forked from plivo/plivo-go
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathutils.go
91 lines (79 loc) · 2.26 KB
/
utils.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
package plivo
import (
"bytes"
"crypto/hmac"
"crypto/sha1"
"crypto/sha256"
"encoding/base64"
"fmt"
"github.com/sirupsen/logrus"
"net/url"
"sort"
"strings"
)
func Numbers(numbers ...string) string {
return strings.Join(numbers, "<")
}
func headersWithSep(headers map[string]string, keyValSep, itemSep string, escape bool) string {
v := url.Values{}
for key, value := range headers {
v.Set(key, value)
}
var buf bytes.Buffer
keys := make([]string, 0, len(v))
for k := range v {
keys = append(keys, k)
}
sort.Strings(keys)
for _, k := range keys {
vs := v[k]
var prefix string
if escape {
prefix = url.QueryEscape(k) + keyValSep
} else {
prefix = k + keyValSep
}
for _, v := range vs {
if buf.Len() > 0 {
buf.WriteString(itemSep)
}
buf.WriteString(prefix)
if escape {
buf.WriteString(url.QueryEscape(v))
} else {
buf.WriteString(v)
}
}
}
return buf.String()
}
// Some code from encode.go from the Go Standard Library
func Headers(headers map[string]string) string {
return headersWithSep(headers, "=", ",", true)
}
// The old signature validation is deprecated. Will be marked deprecated in the next release.
func ComputeSignature(authToken, uri string, params map[string]string) string {
originalString := fmt.Sprintf("%s%s", uri, headersWithSep(params, "", "", false))
logrus.Infof("originalString: %s\n", originalString)
mac := hmac.New(sha1.New, []byte(authToken))
mac.Write([]byte(originalString))
return base64.StdEncoding.EncodeToString(mac.Sum(nil))
}
func ValidateSignature(authToken, uri string, params map[string]string, signature string) bool {
return ComputeSignature(authToken, uri, params) == signature
}
// Adding V2 signature validation
func ComputeSignatureV2(authToken, uri string, nonce string) string {
parsedUrl, err := url.Parse(uri)
if err != nil {
panic(err)
}
var originalString string = parsedUrl.Scheme + "://" + parsedUrl.Host + parsedUrl.Path + nonce
mac := hmac.New(sha256.New, []byte(authToken))
mac.Write([]byte(originalString))
var messageMAC string = base64.StdEncoding.EncodeToString(mac.Sum(nil))
return messageMAC
}
func ValidateSignatureV2(uri string, nonce string, signature string, authToken string) bool {
return ComputeSignatureV2(authToken, uri, nonce) == signature
}