-
Notifications
You must be signed in to change notification settings - Fork 1.6k
/
auth.go
63 lines (52 loc) · 1.59 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
package auth
import (
"encoding/hex"
"fmt"
"github.com/smartcontractkit/chainlink/core/utils"
"github.com/pkg/errors"
"golang.org/x/crypto/sha3"
)
var (
// ErrorAuthFailed is a generic authentication failed - but not because of
// some system failure on our behalf (i.e. HTTP 5xx), more detail is not
// given
ErrorAuthFailed = errors.New("Authentication failed")
)
// Token is used for API authentication.
type Token struct {
AccessKey string `json:"accessKey"`
Secret string `json:"secret"`
}
// GetID returns the ID of this structure for jsonapi serialization.
func (ta *Token) GetID() string {
return ta.AccessKey
}
// GetName returns the pluralized "type" of this structure for jsonapi serialization.
func (ta *Token) GetName() string {
return "auth_tokens"
}
// SetID returns the ID of this structure for jsonapi serialization.
func (ta *Token) SetID(id string) error {
ta.AccessKey = id
return nil
}
// NewToken returns a new Authentication Token.
func NewToken() *Token {
return &Token{
AccessKey: utils.NewBytes32ID(),
Secret: utils.NewSecret(utils.DefaultSecretSize),
}
}
func hashInput(ta *Token, salt string) []byte {
return []byte(fmt.Sprintf("v0-%s-%s-%s", ta.AccessKey, ta.Secret, salt))
}
// HashedSecret generates a hashed password for an external initiator
// authentication
func HashedSecret(ta *Token, salt string) (string, error) {
hasher := sha3.New256()
_, err := hasher.Write(hashInput(ta, salt))
if err != nil {
return "", errors.Wrap(err, "error writing external initiator authentication to hasher")
}
return hex.EncodeToString(hasher.Sum(nil)), nil
}