mirror of
https://github.com/elyby/chrly.git
synced 2024-12-02 11:40:56 +05:30
125 lines
2.2 KiB
Go
125 lines
2.2 KiB
Go
package auth
|
|
|
|
import (
|
|
"encoding/base64"
|
|
"io/ioutil"
|
|
"math"
|
|
"math/rand"
|
|
"os"
|
|
"time"
|
|
|
|
"github.com/SermoDigital/jose/crypto"
|
|
"github.com/SermoDigital/jose/jws"
|
|
"github.com/mitchellh/go-homedir"
|
|
)
|
|
|
|
var hashAlg = crypto.SigningMethodHS256
|
|
|
|
const appHomeDirName = ".minecraft-skinsystem"
|
|
const scopesClaim = "scopes"
|
|
|
|
type Scope string
|
|
|
|
var (
|
|
SkinScope = Scope("skin")
|
|
)
|
|
|
|
type JwtAuth struct {
|
|
signingKey []byte
|
|
}
|
|
|
|
func (t *JwtAuth) NewToken(scopes ...Scope) ([]byte, error) {
|
|
key, err := t.getSigningKey()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
claims := jws.Claims{}
|
|
claims.Set(scopesClaim, scopes)
|
|
claims.SetIssuedAt(time.Now())
|
|
encoder := jws.NewJWT(claims, hashAlg)
|
|
token, err := encoder.Serialize(key)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return token, nil
|
|
}
|
|
|
|
func (t *JwtAuth) GenerateSigningKey() error {
|
|
if err := createAppHomeDir(); err != nil {
|
|
return err
|
|
}
|
|
|
|
key := generateRandomBytes(64)
|
|
if err := ioutil.WriteFile(getKeyPath(), key, 0600); err != nil {
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (t *JwtAuth) getSigningKey() ([]byte, error) {
|
|
if t.signingKey != nil {
|
|
return t.signingKey, nil
|
|
}
|
|
|
|
path := getKeyPath()
|
|
if _, err := os.Stat(path); err != nil {
|
|
if os.IsNotExist(err) {
|
|
return nil, &SigningKeyNotAvailable{}
|
|
}
|
|
|
|
return nil, err
|
|
}
|
|
|
|
key, err := ioutil.ReadFile(path)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return key, nil
|
|
}
|
|
|
|
func createAppHomeDir() error {
|
|
path := getAppHomeDirPath()
|
|
if _, err := os.Stat(path); os.IsNotExist(err) {
|
|
err := os.Mkdir(path, 0755) // rwx r-x r-x
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func getAppHomeDirPath() string {
|
|
path, err := homedir.Expand("~/" + appHomeDirName)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
return path
|
|
}
|
|
|
|
func getKeyPath() string {
|
|
return getAppHomeDirPath() + "/jwt-key"
|
|
}
|
|
|
|
func generateRandomBytes(n int) []byte {
|
|
randLen := int(math.Ceil(float64(n) / 1.37)) // base64 will increase length in 1.37 times
|
|
randBytes := make([]byte, randLen)
|
|
rand.Read(randBytes)
|
|
resBytes := make([]byte, n)
|
|
base64.URLEncoding.Encode(resBytes, randBytes)
|
|
|
|
return resBytes
|
|
}
|
|
|
|
type SigningKeyNotAvailable struct {
|
|
}
|
|
|
|
func (*SigningKeyNotAvailable) Error() string {
|
|
return "Signing key not available"
|
|
}
|