
"crypto/x509"
|
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
"encoding/pem"
|
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
"regexp"
|
"regexp"
|
||||||
|
@ -189,6 +185,7 @@ func (center *Center) AuthenticationPassed(request *http.Request) (*service.Bear
|
||||||
return bearerToken, nil
|
return bearerToken, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// TODO: Make this write into a smart buffer backed by a file on a fast drive.
|
||||||
func readAndKeepBody(request *http.Request) (*bytes.Reader, error) {
|
func readAndKeepBody(request *http.Request) (*bytes.Reader, error) {
|
||||||
if request.Body == nil {
|
if request.Body == nil {
|
||||||
var r bytes.Reader
|
var r bytes.Reader
|
||||||
|
@ -209,49 +206,3 @@ func (center *Center) compress(data []byte) []byte {
|
||||||
func (center *Center) decompress(data []byte) ([]byte, error) {
|
func (center *Center) decompress(data []byte) ([]byte, error) {
|
||||||
return center.zstdDecoder.DecodeAll(data, nil)
|
return center.zstdDecoder.DecodeAll(data, nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
func encrypt(key *rsa.PublicKey, data []byte) ([]byte, error) {
|
|
||||||
return rsa.EncryptOAEP(sha256.New(), rand.Reader, key, data, []byte{})
|
|
||||||
}
|
|
||||||
|
|
||||||
func decrypt(key *rsa.PrivateKey, data []byte) ([]byte, error) {
|
|
||||||
return rsa.DecryptOAEP(sha256.New(), rand.Reader, key, data, []byte{})
|
|
||||||
}
|
|
||||||
|
|
||||||
func sha256Hash(data []byte) []byte {
|
|
||||||
hash := sha256.New()
|
|
||||||
hash.Write(data)
|
|
||||||
return hash.Sum(nil)
|
|
||||||
}
|
|
||||||
|
|
||||||
func ReadRSAPrivateKeyFromPEMFile(filePath string) (*rsa.PrivateKey, error) {
|
|
||||||
kbs, err := ioutil.ReadFile(filePath)
|
|
||||||
if err != nil {
|
|
||||||
return nil, errors.Wrapf(err, "failed to read file %s", filePath)
|
|
||||||
}
|
|
||||||
pemBlock, _ := pem.Decode(kbs)
|
|
||||||
if pemBlock == nil {
|
|
||||||
return nil, errors.Errorf("failed to decode PEM data from file %s", filePath)
|
|
||||||
}
|
|
||||||
rsaKey, err := x509.ParsePKCS1PrivateKey(pemBlock.Bytes)
|
|
||||||
if err != nil {
|
|
||||||
return nil, errors.Wrapf(err, "failed to parse private key bytes from pem data from file %s", filePath)
|
|
||||||
}
|
|
||||||
return rsaKey, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
type regexpSubmatcher struct {
|
|
||||||
re *regexp.Regexp
|
|
||||||
}
|
|
||||||
|
|
||||||
func (resm *regexpSubmatcher) getSubmatches(target string) map[string]string {
|
|
||||||
matches := resm.re.FindStringSubmatch(target)
|
|
||||||
l := len(matches)
|
|
||||||
submatches := make(map[string]string, l)
|
|
||||||
for i, name := range resm.re.SubexpNames() {
|
|
||||||
if i > 0 && i <= l {
|
|
||||||
submatches[name] = matches[i]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return submatches
|
|
||||||
}
|
|
||||||
|
|
19
auth/regexp-utils.go
Normal file
19
auth/regexp-utils.go
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
package auth
|
||||||
|
|
||||||
|
import "regexp"
|
||||||
|
|
||||||
|
type regexpSubmatcher struct {
|
||||||
|
re *regexp.Regexp
|
||||||
|
}
|
||||||
|
|
||||||
|
func (resm *regexpSubmatcher) getSubmatches(target string) map[string]string {
|
||||||
|
matches := resm.re.FindStringSubmatch(target)
|
||||||
|
l := len(matches)
|
||||||
|
submatches := make(map[string]string, l)
|
||||||
|
for i, name := range resm.re.SubexpNames() {
|
||||||
|
if i > 0 && i <= l {
|
||||||
|
submatches[name] = matches[i]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return submatches
|
||||||
|
}
|
42
auth/rsa-utils.go
Normal file
42
auth/rsa-utils.go
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
package auth
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto/rand"
|
||||||
|
"crypto/rsa"
|
||||||
|
"crypto/sha256"
|
||||||
|
"crypto/x509"
|
||||||
|
"encoding/pem"
|
||||||
|
"io/ioutil"
|
||||||
|
|
||||||
|
"github.com/pkg/errors"
|
||||||
|
)
|
||||||
|
|
||||||
|
func ReadRSAPrivateKeyFromPEMFile(filePath string) (*rsa.PrivateKey, error) {
|
||||||
|
kbs, err := ioutil.ReadFile(filePath)
|
||||||
|
if err != nil {
|
||||||
|
return nil, errors.Wrapf(err, "failed to read file %s", filePath)
|
||||||
|
}
|
||||||
|
pemBlock, _ := pem.Decode(kbs)
|
||||||
|
if pemBlock == nil {
|
||||||
|
return nil, errors.Errorf("failed to decode PEM data from file %s", filePath)
|
||||||
|
}
|
||||||
|
rsaKey, err := x509.ParsePKCS1PrivateKey(pemBlock.Bytes)
|
||||||
|
if err != nil {
|
||||||
|
return nil, errors.Wrapf(err, "failed to parse private key bytes from pem data from file %s", filePath)
|
||||||
|
}
|
||||||
|
return rsaKey, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func encrypt(key *rsa.PublicKey, data []byte) ([]byte, error) {
|
||||||
|
return rsa.EncryptOAEP(sha256.New(), rand.Reader, key, data, []byte{})
|
||||||
|
}
|
||||||
|
|
||||||
|
func decrypt(key *rsa.PrivateKey, data []byte) ([]byte, error) {
|
||||||
|
return rsa.DecryptOAEP(sha256.New(), rand.Reader, key, data, []byte{})
|
||||||
|
}
|
||||||
|
|
||||||
|
func sha256Hash(data []byte) []byte {
|
||||||
|
hash := sha256.New()
|
||||||
|
hash.Write(data)
|
||||||
|
return hash.Sum(nil)
|
||||||
|
}
|
Loading…
Reference in a new issue