toby3d/auth
toby3d
/
auth
1
0
Fork 0
Code Actions Packages Releases Activity
auth/internal/domain/pkce.go

59 lines
989 B
Go
Raw Blame History

//nolint: gosec
package domain
import (
"crypto/md5"
"crypto/sha1"
"crypto/sha256"
"crypto/sha512"
"encoding/base64"
"hash"
"io"
)
type (
PKCE struct {
Method PKCEMethod
Verifier string
Challenge string
}
PKCEMethod string
)
const (
PKCEMethodMD5 PKCEMethod = "MD5"
PKCEMethodPlain PKCEMethod = "plain"
PKCEMethodS1 PKCEMethod = "S1"
PKCEMethodS256 PKCEMethod = "S256"
PKCEMethodS512 PKCEMethod = "S512"
)
func (pkce PKCE) IsValid() bool {
h := pkce.Method.Hash()
if h == nil { // NOTE(toby3d): PLAIN
return pkce.Challenge == pkce.Verifier
}
_, _ = io.WriteString(h, pkce.Verifier)
return pkce.Challenge == base64.RawURLEncoding.EncodeToString(h.Sum(nil))
}
func (m PKCEMethod) Hash() hash.Hash {
switch m {
case PKCEMethodMD5:
return md5.New()
case PKCEMethodS1:
return sha1.New()
case PKCEMethodS256:
return sha256.New()
case PKCEMethodS512:
return sha512.New()
case PKCEMethodPlain:
fallthrough
default:
return nil
}
}
View Git Blame Copy Permalink