-
Notifications
You must be signed in to change notification settings - Fork 15
/
credentials.go
142 lines (137 loc) · 2.69 KB
/
credentials.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
package digest
import (
"errors"
"fmt"
"strconv"
"strings"
"github.com/icholy/digest/internal/param"
)
// Credentials is a parsed version of the Authorization header
type Credentials struct {
Username string
Realm string
Nonce string
URI string
Response string
Algorithm string
Cnonce string
Opaque string
QOP string
Nc int
Userhash bool
}
// ParseCredentials parses the Authorization header value into credentials
func ParseCredentials(s string) (*Credentials, error) {
s, ok := strings.CutPrefix(s, Prefix)
if !ok {
return nil, errors.New("digest: invalid credentials prefix")
}
pp, err := param.Parse(s)
if err != nil {
return nil, fmt.Errorf("digest: invalid credentials: %w", err)
}
var c Credentials
for _, p := range pp {
switch p.Key {
case "username":
c.Username = p.Value
case "realm":
c.Realm = p.Value
case "nonce":
c.Nonce = p.Value
case "uri":
c.URI = p.Value
case "response":
c.Response = p.Value
case "algorithm":
c.Algorithm = p.Value
case "cnonce":
c.Cnonce = p.Value
case "opaque":
c.Opaque = p.Value
case "qop":
c.QOP = p.Value
case "nc":
nc, err := strconv.ParseInt(p.Value, 16, 32)
if err != nil {
return nil, fmt.Errorf("digest: invalid nc: %w", err)
}
c.Nc = int(nc)
case "userhash":
c.Userhash = strings.ToLower(p.Value) == "true"
}
}
return &c, nil
}
// String formats the credentials into the header format
func (c *Credentials) String() string {
var pp []param.Param
pp = append(pp,
param.Param{
Key: "username",
Value: c.Username,
Quote: true,
},
param.Param{
Key: "realm",
Value: c.Realm,
Quote: true,
},
param.Param{
Key: "nonce",
Value: c.Nonce,
Quote: true,
},
param.Param{
Key: "uri",
Value: c.URI,
Quote: true,
},
)
if c.Algorithm != "" {
pp = append(pp, param.Param{
Key: "algorithm",
Value: c.Algorithm,
})
}
if c.QOP != "" {
pp = append(pp, param.Param{
Key: "cnonce",
Value: c.Cnonce,
Quote: true,
})
}
if c.Opaque != "" {
pp = append(pp, param.Param{
Key: "opaque",
Value: c.Opaque,
Quote: true,
})
}
if c.QOP != "" {
pp = append(pp,
param.Param{
Key: "qop",
Value: c.QOP,
},
param.Param{
Key: "nc",
Value: fmt.Sprintf("%08x", c.Nc),
},
)
}
if c.Userhash {
pp = append(pp, param.Param{
Key: "userhash",
Value: "true",
})
}
// The RFC does not specify an order, but some implementations expect the response to be at the end.
// See: https://github.com/icholy/digest/issues/8
pp = append(pp, param.Param{
Key: "response",
Value: c.Response,
Quote: true,
})
return Prefix + param.Format(pp...)
}