3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-29 00:47:17 +02:00
Code Issues Projects Releases Packages Wiki Activity

proxy: add unit tests (#42)

Browse source 
- Fixed pomerium.io site description
- Updated kubernetes examples to use the latest docker images.
- Use cryputil hash function for proxy hmac.
- Add unit tests for proxy handlers.
This commit is contained in:
Bobby DeSimone 2019-02-08 22:39:48 -08:00 committed by GitHub
parent c886b924e7
commit cedf9922d3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 336 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

10
internal/middleware/middleware.go
View file

@ -2,7 +2,6 @@ package middleware // import "github.com/pomerium/pomerium/internal/middleware"
import (
"crypto/hmac"
"crypto/sha256"
"encoding/base64"
"fmt"
"net/http"
@ -11,6 +10,7 @@ import (
"strings"
"time"
"github.com/pomerium/pomerium/internal/cryptutil"
"github.com/pomerium/pomerium/internal/httputil"
)
@ -192,12 +192,12 @@ func ValidSignature(redirectURI, sigVal, timestamp, secret string) bool {
return false
}
localSig := redirectURLSignature(redirectURI, tm, secret)
return hmac.Equal(requestSig, localSig)
}
func redirectURLSignature(rawRedirect string, timestamp time.Time, secret string) []byte {
h := hmac.New(sha256.New, []byte(secret))
h.Write([]byte(rawRedirect))
h.Write([]byte(fmt.Sprint(timestamp.Unix())))
return h.Sum(nil)
data := []byte(fmt.Sprint(rawRedirect, timestamp.Unix()))
h := cryptutil.Hash(secret, data)
return h
}