Sign tokens with RSA
parent
286e31c733
commit
217c90d0cf
25
main.go
25
main.go
|
@ -3,11 +3,13 @@ package main
|
||||||
import (
|
import (
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
|
"crypto/rsa"
|
||||||
"database/sql"
|
"database/sql"
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
|
"io/ioutil"
|
||||||
"log"
|
"log"
|
||||||
"math/big"
|
"math/big"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
@ -27,10 +29,11 @@ import (
|
||||||
var listen string
|
var listen string
|
||||||
var postgres string
|
var postgres string
|
||||||
var redisHost string
|
var redisHost string
|
||||||
var secret []byte
|
|
||||||
var ttl time.Duration
|
var ttl time.Duration
|
||||||
var messagingSID string
|
var messagingSID string
|
||||||
|
|
||||||
|
var privateKey *rsa.PrivateKey
|
||||||
|
|
||||||
var dummyToken string
|
var dummyToken string
|
||||||
var coreURL string
|
var coreURL string
|
||||||
|
|
||||||
|
@ -47,7 +50,6 @@ func main() {
|
||||||
log.Fatal("Error loading .env file")
|
log.Fatal("Error loading .env file")
|
||||||
}
|
}
|
||||||
listen = os.Getenv("LISTEN")
|
listen = os.Getenv("LISTEN")
|
||||||
secret = []byte(os.Getenv("SECRET"))
|
|
||||||
postgres = os.Getenv("POSTGRES")
|
postgres = os.Getenv("POSTGRES")
|
||||||
redisHost = os.Getenv("REDIS")
|
redisHost = os.Getenv("REDIS")
|
||||||
|
|
||||||
|
@ -63,6 +65,17 @@ func main() {
|
||||||
dummyToken = "{\"userid\":\"dummy\",\"clientid\":\"dummy\"}"
|
dummyToken = "{\"userid\":\"dummy\",\"clientid\":\"dummy\"}"
|
||||||
coreURL = os.Getenv("CORE_URL")
|
coreURL = os.Getenv("CORE_URL")
|
||||||
|
|
||||||
|
// Load RSA private key
|
||||||
|
privateKeyBytes, err := ioutil.ReadFile("key")
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
privateKey, err = jwt.ParseRSAPrivateKeyFromPEM(privateKeyBytes)
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
// Postgres
|
// Postgres
|
||||||
log.Printf("connecting to postgres %s", postgres)
|
log.Printf("connecting to postgres %s", postgres)
|
||||||
db, err = sql.Open("postgres", postgres)
|
db, err = sql.Open("postgres", postgres)
|
||||||
|
@ -251,12 +264,12 @@ func VerifyCode(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Generate JWT
|
// Generate JWT
|
||||||
token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims {
|
token := jwt.NewWithClaims(jwt.SigningMethodRS256, jwt.MapClaims {
|
||||||
"userid": userID,
|
"userid": userID,
|
||||||
"clientid": req.ClientId,
|
"clientid": req.ClientId,
|
||||||
})
|
})
|
||||||
|
|
||||||
tokenString, err := token.SignedString(secret)
|
tokenString, err := token.SignedString(privateKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
|
http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
|
@ -279,12 +292,12 @@ func Login(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims {
|
token := jwt.NewWithClaims(jwt.SigningMethodRS256, jwt.MapClaims {
|
||||||
"userid": login.ID,
|
"userid": login.ID,
|
||||||
"clientid": login.Client,
|
"clientid": login.Client,
|
||||||
})
|
})
|
||||||
|
|
||||||
tokenString, err := token.SignedString(secret)
|
tokenString, err := token.SignedString(privateKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
|
http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
|
|
Loading…
Reference in New Issue