-
Notifications
You must be signed in to change notification settings - Fork 3
/
server.go
107 lines (91 loc) · 2.38 KB
/
server.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
package sqrl
import (
"code.google.com/p/rsc/qr"
"github.com/kalaspuffar/base64url"
"github.com/dustyburwell/ed25519"
"crypto/subtle"
// "time"
// "net"
"fmt"
"io"
"net/http"
)
type Server struct {
nonce *Nonce
}
func NewServer() *Server {
server := new(Server)
server.nonce = NewNonce()
return server
}
func (s *Server) AuthHandler() http.Handler {
handler := func(w http.ResponseWriter, r *http.Request) {
/*
Parse form data and handle error messages. Might not be the most visible to the end user.
*/
err := r.ParseForm()
if(err != nil) {
fmt.Println(err)
return
}
message := r.FormValue("message")
signature := r.FormValue("signature")
publicKey := r.FormValue("publicKey")
/*
Decode publicKey and signature to a byte array using base64url package
*/
pubBytes, pubErr := base64url.Decode(publicKey)
if pubErr != nil {
fmt.Println(pubErr)
}
signBytes, signErr := base64url.Decode(signature)
if signErr != nil {
fmt.Println(signErr)
}
/*
Change the byte array to an object with the correct sizes used by the ed25519 implementation
*/
var pk *[ed25519.PublicKeySize]byte
pk = new([ed25519.PublicKeySize]byte)
subtle.ConstantTimeCopy(1, pk[:32], pubBytes)
var sig *[ed25519.SignatureSize]byte
sig = new([ed25519.SignatureSize]byte)
subtle.ConstantTimeCopy(1, sig[:64], signBytes)
/*
Verify the signature and return verified or not depending on the result.
*/
w.Header().Add("Content-Type", "text/html")
if ed25519.Verify(pk, []byte(message), sig) {
io.WriteString(w, "{result:true}Verified")
} else {
io.WriteString(w, "{result:false}Not Verified")
}
}
return http.HandlerFunc(handler)
}
func (s *Server) QRHandler(path string) http.Handler {
handler := func(w http.ResponseWriter, r *http.Request) {
url := ""
if r.TLS == nil {
url += "qrl://"
} else {
url += "sqrl://"
}
url += r.Host
url += "/" + path + "?"
url += r.URL.RawQuery
url += "&nut="
url += s.nonce.Generate(r.RemoteAddr)
// w.Header().Add("Content-Type", "text/html")
// io.WriteString(w, fmt.Sprintf("%#v<br/><br/>", url))
// io.WriteString(w, fmt.Sprintf("%#v<br/><br/>", *r.URL))
// io.WriteString(w, fmt.Sprintf("%#v<br/><br/>", *r))
w.Header().Add("Content-Type", "image/png")
qrcode, err := qr.Encode(url, qr.M)
if err != nil {
return
}
w.Write(qrcode.PNG())
}
return http.HandlerFunc(handler)
}