server: store tokens hashed with argon2

Auth tokens aren't stored as plaintext on the server but
are hashed with argon2. The salt is the creation time of the token.

Temporary tokens aren't hashed because they are short-lived (10 min max from creation till redemption).

https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf

Author: coolya

server/build.gradle.kts

@@ -63,6 +63,9 @@ dependencies {
     implementation("org.postgresql:postgresql:42.2.24")
     implementation("org.kohsuke:github-api:1.133")
 
+    implementation("org.bouncycastle:bcprov-jdk15on:1.69")
+
+
     implementation (platform ("software.amazon.awssdk:bom:2.17.56"))
     implementation("software.amazon.awssdk:s3")
 

server/src/main/kotlin/cloud/skadi/gist/Helper.kt

@@ -13,6 +13,8 @@ import io.ktor.request.*
 import io.ktor.response.*
 import io.ktor.util.*
 import io.seruco.encoding.base62.Base62
+import org.bouncycastle.crypto.generators.Argon2BytesGenerator
+import org.bouncycastle.crypto.params.Argon2Parameters
 import org.jetbrains.exposed.sql.transactions.experimental.newSuspendedTransaction
 import org.jetbrains.exposed.sql.transactions.transaction
 import java.nio.ByteBuffer
@@ -166,4 +168,24 @@ fun ApplicationCall.url(gist: Gist) =
 fun String.sha256(): ByteArray {
     val digest = MessageDigest.getInstance("SHA-256")
     return digest.digest(this.toByteArray())
+}
+private val base64Encoder = Base64.getEncoder()
+private val base64Decoder = Base64.getDecoder()
+
+fun ByteArray.base64() = base64Encoder.encodeToString(this)
+fun String.decoderBase64() = base64Decoder.decode(this)
+
+fun encodeWithArgon(salt: ByteArray, toEncode: String): String {
+    val params = Argon2Parameters.Builder(Argon2Parameters.ARGON2_id)
+        .withSalt(salt)
+        .withParallelism(1)
+        .withMemoryAsKB(1 shl 12)
+        .withIterations(3)
+        .build()
+    val hash = ByteArray(32)
+
+    val generator = Argon2BytesGenerator()
+    generator.init(params)
+    generator.generateBytes(toEncode.toCharArray(0), hash)
+    return base64Encoder.encodeToString(salt) +"$"+ base64Encoder.encodeToString(hash)
 }

server/src/main/kotlin/cloud/skadi/gist/data/Entites.kt

@@ -33,7 +33,7 @@ class User(id: EntityID<Int>) : IntEntity(id) {
 }
 
 object TokenTable: LongIdTable() {
-    val token = varchar("token", 256).uniqueIndex()
+    val token = varchar("token", 1024).uniqueIndex()
     val created = datetime("created")
     val lastUsed = datetime("last-used").nullable()
     val name = varchar("name", 256)

server/src/main/kotlin/cloud/skadi/gist/data/Queries.kt

@@ -1,5 +1,7 @@
 package cloud.skadi.gist.data
 
+import cloud.skadi.gist.decodeBase64
+import cloud.skadi.gist.encodeWithArgon
 import cloud.skadi.gist.plugins.GistSession
 import cloud.skadi.gist.shared.GistVisibility
 import io.ktor.util.*
@@ -30,9 +32,17 @@ suspend fun userByEmail(email: String) = newSuspendedTransaction {
     User.find { UserTable.email eq email }.firstOrNull()
 }
 
