59 lines
989 B
Go
59 lines
989 B
Go
//nolint: gosec
|
|
package domain
|
|
|
|
import (
|
|
"crypto/md5"
|
|
"crypto/sha1"
|
|
"crypto/sha256"
|
|
"crypto/sha512"
|
|
"encoding/base64"
|
|
"hash"
|
|
"io"
|
|
)
|
|
|
|
type (
|
|
PKCE struct {
|
|
Method PKCEMethod
|
|
Verifier string
|
|
Challenge string
|
|
}
|
|
|
|
PKCEMethod string
|
|
)
|
|
|
|
const (
|
|
PKCEMethodMD5 PKCEMethod = "MD5"
|
|
PKCEMethodPlain PKCEMethod = "plain"
|
|
PKCEMethodS1 PKCEMethod = "S1"
|
|
PKCEMethodS256 PKCEMethod = "S256"
|
|
PKCEMethodS512 PKCEMethod = "S512"
|
|
)
|
|
|
|
func (pkce PKCE) IsValid() bool {
|
|
h := pkce.Method.Hash()
|
|
if h == nil { // NOTE(toby3d): PLAIN
|
|
return pkce.Challenge == pkce.Verifier
|
|
}
|
|
|
|
_, _ = io.WriteString(h, pkce.Verifier)
|
|
|
|
return pkce.Challenge == base64.RawURLEncoding.EncodeToString(h.Sum(nil))
|
|
}
|
|
|
|
func (m PKCEMethod) Hash() hash.Hash {
|
|
switch m {
|
|
case PKCEMethodMD5:
|
|
return md5.New()
|
|
case PKCEMethodS1:
|
|
return sha1.New()
|
|
case PKCEMethodS256:
|
|
return sha256.New()
|
|
case PKCEMethodS512:
|
|
return sha512.New()
|
|
case PKCEMethodPlain:
|
|
fallthrough
|
|
default:
|
|
return nil
|
|
}
|
|
}
|