3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-17 11:07:18 +02:00
Code Issues Projects Releases Packages Wiki Activity

all: refactor handler logic

Browse source 
- all: prefer `FormValues` to `ParseForm` with subsequent `Form.Get`s
- all: refactor authentication stack to be checked by middleware, and accessible via request context.
- all: replace http.ServeMux with gorilla/mux’s router
- all: replace custom CSRF checks with gorilla/csrf middleware
- authenticate: extract callback path as constant.
- internal/config: implement stringer interface for policy
- internal/cryptutil: add helper func `NewBase64Key`
- internal/cryptutil: rename `GenerateKey` to `NewKey`
- internal/cryptutil: rename `GenerateRandomString` to `NewRandomStringN`
- internal/middleware: removed alice in favor of gorilla/mux
- internal/sessions: remove unused `ValidateRedirectURI` and `ValidateClientSecret`
- internal/sessions: replace custom CSRF with gorilla/csrf fork that supports custom handler protection
- internal/urlutil: add `SignedRedirectURL` to create hmac'd URLs
- internal/urlutil: add `ValidateURL` helper to parse URL options
- internal/urlutil: add `GetAbsoluteURL` which takes a request and returns its absolute URL.
- proxy: remove holdover state verification checks; we no longer are setting sessions in any proxy routes so we don’t need them.
- proxy: replace un-named http.ServeMux with named domain routes.

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
This commit is contained in:
Bobby DeSimone 2019-09-12 13:54:30 -07:00
parent a793249386
commit dc12947241
No known key found for this signature in database
GPG key ID: AEE4CF12FE86D07E
37 changed files with 1132 additions and 1384 deletions
Download patch file Download diff file Expand all files Collapse all files

17
internal/cryptutil/encrypt.go
View file

@ -13,20 +13,27 @@ import (
"golang.org/x/crypto/chacha20poly1305"
)
// DefaultKeySize is the default key size in bytes.
const DefaultKeySize = 32
// GenerateKey generates a random 32-byte key.
// NewKey generates a random 32-byte key.
//
// Panics if source of randomness fails.
func GenerateKey() []byte {
func NewKey() []byte {
return randomBytes(DefaultKeySize)
}
// GenerateRandomString returns base64 encoded securely generated random string
// of a given set of bytes.
// NewBase64Key generates a random base64 encoded 32-byte key.
//
// Panics if source of randomness fails.
func GenerateRandomString(c int) string {
func NewBase64Key() string {
return NewRandomStringN(DefaultKeySize)
}
// NewRandomStringN returns base64 encoded random string of a given num of bytes.
//
// Panics if source of randomness fails.
func NewRandomStringN(c int) string {
return base64.StdEncoding.EncodeToString(randomBytes(c))
}