this repo has no description
hailey.at
1package oauth
2
3import (
4 "crypto/ecdsa"
5 "crypto/elliptic"
6 "crypto/rand"
7 "fmt"
8 "net/url"
9 "time"
10
11 "github.com/lestrrat-go/jwx/v2/jwk"
12)
13
14func GenerateKey(kidPrefix *string) (jwk.Key, error) {
15 privKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
16 if err != nil {
17 return nil, err
18 }
19
20 key, err := jwk.FromRaw(privKey)
21 if err != nil {
22 return nil, err
23 }
24
25 var kid string
26 if kidPrefix != nil {
27 kid = fmt.Sprintf("%s-%d", *kidPrefix, time.Now().Unix())
28
29 } else {
30 kid = fmt.Sprintf("%d", time.Now().Unix())
31 }
32
33 if err := key.Set(jwk.KeyIDKey, kid); err != nil {
34 return nil, err
35 }
36 return key, nil
37}
38
39func isSafeAndParsed(ustr string) (*url.URL, error) {
40 u, err := url.Parse(ustr)
41 if err != nil {
42 return nil, err
43 }
44
45 if u.Scheme != "https" {
46 return nil, fmt.Errorf("input url is not https")
47 }
48
49 if u.Hostname() == "" {
50 return nil, fmt.Errorf("url hostname was empty")
51 }
52
53 if u.User != nil {
54 return nil, fmt.Errorf("url user was not empty")
55 }
56
57 if u.Port() != "" {
58 return nil, fmt.Errorf("url port was not empty")
59 }
60
61 return u, nil
62}
63
64func getPrivateKey(key jwk.Key) (*ecdsa.PrivateKey, error) {
65 var pkey ecdsa.PrivateKey
66 if err := key.Raw(&pkey); err != nil {
67 return nil, err
68 }
69
70 return &pkey, nil
71}
72
73func getPublicKey(key jwk.Key) (*ecdsa.PublicKey, error) {
74 var pkey ecdsa.PublicKey
75 if err := key.Raw(&pkey); err != nil {
76 return nil, err
77 }
78
79 return &pkey, nil
80}
81
82type JwksResponseObject struct {
83 Keys []jwk.Key `json:"keys"`
84}
85
86func CreateJwksResponseObject(key jwk.Key) *JwksResponseObject {
87 return &JwksResponseObject{
88 Keys: []jwk.Key{key},
89 }
90}
91
92func ParseKeyFromBytes(b []byte) (jwk.Key, error) {
93 return jwk.ParseKey(b)
94}