-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathhwt.go
More file actions
73 lines (60 loc) · 1.56 KB
/
Copy pathhwt.go
File metadata and controls
73 lines (60 loc) · 1.56 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
// i legit say "NAH. NAH" on JWT when i was about to reinvent the whole JWT thing.
// just before i finished, i see the chaos.
//
// i mean, **5 ENCODING CALLS**.
// 2x JSON Encoding + 3x Base64 Encoding
//
// BRUH. WE COULD DO BETTER THAN THIS.
// so i stopped & reinvent something actually dead saner than any standard out here.
//
// HWT -> Hewo Web Token
//
// It's just <payload>.<sig>. That simple.
// You decode these two base64 fields, verify the bytes of <payload> with <sig>
// Isn't that saner?
package hwt
import (
"bytes"
"crypto/hmac"
"crypto/sha256"
"strings"
)
// Sign a payload of bytes with bytes of salt & make a token
func Sign(payload, salt []byte) (token string) {
sig := l_hash(payload, salt)
token = bytesToBase64(payload) + "." + bytesToBase64(sig)
return
}
// Check whenever the token is valid with the hash and the salt
func Check(t string, salt []byte) (payload []byte, ok bool) {
vals := strings.Split(t, ".")
if len(vals) != 2 {
return
}
var err error
// before we unpack the entire nuts, we shall check hash.
var thisHash []byte
payload, err = base64ToBytes(vals[0])
if err != nil {
return
}
// get the hash value
thisHash, err = base64ToBytes(vals[1])
if err != nil {
return
}
// validate whenever this goblin is valid
ok = l_check(payload, thisHash, salt)
return
}
func l_hash(b, salt []byte) (hash []byte) {
h := hmac.New(sha256.New, salt)
h.Write(b)
hash = h.Sum(nil)
return
}
func l_check(payload, hash, salt []byte) (valid bool) {
actualHash := l_hash(payload, salt)
valid = bytes.Equal(hash, actualHash)
return
}