func (_ Test) EncryptXXTea() { str := "Hello World! 你好,中国!" key := "1234567890" encrypt_data := xxtea.Encrypt([]byte(str), []byte(key)) decrypt_data := string(xxtea.Decrypt(encrypt_data, []byte(key))) if str == decrypt_data { e.InfoLog.Println("success!") } else { e.InfoLog.Println("fail!") } }
// NewAuthtoken creates a token according to model.Authtoken provided func (au Authority) NewAuthtoken(a model.Authtoken) (string, error) { bytes := authtoken2bytes(authtoken{ authtoken: a, created: time.Now(), }) for i := range au.privateKeys { bytes = xxtea.Encrypt(bytes, au.privateKeys[len(au.privateKeys)-1-i]) } return hex.EncodeToString(bytes), nil }
func TestAuth(t *testing.T) { Convey("Given a authority", t, func() { c := New(50*time.Millisecond, []byte("key1"), []byte("key2"), []byte("key3")) Convey("When create new authtoken with info", func() { a := model.Authtoken{} a.Email = "*****@*****.**" a.Username = "******" token, _ := c.NewAuthtoken(a) Convey("The info should resemble a", func() { info, _ := c.Authenticate(token) So(info, ShouldResemble, a) }) Convey("After 50ms, token is expired", func() { time.Sleep(500 * time.Millisecond) _, err := c.Authenticate(token) So(err.(errors.Error).Is(errors.ErrUnauthorized), ShouldBeTrue) }) }) Convey("When given invalid hex, maybe hacked by someone", func() { _, err := c.Authenticate(`invalidhex`) Convey("The detailed error should be hex decode error", func() { So(err.(errors.Error).Is(errors.ErrServerInternal), ShouldBeTrue) }) }) Convey("When given invalid token, maybe hacked by someone", func() { bytes := []byte("invalid json") privateKeys := [][]byte{[]byte("key1"), []byte("key2"), []byte("key3")} for i := range privateKeys { bytes = xxtea.Encrypt(bytes, privateKeys[len(privateKeys)-1-i]) } token := hex.EncodeToString(bytes) _, err := c.Authenticate(token) Convey("The error should be token has been expired", func() { So(err.(errors.Error).Is(errors.ErrUnauthorized), ShouldBeTrue) }) }) }) }