-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathauth.go
108 lines (97 loc) · 3.12 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
// Copyright (c) 2016 IBM Corp. All rights reserved.
// Use of this source code is governed by the Apache License,
// Version 2.0, a copy of which can be found in the LICENSE file.
// Request authentication
package main
import (
"crypto/hmac"
"crypto/sha256"
"encoding/base64"
"fmt"
log "github.com/sirupsen/logrus"
"net/http"
"time"
)
func addAuthenticationHeaders(req *http.Request, body string) {
// Build the authentication values that Game On! requires. If
// the body is empty, do not include it in the calculations.
var bodyHash, sig string
ts := makeTimestamp()
if len(body) > 0 {
bodyHash = hash(body)
tokens := []string{config.id, ts, bodyHash}
sig = buildHmac(tokens, config.secret)
} else {
bodyHash = hash("")
tokens := []string{config.id, ts}
sig = buildHmac(tokens, config.secret)
}
// Set the required headers.
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Accept", "application/json,text/plain")
req.Header.Set("gameon-id", config.id)
req.Header.Set("gameon-date", ts)
req.Header.Set("gameon-sig-body", bodyHash)
req.Header.Set("gameon-signature", sig)
if config.debug {
for _, k := range []string{"gameon-id", "gameon-date", "gameon-sig-body", "gameon-signature"} {
log.Printf("%s=%s\n", k, req.Header.Get(k))
}
}
}
func getHandshakeHeader(req *http.Request) http.Header {
ts := makeTimestamp()
tokens := []string{ts, req.Header.Get("gameon-signature")}
newSig := buildHmac(tokens, config.secret)
return http.Header{
"gameon-date": {ts},
"gameon-signature": {newSig},
}
}
func hash(message string) string {
h := sha256.New()
h.Write([]byte(message))
return base64.StdEncoding.EncodeToString(h.Sum(nil))
}
func buildHmac(tokens []string, secret string) string {
key := []byte(secret)
h := hmac.New(sha256.New, key)
s := ""
for _, t := range tokens {
s += t
}
fmt.Println("Hashing: ", s, "with secret", secret)
h.Write([]byte(s))
return base64.StdEncoding.EncodeToString(h.Sum(nil))
}
// Returns the current time as a UTC-formatted string.
// If config.timeShift is non-zero, then the timestamp will
// be shifted by config.timeShift milliseconds. This can be
// used to slide our registration timestamp closer to the
// clock on a remote GameOn! server.
func makeTimestamp() string {
if config.timeShift == 0 {
return time.Now().Format(time.RFC1123)
}
locus := "MAKE.TIMESTAMP"
t1 := time.Now()
t2 := t1.Add(time.Duration(config.timeShift) * time.Millisecond)
ourTime := t1.Format(time.RFC1123)
serverTime := t2.Format(time.RFC1123)
checkpoint(locus, fmt.Sprintf("ourTime %s", ourTime))
checkpoint(locus, fmt.Sprintf("serverTime %s", serverTime))
return serverTime
}
// func makeTimestamp() string {
// if config.timeShift == 0 {
// return time.Now().UTC().Format(time.RFC3339Nano)
// }
// locus := "MAKE.TIMESTAMP"
// t1 := time.Now()
// t2 := t1.Add(time.Duration(config.timeShift) * time.Millisecond)
// ourTime := t1.UTC().Format(time.RFC3339Nano)
// serverTime := t2.UTC().Format(time.RFC3339Nano)
// checkpoint(locus, fmt.Sprintf("ourTime %s", ourTime))
// checkpoint(locus, fmt.Sprintf("serverTime %s", serverTime))
// return serverTime
// }