-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(auth-bundle): add first version of the bundle
- Loading branch information
edwinvautier
committed
Mar 30, 2021
1 parent
9a95e71
commit 013ae2f
Showing
6 changed files
with
175 additions
and
39 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
package authenticator | ||
|
||
import ( | ||
"github.com/dgrijalva/jwt-go" | ||
) | ||
type authenticatorInterface interface { | ||
GenerateToken(string) (error, string) | ||
DecodeToken(string) | ||
HashPassword(string, string) error | ||
} | ||
|
||
// Claim is the struct for the jwt claim | ||
type Claim struct { | ||
Email string | ||
jwt.StandardClaims | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
package authenticator | ||
|
||
import ( | ||
"os" | ||
|
||
"github.com/joho/godotenv" | ||
log "github.com/sirupsen/logrus" | ||
) | ||
|
||
// GoDotEnvVariable loads a variable from the .env file | ||
func goDotEnvVariable(key string) string { | ||
|
||
// load .env file | ||
err := godotenv.Load(".env") | ||
|
||
if err != nil { | ||
log.Error("Error loading .env file", err) | ||
} | ||
|
||
envVariable, variableExists := os.LookupEnv(key) | ||
if !variableExists { | ||
log.Error("Couldn't find variable : ", key) | ||
} | ||
|
||
return envVariable | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
package authenticator | ||
|
||
import ( | ||
"crypto/sha512" | ||
"fmt" | ||
) | ||
|
||
// HashPassword takes a string in parameter and returns the same string hashed with sha512 | ||
func (auth Authenticator) HashPassword(password string) string { | ||
h := sha512.New() | ||
h.Write([]byte(password)) | ||
bytesHash := h.Sum(nil) | ||
hexString := fmt.Sprintf("%x", bytesHash) | ||
// Returns the hexa string | ||
return hexString | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,110 @@ | ||
package authenticator | ||
|
||
import ( | ||
"errors" | ||
"io/ioutil" | ||
"strconv" | ||
"time" | ||
|
||
"github.com/dgrijalva/jwt-go" | ||
log "github.com/sirupsen/logrus" | ||
) | ||
|
||
type Authenticator struct {} | ||
|
||
// Rsa is the struct to get the rsa keys used to generate and verify tokens from the environment variables | ||
type Rsa struct { | ||
PublicKeyPath string | ||
PrivateKeyPath string | ||
PublicKey interface{} | ||
PrivateKey interface{} | ||
} | ||
|
||
var rsa Rsa | ||
|
||
func initRsaKeys() error { | ||
if rsa.PrivateKey != nil && rsa.PublicKey != nil { | ||
return nil | ||
} | ||
|
||
rsa.PublicKeyPath = goDotEnvVariable("RSA_PUBLIC_PATH") | ||
rsa.PrivateKeyPath = goDotEnvVariable("RSA_PRIVATE_PATH") | ||
|
||
// Get the public key | ||
publicKeyData, err := ioutil.ReadFile(rsa.PublicKeyPath) | ||
if err != nil { | ||
log.Error(err) | ||
return err | ||
} | ||
publicKey, err := jwt.ParseRSAPublicKeyFromPEM(publicKeyData) | ||
if err != nil { | ||
log.Error("error public key: ", err) | ||
return err | ||
} | ||
rsa.PublicKey = publicKey | ||
|
||
// Get the private key | ||
privateKeyData, err := ioutil.ReadFile(rsa.PrivateKeyPath) | ||
if err != nil { | ||
log.Error(err) | ||
return err | ||
} | ||
privateKey, err := jwt.ParseRSAPrivateKeyFromPEMWithPassword(privateKeyData, goDotEnvVariable("RSA_PASSWORD")) | ||
if err != nil { | ||
log.Error("error public key: ", err) | ||
return err | ||
} | ||
rsa.PrivateKey = privateKey | ||
|
||
return nil | ||
} | ||
|
||
// GenerateToken creates a JWT with email and expiration time in the payload | ||
func (auth Authenticator) GenerateToken(email string) (string, error) { | ||
err := initRsaKeys() | ||
if err != nil { | ||
return "", errors.New("Couldn't init rsa keys") | ||
} | ||
|
||
validTime, _ := strconv.ParseInt(goDotEnvVariable("TOKEN_VALID_DURATION"), 10, 64) | ||
// Generate Expiration date | ||
expirationTime := time.Now().Add(time.Duration(validTime) * time.Minute) | ||
|
||
claims := &Claim{ | ||
Email: email, | ||
StandardClaims: jwt.StandardClaims{ | ||
// JWT takes unix timestamps | ||
ExpiresAt: expirationTime.Unix(), | ||
}, | ||
} | ||
|
||
token := jwt.NewWithClaims(jwt.SigningMethodRS256, claims) | ||
tokenString, err := token.SignedString(rsa.PrivateKey) | ||
|
||
if err != nil { | ||
log.Error("error while generating token: ", err) | ||
return "", err | ||
} | ||
|
||
return tokenString, nil | ||
} | ||
|
||
// DecodeToken decode and validates a token | ||
func (auth Authenticator) DecodeToken(tokenString string) (*jwt.Token, *Claim, error) { | ||
err := initRsaKeys() | ||
if err != nil { | ||
return nil, &Claim{}, errors.New("Couldn't init rsa keys") | ||
} | ||
|
||
claims := &Claim{} | ||
|
||
token, err := jwt.ParseWithClaims(tokenString, claims, func(token *jwt.Token) (interface{}, error) { | ||
return rsa.PublicKey, nil | ||
}) | ||
if err != nil { | ||
log.Error("Couldn't parse the token : ", err) | ||
return nil, &Claim{}, err | ||
} | ||
|
||
return token, claims, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.