hailey.at / atproto-oauth-golang
this repo has no description
fork atom
atproto-oauth-golang / generic.go
at 588a0105d6db69469794acb28236d0fbc38d87cc 1.7 kB view raw
1package oauth 2 3import ( 4 "crypto/ecdsa" 5 "crypto/elliptic" 6 "crypto/rand" 7 "fmt" 8 "net/url" 9 "time" 10 11 "github.com/lestrrat-go/jwx/v2/jwk" 12) 13 14func GenerateKey(kidPrefix *string) (jwk.Key, error) { 15 privKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) 16 if err != nil { 17 return nil, err 18 } 19 20 key, err := jwk.FromRaw(privKey) 21 if err != nil { 22 return nil, err 23 } 24 25 var kid string 26 if kidPrefix != nil { 27 kid = fmt.Sprintf("%s-%d", *kidPrefix, time.Now().Unix()) 28 29 } else { 30 kid = fmt.Sprintf("%d", time.Now().Unix()) 31 } 32 33 if err := key.Set(jwk.KeyIDKey, kid); err != nil { 34 return nil, err 35 } 36 return key, nil 37} 38 39func isSafeAndParsed(ustr string) (*url.URL, error) { 40 u, err := url.Parse(ustr) 41 if err != nil { 42 return nil, err 43 } 44 45 if u.Scheme != "https" { 46 return nil, fmt.Errorf("input url is not https") 47 } 48 49 if u.Hostname() == "" { 50 return nil, fmt.Errorf("url hostname was empty") 51 } 52 53 if u.User != nil { 54 return nil, fmt.Errorf("url user was not empty") 55 } 56 57 if u.Port() != "" { 58 return nil, fmt.Errorf("url port was not empty") 59 } 60 61 return u, nil 62} 63 64func getPrivateKey(key jwk.Key) (*ecdsa.PrivateKey, error) { 65 var pkey ecdsa.PrivateKey 66 if err := key.Raw(&pkey); err != nil { 67 return nil, err 68 } 69 70 return &pkey, nil 71} 72 73func getPublicKey(key jwk.Key) (*ecdsa.PublicKey, error) { 74 var pkey ecdsa.PublicKey 75 if err := key.Raw(&pkey); err != nil { 76 return nil, err 77 } 78 79 return &pkey, nil 80} 81 82type JwksResponseObject struct { 83 Keys []jwk.Key `json:"keys"` 84} 85 86func CreateJwksResponseObject(key jwk.Key) *JwksResponseObject { 87 return &JwksResponseObject{ 88 Keys: []jwk.Key{key}, 89 } 90} 91 92func ParseKeyFromBytes(b []byte) (jwk.Key, error) { 93 return jwk.ParseKey(b) 94}