interface
This commit is contained in:
Livio Amstutz
parent
80eeee2de2
commit
988a556fa9
10 changed files with 131 additions and 76 deletions
|
|
@ -1,7 +1,12 @@
|
|||
package oidc
|
||||
|
||||
import (
|
||||
"crypto/sha256"
|
||||
"crypto/sha512"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"hash"
|
||||
"time"
|
||||
|
||||
"golang.org/x/oauth2"
|
||||
|
|
@ -82,3 +87,27 @@ type Tokens struct {
|
|||
*oauth2.Token
|
||||
IDTokenClaims *IDTokenClaims
|
||||
}
|
||||
|
||||
func AccessTokenHash(accessToken string, sigAlgorithm jose.SignatureAlgorithm) (string, error) {
|
||||
tokenHash, err := getHashAlgorithm(sigAlgorithm)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
tokenHash.Write([]byte(accessToken)) // hash documents that Write will never return an error
|
||||
sum := tokenHash.Sum(nil)[:tokenHash.Size()/2]
|
||||
return base64.RawURLEncoding.EncodeToString(sum), nil
|
||||
}
|
||||
|
||||
func getHashAlgorithm(sigAlgorithm jose.SignatureAlgorithm) (hash.Hash, error) {
|
||||
switch sigAlgorithm {
|
||||
case jose.RS256, jose.ES256, jose.PS256:
|
||||
return sha256.New(), nil
|
||||
case jose.RS384, jose.ES384, jose.PS384:
|
||||
return sha512.New384(), nil
|
||||
case jose.RS512, jose.ES512, jose.PS512:
|
||||
return sha512.New(), nil
|
||||
default:
|
||||
return nil, fmt.Errorf("oidc: unsupported signing algorithm %q", sigAlgorithm)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue