woodpecker/vendor/github.com/99designs/httpsignatures-go/signer.go

package httpsignatures

import (
	"net/http"
	"strings"
	"time"
)

// Signer is used to create a signature for a given request.
type Signer struct {
	algorithm *Algorithm
	headers   HeaderList
}

var (
	// DefaultSha1Signer will sign requests with the url and date using the SHA1 algorithm.
	// Users are encouraged to create their own signer with the headers they require.
	DefaultSha1Signer = NewSigner(AlgorithmHmacSha1, RequestTarget, "date")

	// DefaultSha256Signer will sign requests with the url and date using the SHA256 algorithm.
	// Users are encouraged to create their own signer with the headers they require.
	DefaultSha256Signer = NewSigner(AlgorithmHmacSha256, RequestTarget, "date")
)

func NewSigner(algorithm *Algorithm, headers ...string) *Signer {
	hl := HeaderList{}

	for _, header := range headers {
		hl = append(hl, strings.ToLower(header))
	}

	return &Signer{
		algorithm: algorithm,
		headers:   hl,
	}
}

// SignRequest adds a http signature to the Signature: HTTP Header
func (s Signer) SignRequest(id, key string, r *http.Request) error {
	sig, err := s.buildSignature(id, key, r)
	if err != nil {
		return err
	}

	r.Header.Add(headerSignature, sig.String())

	return nil
}

// AuthRequest adds a http signature to the Authorization: HTTP Header
func (s Signer) AuthRequest(id, key string, r *http.Request) error {
	sig, err := s.buildSignature(id, key, r)
	if err != nil {
		return err
	}

	r.Header.Add(headerAuthorization, authScheme+sig.String())

	return nil
}

func (s Signer) buildSignature(id, key string, r *http.Request) (*Signature, error) {
	if r.Header.Get("date") == "" {
		r.Header.Set("date", time.Now().Format(time.RFC1123))
	}

	sig := &Signature{
		KeyID:     id,
		Algorithm: s.algorithm,
		Headers:   s.headers,
	}

	err := sig.sign(key, r)
	if err != nil {
		return nil, err
	}

	return sig, nil
}
Add support for pipeline configuration service (#804) * Add configuration extension flags to server Add httpsignatures dependency Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * Add http fetching to config fetcher Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * Refetch config on rebuild Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * - Ensure multipipeline compatiblity - Send original config in http request Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * Basic tests of config api Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * Simple docs page Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * Better flag naming Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * Rename usages of the term yaml Rename ConfigAPI struct Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * Doc adjustments Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * More docs touchups Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * Fix env vars in docs Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * fix json tags for api calls Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * Add example config service Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * Consistent naming for configService Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * Docs: Change example repository location Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * Fix tests after response field rename Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * Revert accidential unrelated change in api hook Signed-off-by: Lukas Bachschwell <lukas@lbsfilm.at> * Update server flag descriptions Co-authored-by: Anbraten <anton@ju60.de> Co-authored-by: Anbraten <anton@ju60.de> 2022-02-28 09:56:23 +00:00			`package httpsignatures`

			`import (`
			`"net/http"`
			`"strings"`
			`"time"`
			`)`

			`// Signer is used to create a signature for a given request.`
			`type Signer struct {`
			`algorithm *Algorithm`
			`headers HeaderList`
			`}`

			`var (`
			`// DefaultSha1Signer will sign requests with the url and date using the SHA1 algorithm.`
			`// Users are encouraged to create their own signer with the headers they require.`
			`DefaultSha1Signer = NewSigner(AlgorithmHmacSha1, RequestTarget, "date")`

			`// DefaultSha256Signer will sign requests with the url and date using the SHA256 algorithm.`
			`// Users are encouraged to create their own signer with the headers they require.`
			`DefaultSha256Signer = NewSigner(AlgorithmHmacSha256, RequestTarget, "date")`
			`)`

			`func NewSigner(algorithm Algorithm, headers ...string) Signer {`
			`hl := HeaderList{}`

			`for _, header := range headers {`
			`hl = append(hl, strings.ToLower(header))`
			`}`

			`return &Signer{`
			`algorithm: algorithm,`
			`headers: hl,`
			`}`
			`}`

			`// SignRequest adds a http signature to the Signature: HTTP Header`
			`func (s Signer) SignRequest(id, key string, r *http.Request) error {`
			`sig, err := s.buildSignature(id, key, r)`
			`if err != nil {`
			`return err`
			`}`

			`r.Header.Add(headerSignature, sig.String())`

			`return nil`
			`}`

			`// AuthRequest adds a http signature to the Authorization: HTTP Header`
			`func (s Signer) AuthRequest(id, key string, r *http.Request) error {`
			`sig, err := s.buildSignature(id, key, r)`
			`if err != nil {`
			`return err`
			`}`

			`r.Header.Add(headerAuthorization, authScheme+sig.String())`

			`return nil`
			`}`

			`func (s Signer) buildSignature(id, key string, r http.Request) (Signature, error) {`
			`if r.Header.Get("date") == "" {`
			`r.Header.Set("date", time.Now().Format(time.RFC1123))`
			`}`

			`sig := &Signature{`
			`KeyID: id,`
			`Algorithm: s.algorithm,`
			`Headers: s.headers,`
			`}`

			`err := sig.sign(key, r)`
			`if err != nil {`
			`return nil, err`
			`}`

			`return sig, nil`
			`}`