-
Notifications
You must be signed in to change notification settings - Fork 1.6k
/
external_initiator.go
67 lines (58 loc) · 1.9 KB
/
external_initiator.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
package bridges
import (
"crypto/subtle"
"strings"
"time"
"github.com/smartcontractkit/chainlink/core/auth"
"github.com/smartcontractkit/chainlink/core/store/models"
"github.com/smartcontractkit/chainlink/core/utils"
"github.com/pkg/errors"
)
// ExternalInitiatorRequest is the incoming record used to create an ExternalInitiator.
type ExternalInitiatorRequest struct {
Name string `json:"name"`
URL *models.WebURL `json:"url,omitempty"`
}
// ExternalInitiator represents a user that can initiate runs remotely
type ExternalInitiator struct {
ID int64
Name string
URL *models.WebURL
AccessKey string
Salt string
HashedSecret string
OutgoingSecret string
OutgoingToken string
CreatedAt time.Time
UpdatedAt time.Time
}
// NewExternalInitiator generates an ExternalInitiator from an
// auth.Token, hashing the password for storage
func NewExternalInitiator(
eia *auth.Token,
eir *ExternalInitiatorRequest,
) (*ExternalInitiator, error) {
salt := utils.NewSecret(utils.DefaultSecretSize)
hashedSecret, err := auth.HashedSecret(eia, salt)
if err != nil {
return nil, errors.Wrap(err, "error hashing secret for external initiator")
}
return &ExternalInitiator{
Name: strings.ToLower(eir.Name),
URL: eir.URL,
AccessKey: eia.AccessKey,
HashedSecret: hashedSecret,
Salt: salt,
OutgoingToken: utils.NewSecret(utils.DefaultSecretSize),
OutgoingSecret: utils.NewSecret(utils.DefaultSecretSize),
}, nil
}
// AuthenticateExternalInitiator compares an auth against an initiator and
// returns true if the password hashes match
func AuthenticateExternalInitiator(eia *auth.Token, ea *ExternalInitiator) (bool, error) {
hashedSecret, err := auth.HashedSecret(eia, ea.Salt)
if err != nil {
return false, err
}
return subtle.ConstantTimeCompare([]byte(hashedSecret), []byte(ea.HashedSecret)) == 1, nil
}