50 lines
1.3 KiB
Go
50 lines
1.3 KiB
Go
package login
|
|
|
|
import (
|
|
"crypto/hmac"
|
|
"crypto/sha256"
|
|
"encoding/hex"
|
|
"errors"
|
|
"net/url"
|
|
"strconv"
|
|
)
|
|
|
|
// ErrUserNotDefined describes error of an unassigned structure of user
|
|
var ErrUserNotDefined = errors.New("user is not defined")
|
|
|
|
// CheckAuthorization verify the authentication and the integrity of the data
|
|
// received by comparing the received hash parameter with the hexadecimal
|
|
// representation of the HMAC-SHA-256 signature of the data-check-string with the
|
|
// SHA256 hash of the bot's token used as a secret key.
|
|
func (a *App) CheckAuthorization(user *User) (ok bool, err error) {
|
|
if user == nil {
|
|
err = ErrUserNotDefined
|
|
return
|
|
}
|
|
|
|
dataCheck := make(url.Values)
|
|
dataCheck.Add(KeyAuthDate, string(user.AuthDate))
|
|
dataCheck.Add(KeyFirstName, user.FirstName)
|
|
dataCheck.Add(KeyID, strconv.Itoa(user.ID))
|
|
|
|
// Add optional values if exist
|
|
if user.LastName != "" {
|
|
dataCheck.Add(KeyLastName, user.LastName)
|
|
}
|
|
if user.PhotoURL != "" {
|
|
dataCheck.Add(KeyPhotoURL, user.PhotoURL)
|
|
}
|
|
if user.Username != "" {
|
|
dataCheck.Add(KeyUsername, user.Username)
|
|
}
|
|
|
|
secretKey := sha256.Sum256([]byte(a.SecretKey))
|
|
hash := hmac.New(sha256.New, secretKey[0:])
|
|
if _, err = hash.Write([]byte(dataCheck.Encode())); err != nil {
|
|
return
|
|
}
|
|
|
|
ok = hex.EncodeToString(hash.Sum(nil)) == user.Hash
|
|
return
|
|
}
|