-suspend fun userByToken(token: String, updateLastUsed: Boolean = true) =
-    newSuspendedTransaction {
-        val dbToken = Token.find { TokenTable.token eq token and (TokenTable.isTemporary eq false) }.firstOrNull()
+ fun userByToken(token: String, updateLastUsed: Boolean = true) =
+    transaction {
+        val tokenToFind = if(token.startsWith("v2_")) {
+            val split = token.substring(3).split('$')
+            val salt = split.first()
+            val token = split.last()
+            encodeWithArgon(salt.decodeBase64(), token)
+        } else {
+            token
+        }
+        val dbToken = Token.find { TokenTable.token eq tokenToFind and (TokenTable.isTemporary eq false) }.firstOrNull()
         if (updateLastUsed)
             dbToken?.lastUsed = LocalDateTime.now()
         dbToken?.user

server/src/main/kotlin/cloud/skadi/gist/routing/Ide.kt

@@ -1,8 +1,10 @@
 package cloud.skadi.gist.routing
 
 import cloud.skadi.gist.authenticated
+import cloud.skadi.gist.base64
 import cloud.skadi.gist.data.Token
 import cloud.skadi.gist.data.getTemporaryToken
+import cloud.skadi.gist.encodeWithArgon
 import cloud.skadi.gist.shared.*
 import io.ktor.application.*
 import io.ktor.http.*
@@ -11,7 +13,10 @@ import io.ktor.response.*
 import io.ktor.routing.*
 import io.ktor.util.*
 import org.jetbrains.exposed.sql.transactions.experimental.newSuspendedTransaction
+import java.nio.ByteBuffer
 import java.time.LocalDateTime
+import java.time.ZoneOffset
+
 
 fun Application.configureIdeRoutes() {
 
@@ -26,7 +31,7 @@ fun Application.configureIdeRoutes() {
                     val deviceName = call.parameters[PARAMETER_DEVICE_NAME]
                     val csrfToken = call.parameters[PARAMETER_CSRF_TOKEN]
 
-                    if(callback == null) {
+                    if (callback == null) {
                         call.respond(HttpStatusCode.BadRequest)
                         return@authenticated
                     }
@@ -35,7 +40,7 @@ fun Application.configureIdeRoutes() {
                         return@authenticated
                     }
 
-                    if(csrfToken == null) {
+                    if (csrfToken == null) {
                         call.respond(HttpStatusCode.BadRequest)
                         return@authenticated
                     }
@@ -47,10 +52,12 @@ fun Application.configureIdeRoutes() {
                             token = generateNonce()
                             isTemporary = true
                         }
-                        call.respondRedirect { takeFrom(callback)
+                        call.respondRedirect {
+                            takeFrom(callback)
                             parameters[PARAMETER_CSRF_TOKEN] = csrfToken
                             parameters[PARAMETER_TEMPORARY_TOKEN] = token.token
-                            parameters[PARAMETER_USER_NAME] = user.login }
+                            parameters[PARAMETER_USER_NAME] = user.login
+                        }
                     }
 
                 }
@@ -59,28 +66,33 @@ fun Application.configureIdeRoutes() {
                 val parameters = call.receiveParameters()
                 val temporaryToken = parameters[PARAMETER_TEMPORARY_TOKEN]
 
-                if(temporaryToken == null) {
+                if (temporaryToken == null) {
                     call.respond(HttpStatusCode.NotFound)
                     return@post
                 }
 
                 val dbToken = getTemporaryToken(temporaryToken)
-
-                if(dbToken == null) {
+                if (dbToken == null) {
                     call.respond(HttpStatusCode.NotFound)
                     return@post
                 }
 
+                val nonce = generateNonce()
+                val created = LocalDateTime.now()
+                val salt =
+                    ByteBuffer.allocate(12).putLong(created.toEpochSecond(ZoneOffset.UTC)).putInt(created.nano).array()
+                val encoded = encodeWithArgon(salt, nonce)
+
                 newSuspendedTransaction {
                     val token = Token.new {
                         name = dbToken.name
                         this.user = dbToken.user
-                        created = LocalDateTime.now()
-                        token = generateNonce()
+                        this.created = created
+                        token = encoded
                         isTemporary = false
                     }
                     dbToken.lastUsed = LocalDateTime.now()
-                    call.respondText(token.token)
+                    call.respondText("v2_${salt.base64()}$$nonce")
                 }
             }
         }