♻️ Refactor login sub-package
This commit is contained in:
parent
8a41bcfe09
commit
280f059bd4
|
@ -4,46 +4,58 @@ import (
|
|||
"crypto/hmac"
|
||||
"crypto/sha256"
|
||||
"encoding/hex"
|
||||
"errors"
|
||||
"net/url"
|
||||
"strconv"
|
||||
)
|
||||
|
||||
// ErrUserNotDefined describes error of an unassigned structure of user
|
||||
var ErrUserNotDefined = errors.New("user is not defined")
|
||||
http "github.com/valyala/fasthttp"
|
||||
)
|
||||
|
||||
// CheckAuthorization verify the authentication and the integrity of the data
|
||||
// received by comparing the received hash parameter with the hexadecimal
|
||||
// representation of the HMAC-SHA-256 signature of the data-check-string with the
|
||||
// SHA256 hash of the bot's token used as a secret key.
|
||||
func (a *App) CheckAuthorization(user *User) (ok bool, err error) {
|
||||
if user == nil {
|
||||
err = ErrUserNotDefined
|
||||
return
|
||||
func CheckAuthorization(data interface{}, secretKey string) (bool, error) {
|
||||
args := http.AcquireArgs()
|
||||
defer http.ReleaseArgs(args)
|
||||
|
||||
switch d := data.(type) {
|
||||
case *User:
|
||||
return d.CheckAuthorization(secretKey)
|
||||
case *http.Args:
|
||||
d.CopyTo(args)
|
||||
http.ReleaseArgs(d)
|
||||
case []byte:
|
||||
args.ParseBytes(d)
|
||||
case string:
|
||||
args.Parse(d)
|
||||
default:
|
||||
return false, ErrUnsupportedType
|
||||
|
||||
}
|
||||
|
||||
dataCheck := make(url.Values)
|
||||
dataCheck.Add(KeyAuthDate, string(user.AuthDate))
|
||||
dataCheck.Add(KeyFirstName, user.FirstName)
|
||||
dataCheck.Add(KeyID, strconv.Itoa(user.ID))
|
||||
hash := args.Peek(KeyHash)
|
||||
args.Del(KeyHash)
|
||||
|
||||
// Add optional values if exist
|
||||
if user.LastName != "" {
|
||||
dataCheck.Add(KeyLastName, user.LastName)
|
||||
}
|
||||
if user.PhotoURL != "" {
|
||||
dataCheck.Add(KeyPhotoURL, user.PhotoURL)
|
||||
}
|
||||
if user.Username != "" {
|
||||
dataCheck.Add(KeyUsername, user.Username)
|
||||
}
|
||||
|
||||
secretKey := sha256.Sum256([]byte(a.SecretKey))
|
||||
hash := hmac.New(sha256.New, secretKey[0:])
|
||||
if _, err = hash.Write([]byte(dataCheck.Encode())); err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
ok = hex.EncodeToString(hash.Sum(nil)) == user.Hash
|
||||
return
|
||||
return check(args.QueryString(), []byte(secretKey), hash)
|
||||
}
|
||||
|
||||
// CheckAuthorization verify the authentication and the integrity of the data
|
||||
// received by comparing the received hash parameter with the hexadecimal
|
||||
// representation of the HMAC-SHA-256 signature of the data-check-string with the
|
||||
// SHA256 hash of the bot's token used as a secret key.
|
||||
func (u *User) CheckAuthorization(secretKey string) (ok bool, err error) {
|
||||
args := u.toArgs()
|
||||
defer http.ReleaseArgs(args)
|
||||
hash := args.Peek(KeyHash)
|
||||
args.Del(KeyHash)
|
||||
|
||||
return check(args.QueryString(), []byte(secretKey), hash)
|
||||
}
|
||||
|
||||
func check(data, secretKey, hash []byte) (bool, error) {
|
||||
sk := sha256.Sum256(secretKey)
|
||||
h := hmac.New(sha256.New, sk[0:])
|
||||
if _, err := h.Write(data); err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
return hex.EncodeToString(h.Sum(nil)) == string(hash), nil
|
||||
}
|
||||
|
|
|
@ -1,12 +0,0 @@
|
|||
package login
|
||||
|
||||
// Key... represents available and supported data keys
|
||||
const (
|
||||
KeyAuthDate = "auth_date"
|
||||
KeyFirstName = "first_name"
|
||||
KeyHash = "hash"
|
||||
KeyID = "id"
|
||||
KeyLastName = "last_name"
|
||||
KeyPhotoURL = "photo_url"
|
||||
KeyUsername = "username"
|
||||
)
|
|
@ -1,9 +0,0 @@
|
|||
package login
|
||||
|
||||
// App represents a widget which get and validate users authorizations.
|
||||
type App struct{ SecretKey string }
|
||||
|
||||
// New create new app widget for validate authorizations with bot token as secret key.
|
||||
func New(accessToken string) *App {
|
||||
return &App{SecretKey: accessToken}
|
||||
}
|
|
@ -1,42 +1,31 @@
|
|||
package login
|
||||
|
||||
import (
|
||||
"net/url"
|
||||
"strconv"
|
||||
)
|
||||
|
||||
// User contains data about authenticated user.
