mirror of
https://github.com/willnorris/imageproxy.git
synced 2024-12-30 22:34:18 -05:00
refactor imageproxy-sign to make testing easier
This commit is contained in:
Will Norris
parent
24dac28957
commit
ca8fe71a0a
2 changed files with 87 additions and 14 deletions
|
|
@ -6,6 +6,7 @@ import (
|
||||||
"crypto/hmac"
|
"crypto/hmac"
|
||||||
"crypto/sha256"
|
"crypto/sha256"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
|
"errors"
|
||||||
"flag"
|
"flag"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
|
@ -17,38 +18,44 @@ import (
|
||||||
"willnorris.com/go/imageproxy"
|
"willnorris.com/go/imageproxy"
|
||||||
)
|
)
|
||||||
|
|
||||||
var key = flag.String("key", "@/etc/imageproxy.key", "signing key, or file containing key prefixed with '@'")
|
var signingKey = flag.String("key", "@/etc/imageproxy.key", "signing key, or file containing key prefixed with '@'")
|
||||||
var urlOnly = flag.Bool("url", false, "only sign the URL value, do not include options")
|
var urlOnly = flag.Bool("url", false, "only sign the URL value, do not include options")
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
u := flag.Arg(0)
|
||||||
|
|
||||||
if flag.NArg() < 1 {
|
sig, err := sign(*signingKey, u, *urlOnly)
|
||||||
fmt.Println("imageproxy-sign url [key]")
|
if err != nil {
|
||||||
|
fmt.Println(err)
|
||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
|
|
||||||
u := parseURL(flag.Arg(0))
|
fmt.Printf("url: %v\n", u)
|
||||||
|
fmt.Printf("signature: %v\n", base64.URLEncoding.EncodeToString(sig))
|
||||||
|
}
|
||||||
|
|
||||||
|
func sign(key string, s string, urlOnly bool) ([]byte, error) {
|
||||||
|
if s == "" {
|
||||||
|
return nil, errors.New("imageproxy-sign url [key]")
|
||||||
|
}
|
||||||
|
|
||||||
|
u := parseURL(s)
|
||||||
if u == nil {
|
if u == nil {
|
||||||
fmt.Printf("unable to parse URL: %v\n", flag.Arg(0))
|
return nil, fmt.Errorf("unable to parse URL: %v", s)
|
||||||
os.Exit(1)
|
|
||||||
}
|
}
|
||||||
if *urlOnly {
|
if urlOnly {
|
||||||
u.Fragment = ""
|
u.Fragment = ""
|
||||||
}
|
}
|
||||||
|
|
||||||
k, err := parseKey(*key)
|
k, err := parseKey(key)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Printf("error parsing key: %v", err)
|
return nil, fmt.Errorf("error parsing key: %v", err)
|
||||||
os.Exit(1)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
mac := hmac.New(sha256.New, []byte(k))
|
mac := hmac.New(sha256.New, []byte(k))
|
||||||
mac.Write([]byte(u.String()))
|
mac.Write([]byte(u.String()))
|
||||||
sig := mac.Sum(nil)
|
return mac.Sum(nil), nil
|
||||||
|
|
||||||
fmt.Printf("url: %v\n", u)
|
|
||||||
fmt.Printf("signature: %v\n", base64.URLEncoding.EncodeToString(sig))
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func parseKey(s string) ([]byte, error) {
|
func parseKey(s string) ([]byte, error) {
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,76 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"io/ioutil"
|
||||||
"net/url"
|
"net/url"
|
||||||
|
"os"
|
||||||
|
"reflect"
|
||||||
"testing"
|
"testing"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
var key = "secret"
|
||||||
|
|
||||||
|
func TestSign(t *testing.T) {
|
||||||
|
s := "http://example.com/image.jpg#0x0"
|
||||||
|
|
||||||
|
got, err := sign(key, s, false)
|
||||||
|
if err != nil {
|
||||||
|
t.Errorf("sign(%q, %q, false) returned error: %v", key, s, err)
|
||||||
|
}
|
||||||
|
want := []byte{0xc3, 0x4c, 0x45, 0xb5, 0x75, 0x84, 0x76, 0xdf, 0xd9, 0x6b, 0x12, 0xa4, 0x84, 0x8f, 0x37, 0xc6, 0x2d, 0x8b, 0x8d, 0x77, 0xda, 0x6, 0xf8, 0xb5, 0x10, 0xc9, 0x96, 0x3c, 0x6e, 0x13, 0xda, 0xf0}
|
||||||
|
if !reflect.DeepEqual(got, want) {
|
||||||
|
t.Errorf("sign(%q, %q, true) returned %v, want %v", key, s, got, want)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestSign_URLOnly(t *testing.T) {
|
||||||
|
s := "http://example.com/image.jpg#0x0"
|
||||||
|
|
||||||
|
got, err := sign(key, s, true)
|
||||||
|
if err != nil {
|
||||||
|
t.Errorf("sign(%q, %q, true) returned error: %v", key, s, err)
|
||||||
|
}
|
||||||
|
want := []byte{0x93, 0xea, 0x5d, 0x23, 0x68, 0xa0, 0xfc, 0x50, 0x8e, 0x91, 0x7, 0xbf, 0x3e, 0xb3, 0x1f, 0x49, 0xf7, 0x1d, 0x81, 0xf1, 0x74, 0xfe, 0x25, 0x36, 0xfc, 0x74, 0xf8, 0x81, 0x15, 0xf5, 0x58, 0x40}
|
||||||
|
if !reflect.DeepEqual(got, want) {
|
||||||
|
t.Errorf("sign(%q, %q, true) returned %v, want %v", key, s, got, want)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestParseKey(t *testing.T) {
|
||||||
|
k, err := parseKey(key)
|
||||||
|
got := string(k)
|
||||||
|
if err != nil {
|
||||||
|
t.Errorf("parseKey(%q) returned error: %v", key, err)
|
||||||
|
}
|
||||||
|
if want := key; got != want {
|
||||||
|
t.Errorf("parseKey(%q) returned %v, want %v", key, got, want)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestParseKey_FilePath(t *testing.T) {
|
||||||
|
f, err := ioutil.TempFile("", "key")
|
||||||
|
if err != nil {
|
||||||
|
t.Errorf("error creating temp file: %v", err)
|
||||||
|
}
|
||||||
|
defer func() {
|
||||||
|
f.Close()
|
||||||
|
os.Remove(f.Name())
|
||||||
|
}()
|
||||||
|
|
||||||
|
if _, err := f.WriteString(key); err != nil {
|
||||||
|
t.Errorf("error writing to temp file: %v", err)
|
||||||
|
}
|
||||||
|
path := "@" + f.Name()
|
||||||
|
k, err := parseKey(path)
|
||||||
|
got := string(k)
|
||||||
|
if err != nil {
|
||||||
|
t.Errorf("parseKey(%q) returned error: %v", path, err)
|
||||||
|
}
|
||||||
|
if want := key; got != want {
|
||||||
|
t.Errorf("parseKey(%q) returned %v, want %v", path, got, want)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func TestParseURL(t *testing.T) {
|
func TestParseURL(t *testing.T) {
|
||||||
tests := []struct {
|
tests := []struct {
|
||||||
input, output string
|
input, output string
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue