mirror of
https://github.com/pomerium/pomerium.git
synced 2025-04-30 19:06:33 +02:00
35 lines
898 B
Go
35 lines
898 B
Go
package webauthnutil
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/google/uuid"
|
|
|
|
"github.com/pomerium/pomerium/pkg/cryptutil"
|
|
)
|
|
|
|
// NewEnrollmentToken creates a new EnrollmentToken.
|
|
func NewEnrollmentToken(key []byte, ttl time.Duration, deviceEnrollmentID string) (string, error) {
|
|
id, err := uuid.Parse(deviceEnrollmentID)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
secureToken := cryptutil.GenerateSecureToken(key, time.Now().Add(ttl), cryptutil.Token(id))
|
|
return secureToken.String(), nil
|
|
}
|
|
|
|
// ParseAndVerifyEnrollmentToken parses and verifies an enrollment token
|
|
func ParseAndVerifyEnrollmentToken(key []byte, rawEnrollmentToken string) (string, error) {
|
|
secureToken, ok := cryptutil.SecureTokenFromString(rawEnrollmentToken)
|
|
if !ok {
|
|
return "", cryptutil.ErrInvalid
|
|
}
|
|
|
|
err := secureToken.Verify(key, time.Now())
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
return secureToken.Token().UUID().String(), nil
|
|
}
|