|
||||
type User struct {
|
||||
ID int `json:"id"`
|
||||
AuthDate int64 `json:"auth_date"`
|
||||
FirstName string `json:"first_name"`
|
||||
Hash string `json:"hash"`
|
||||
LastName string `json:"last_name,omitempty"`
|
||||
PhotoURL string `json:"photo_url,omitempty"`
|
||||
Username string `json:"username,omitempty"`
|
||||
}
|
||||
import http "github.com/valyala/fasthttp"
|
||||
|
||||
// ParseUser create User structure from input url.Values.
|
||||
func ParseUser(src url.Values) (u *User, err error) {
|
||||
u = new(User)
|
||||
func ParseUser(data interface{}) (*User, error) {
|
||||
args := http.AcquireArgs()
|
||||
defer http.ReleaseArgs(args)
|
||||
|
||||
var ad int
|
||||
ad, err = strconv.Atoi(src.Get(KeyAuthDate))
|
||||
if err != nil {
|
||||
return
|
||||
switch d := data.(type) {
|
||||
case *http.Args:
|
||||
d.CopyTo(args)
|
||||
http.ReleaseArgs(d)
|
||||
case []byte:
|
||||
args.ParseBytes(d)
|
||||
case string:
|
||||
args.Parse(d)
|
||||
default:
|
||||
return nil, ErrUnsupportedType
|
||||
}
|
||||
|
||||
u.ID, err = strconv.Atoi(src.Get(KeyID))
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
u.AuthDate = int64(ad)
|
||||
u.FirstName = src.Get(KeyFirstName)
|
||||
u.Hash = src.Get(KeyHash)
|
||||
u.LastName = src.Get(KeyLastName)
|
||||
u.PhotoURL = src.Get(KeyPhotoURL)
|
||||
u.Username = src.Get(KeyUsername)
|
||||
|
||||
return
|
||||
return &User{
|
||||
ID: args.GetUintOrZero(KeyID),
|
||||
AuthDate: int64(args.GetUintOrZero(KeyAuthDate)),
|
||||
FirstName: string(args.Peek(KeyFirstName)),
|
||||
Hash: string(args.Peek(KeyHash)),
|
||||
LastName: string(args.Peek(KeyLastName)),
|
||||
PhotoURL: string(args.Peek(KeyPhotoURL)),
|
||||
Username: string(args.Peek(KeyUsername)),
|
||||
}, nil
|
||||
}
|
||||
|
|
|
@ -0,0 +1,37 @@
|
|||
package login
|
||||
|
||||
import "errors"
|
||||
|
||||
// User contains data about authenticated user.
|
||||
type User struct {
|
||||
ID int `json:"id"`
|
||||
AuthDate int64 `json:"auth_date"`
|
||||
FirstName string `json:"first_name"`
|
||||
Hash string `json:"hash"`
|
||||
LastName string `json:"last_name,omitempty"`
|
||||
PhotoURL string `json:"photo_url,omitempty"`
|
||||
Username string `json:"username,omitempty"`
|
||||
}
|
||||
|
||||
// Key represents available and supported query arguments keys.
|
||||
const (
|
||||
KeyAuthDate = "auth_date"
|
||||
KeyFirstName = "first_name"
|
||||
KeyHash = "hash"
|
||||
KeyID = "id"
|
||||
KeyLastName = "last_name"
|
||||
KeyPhotoURL = "photo_url"
|
||||
KeyUsername = "username"
|
||||
)
|
||||
|
||||
var (
|
||||
// ErrUserNotDefined describes error of an unassigned structure of user.
|
||||
ErrUserNotDefined = errors.New("user is not defined")
|
||||
|
||||
// ErrEmptyToken describes error of an empty access token of the bot.
|
||||
ErrEmptyToken = errors.New("empty bot access token")
|
||||
|
||||
// ErrUnsupportedType describes error of unsupported input data type for
|
||||
// CheckAuthorization method.
|
||||
ErrUnsupportedType = errors.New("unsupported data type")
|
||||
)
|
|
@ -1,6 +1,10 @@
|
|||
package login
|
||||
|
||||
import "time"
|
||||
import (
|
||||
"time"
|
||||
|
||||
http "github.com/valyala/fasthttp"
|
||||
)
|
||||
|
||||
// FullName return user first name only or full name if last name is present.
|
||||
func (user *User) FullName() string {
|
||||
|
@ -34,3 +38,25 @@ func (u *User) HasLastName() bool {
|
|||
func (u *User) HasUsername() bool {
|
||||
return u != nil && u.Username != ""
|
||||
}
|
||||
|
||||
func (u *User) toArgs() *http.Args {
|
||||
args := http.AcquireArgs()
|
||||
defer http.ReleaseArgs(args)
|
||||
args.SetUint(KeyAuthDate, int(u.AuthDate))
|
||||
args.Set(KeyFirstName, u.FirstName)
|
||||
args.SetUint(KeyID, u.ID)
|
||||
args.Set(KeyHash, u.Hash)
|
||||
|
||||
// Add optional values if exist
|
||||
if u.LastName != "" {
|
||||
args.Set(KeyLastName, u.LastName)
|
||||
}
|
||||
if u.PhotoURL != "" {
|
||||
args.Set(KeyPhotoURL, u.PhotoURL)
|
||||
}
|
||||
if u.Username != "" {
|
||||
args.Set(KeyUsername, u.Username)
|
||||
}
|
||||
|
||||
return args
|
||||
}
|
Loading…
Reference in New Issue