blob: 74bf903747be06995fb41b04b0cd7785700bcdbe (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
package main
import (
"crypto/hmac"
"crypto/sha256"
"encoding/binary"
"net/http"
"time"
)
func makeSignedToken(request *http.Request) []byte {
buf := make([]byte, 0, 2*sha256.Size)
timeBuf := make([]byte, binary.MaxVarintLen64)
binary.PutVarint(timeBuf, time.Now().Unix()/604800)
remoteIP := getRemoteIP(request)
h := sha256.New()
h.Write(timeBuf)
h.Write(stringToBytes(remoteIP))
h.Write(stringToBytes(request.Header.Get("User-Agent")))
h.Write(stringToBytes(request.Header.Get("Accept-Encoding")))
h.Write(stringToBytes(request.Header.Get("Accept-Language")))
h.Write(privkeyHash)
buf = h.Sum(buf)
if len(buf) != sha256.Size {
panic("unexpected buffer length after hashing contents")
}
mac := hmac.New(sha256.New, privkey)
mac.Write(buf)
buf = mac.Sum(buf)
if len(buf) != 2*sha256.Size {
panic("unexpected buffer length after hmac")
}
return buf
}
|
