github.com/Tyktechnologies/tyk@v2.9.5+incompatible/signature_validator/validate.go

github.com/Tyktechnologies/tyk@v2.9.5+incompatible/signature_validator/validate.go (about)

     1  package signature_validator
     2  
     3  import (
     4  	"bytes"
     5  	"encoding/hex"
     6  	"errors"
     7  	"fmt"
     8  	"time"
     9  )
    10  
    11  type Validator interface {
    12  	Init(hasherName string) error
    13  	Validate(attempt, actual string, allowedClockSkew int64) error
    14  }
    15  
    16  type SignatureValidator struct {
    17  	h Hasher
    18  }
    19  
    20  func (v *SignatureValidator) Init(hasherName string) error {
    21  	switch hasherName {
    22  	case "MasherySHA256":
    23  		v.h = MasherySha256Sum{}
    24  	case "MasheryMD5":
    25  		v.h = MasheryMd5sum{}
    26  	default:
    27  		return errors.New(fmt.Sprintf("unsupported hasher type (%s)", hasherName))
    28  	}
    29  
    30  	return nil
    31  }
    32  
    33  func (v SignatureValidator) Validate(signature, key, secret string, allowedClockSkew int64) error {
    34  	signatureBytes, _ := hex.DecodeString(signature)
    35  	now := time.Now().Unix()
    36  	for i := int64(0); i <= allowedClockSkew; i++ {
    37  		if bytes.Equal(v.h.Hash(key, secret, now+i), signatureBytes) {
    38  			return nil
    39  		}
    40  
    41  		if i == int64(0) {
    42  			continue
    43  		}
    44  
    45  		if bytes.Equal(v.h.Hash(key, secret, now-i), signatureBytes) {
    46  			return nil
    47  		}
    48  	}
    49  
    50  	return errors.New("signature is not valid")
    51  }