Move stuff, keep working on authenticated fetch
All checks were successful
/ docker (push) Successful in 4m5s
All checks were successful
/ docker (push) Successful in 4m5s
This commit is contained in:
parent
f8b3a6ff06
commit
e3a97170a9
SSH key fingerprint:
SHA256:vkXfS9FG2pVNVfvDrzd1VW9n8VJzqqdKQGljxxX8uK8
11 changed files with 81 additions and 39 deletions
|
|
@ -2,17 +2,20 @@ package webshared
|
|||
|
||||
import (
|
||||
"crypto/sha256"
|
||||
"io"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"git.mstar.dev/mstar/goutils/maputils"
|
||||
"github.com/rs/zerolog/log"
|
||||
|
||||
"git.mstar.dev/mstar/linstrom/config"
|
||||
)
|
||||
|
||||
// No init needed, zero value is good
|
||||
|
||||
var RequestClient http.Client
|
||||
var RequestClient = http.Client{}
|
||||
|
||||
const xRandomHeader = "X-Auth-Random"
|
||||
|
||||
|
|
@ -36,35 +39,40 @@ func SignRequest(r *http.Request, keyId string, privateKeyBytes, postBody []byte
|
|||
host = hostString
|
||||
} else {
|
||||
host = config.GlobalConfig.General.GetFullDomain()
|
||||
headers.Set("Date", host)
|
||||
headers.Set("Host", host)
|
||||
}
|
||||
applyBodyHash(headers, postBody)
|
||||
mappedHeaders := maputils.MapSameKeys(headers, func(k string, v []string) string {
|
||||
mappedHeaders := maputils.MapNewKeys(headers, func(k string, v []string) (string, string) {
|
||||
if len(v) > 0 {
|
||||
return v[0]
|
||||
return strings.ToLower(k), v[0]
|
||||
} else {
|
||||
return ""
|
||||
return strings.ToLower(k), ""
|
||||
}
|
||||
})
|
||||
var signedString string
|
||||
var usedHeaders []string
|
||||
if config.GlobalConfig.Experimental.UseEd25519Keys {
|
||||
tmp, err := CreateSignatureED(method, r.URL.RawPath, mappedHeaders, privateKeyBytes)
|
||||
tmp, tmp2, err := CreateSignatureED(method, r.URL.Path, mappedHeaders, privateKeyBytes)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
signedString = tmp
|
||||
usedHeaders = tmp2
|
||||
} else {
|
||||
tmp, err := CreateSignatureRSA(method, r.URL.RawPath, mappedHeaders, privateKeyBytes)
|
||||
tmp, tmp2, err := CreateSignatureRSA(method, r.URL.Path, mappedHeaders, privateKeyBytes)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
signedString = tmp
|
||||
usedHeaders = tmp2
|
||||
}
|
||||
log.Debug().Str("string-to-sign", signedString).Any("headers", mappedHeaders).Send()
|
||||
signature := CreateSignatureHeaderContent(
|
||||
keyId,
|
||||
signedString,
|
||||
maputils.KeysFromMap(mappedHeaders)...,
|
||||
usedHeaders...,
|
||||
)
|
||||
log.Debug().Str("signature-header", signature).Send()
|
||||
headers.Set("Signature", signature)
|
||||
return nil
|
||||
}
|
||||
|
|
@ -77,3 +85,17 @@ func applyBodyHash(headers http.Header, body []byte) error {
|
|||
headers.Set("Digest", string(hash[:]))
|
||||
return nil
|
||||
}
|
||||
|
||||
func NewRequest(method string, url string, body io.Reader) (*http.Request, error) {
|
||||
req, err := http.NewRequest(method, url, body)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
req.Header.Add(
|
||||
"User-Agent",
|
||||
"Linstrom v0.0.0-pre-alpha ("+config.GlobalConfig.General.GetFullDomain()+")",
|
||||
)
|
||||
req.Header.Add("Date", time.Now().Format(time.RFC1123))
|
||||
req.Header.Add("Host", config.GlobalConfig.General.GetFullDomain())
|
||||
return req, nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue