From 625707a7a418145dddba718ec3f0d10d5d5db181 Mon Sep 17 00:00:00 2001
From: zepatrik <zepatrik@users.noreply.github.com>
Date: Mon, 4 Nov 2024 16:22:44 +0100
Subject: [PATCH] revert: signature extraction in the HMAC strategy

---
 token/hmac/hmacsha.go      |  8 ++++----
 token/hmac/hmacsha_test.go | 14 ++++++++++++++
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/token/hmac/hmacsha.go b/token/hmac/hmacsha.go
index ce64c6f9..695cff28 100644
--- a/token/hmac/hmacsha.go
+++ b/token/hmac/hmacsha.go
@@ -157,12 +157,12 @@ func (c *HMACStrategy) validate(ctx context.Context, secret []byte, token string
 	return nil
 }
 
-func (c *HMACStrategy) Signature(token string) string {
-	_, sig, ok := strings.Cut(token, ".")
-	if !ok {
+func (*HMACStrategy) Signature(token string) string {
+	split := strings.Split(token, ".")
+	if len(split) != 2 {
 		return ""
 	}
-	return sig
+	return split[1]
 }
 
 func (c *HMACStrategy) generateHMAC(ctx context.Context, data []byte, key *[32]byte) []byte {
diff --git a/token/hmac/hmacsha_test.go b/token/hmac/hmacsha_test.go
index 546a1d3b..0295fec9 100644
--- a/token/hmac/hmacsha_test.go
+++ b/token/hmac/hmacsha_test.go
@@ -52,6 +52,20 @@ func TestGenerate(t *testing.T) {
 	}
 }
 
+func TestSignature(t *testing.T) {
+	cg := HMACStrategy{}
+
+	for token, expected := range map[string]string{
+		"":            "",
+		"foo":         "",
+		"foo.bar":     "bar",
+		"foo.bar.baz": "",
+		".":           "",
+	} {
+		assert.Equal(t, expected, cg.Signature(token))
+	}
+}
+
 func TestValidateSignatureRejects(t *testing.T) {
 	cg := HMACStrategy{
 		Config: &fosite.Config{GlobalSecret: []byte("1234567890123456789012345678901234567890")},