/
manager.go
90 lines (72 loc) · 1.79 KB
/
manager.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
package oauth2
import (
"crypto/sha512"
"encoding/base64"
"fmt"
"golang.org/x/crypto/pbkdf2"
"github.com/eolinker/eosc"
)
type IClient interface {
ClientID() string
ClientSecret() string
ClientType() string
HashSecret() bool
RedirectUrls() []string
MatchSecret(secret string) error
Expire() int64
}
func registerClient(clientId string, client IClient) {
manager.clients.Set(clientId, client)
}
func RemoveClient(clientId string) {
manager.clients.Del(clientId)
}
func GetClient(clientId string) (IClient, bool) {
return manager.clients.Get(clientId)
}
var manager = NewManager()
// Manager 管理oauth2配置
type Manager struct {
clients eosc.Untyped[string, IClient]
}
func NewManager() *Manager {
return &Manager{clients: eosc.BuildUntyped[string, IClient]()}
}
type client struct {
clientId string
clientSecret string
clientType string
hashSecret bool
redirectUrls []string
expire int64
hashRule *hashRule
}
func (c *client) ClientID() string {
return c.clientId
}
func (c *client) ClientSecret() string {
return c.clientSecret
}
func (c *client) ClientType() string {
return c.clientType
}
func (c *client) HashSecret() bool {
return c.hashSecret
}
func (c *client) RedirectUrls() []string {
return c.redirectUrls
}
func (c *client) Expire() int64 {
return c.expire
}
func (c *client) MatchSecret(clientSecret string) error {
if c.hashSecret {
salt, _ := base64.RawStdEncoding.DecodeString(c.hashRule.salt)
secret := pbkdf2.Key([]byte(clientSecret), salt, c.hashRule.iterations, c.hashRule.length, sha512.New)
clientSecret = base64.RawStdEncoding.EncodeToString(secret)
}
if c.hashRule.value != clientSecret {
return fmt.Errorf("fail to match secret,now: %s,hope: %s,client id is %s", clientSecret, c.hashRule.value, c.clientId)
}
return nil
}