implementation of signing & verifying logic

ossan-dev · ossan-dev · commit 72421f52bd76 · 2022-10-10T10:29:31.000+02:00
diff --git a/go-jws/sign_rsa/go.mod b/go-jws/sign_rsa/go.mod
@@ -0,0 +1,5 @@
+module signrsa
+
+go 1.19
+
+require github.com/golang-jwt/jwt v3.2.2+incompatible
diff --git a/go-jws/sign_rsa/go.sum b/go-jws/sign_rsa/go.sum
@@ -0,0 +1,2 @@
+github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
+github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
diff --git a/go-jws/sign_rsa/main.go b/go-jws/sign_rsa/main.go
@@ -0,0 +1,23 @@
+package main
+
+import (
+	"fmt"
+
+	"signrsa/sign"
+)
+
+func main() {
+	signedToken, err := sign.GenerateToken()
+	if err != nil {
+		panic(err)
+	}
+
+	claims, err := sign.ValidateToken(signedToken)
+	if err != nil {
+		panic(err)
+	}
+
+	for k, v := range claims {
+		fmt.Printf("key: %q - value: %q\n", k, v)
+	}
+}
diff --git a/go-jws/sign_rsa/sign/sign_rsa.go b/go-jws/sign_rsa/sign/sign_rsa.go
@@ -0,0 +1,85 @@
+package sign
+
+import (
+	"fmt"
+	"io"
+	"os"
+	"time"
+
+	"github.com/golang-jwt/jwt"
+)
+
+func GenerateToken() (string, error) {
+	privateKeyFile, err := os.Open("/home/ivan/Projects/go/golang-jwt/go-jws/sign_rsa/certs/id_rsa")
+	if err != nil {
+		panic(err)
+	}
+	defer privateKeyFile.Close()
+	privateKeyBytes, err := io.ReadAll(privateKeyFile)
+	if err != nil {
+		panic(err)
+	}
+
+	privateKey, err := jwt.ParseRSAPrivateKeyFromPEM(privateKeyBytes)
+	if err != nil {
+		panic(err)
+	}
+
+	token := jwt.New(jwt.SigningMethodRS256)
+
+	claims := token.Claims.(jwt.MapClaims)
+	claims["exp"] = time.Now().Add(10 * time.Minute).Unix()
+	claims["username"] = "test"
+	claims["password"] = "test"
+
+	tokenString, err := token.SignedString(privateKey)
+	if err != nil {
+		panic(err)
+	}
+
+	return tokenString, nil
+}
+
+type CustomClaims struct {
+	Username string `json:"username"`
+	Password string `json:"password"`
+	jwt.StandardClaims
+}
+
+func ValidateToken(tokenSigned string) (res map[string]interface{}, err error) {
+	publicKeyFile, err := os.Open("/home/ivan/Projects/go/golang-jwt/go-jws/sign_rsa/certs/id_rsa.pub")
+	if err != nil {
+		panic(err)
+	}
+	defer publicKeyFile.Close()
+
+	publicKeyBytes, err := io.ReadAll(publicKeyFile)
+	if err != nil {
+		panic(err)
+	}
+
+	publicKey, err := jwt.ParseRSAPublicKeyFromPEM(publicKeyBytes)
+	if err != nil {
+		panic(err)
+	}
+
+	token, err := jwt.ParseWithClaims(tokenSigned, &CustomClaims{}, func(token *jwt.Token) (interface{}, error) {
+		_, ok := token.Method.(*jwt.SigningMethodRSA)
+		if !ok {
+			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
+		}
+		return publicKey, nil
+	})
+	if err != nil {
+		panic(err)
+	}
+
+	if claims, ok := token.Claims.(*CustomClaims); ok && token.Valid {
+		res = make(map[string]interface{}, 2)
+		res["username"] = claims.Username
+		res["password"] = claims.Password
+		return
+	}
+
+	return nil, fmt.Errorf("token invalid: %v", tokenSigned)
+}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=`
	`2`	`+github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=`