Comments (3)
For anyone running into the same issue, I found this:
https://searchcode.com/codesearch/raw/340850947/
Pasting code in case the site goes down:
package main
import (
"bufio"
"bytes"
"crypto/x509"
"encoding/pem"
"flag"
"fmt"
"io"
"io/ioutil"
"log"
"net/http"
"net/http/httputil"
"net/url"
"strings"
"time"
"github.com/go-fed/httpsig"
configflag "github.com/ncarlier/webhookd/pkg/config/flag"
)
type config struct {
KeyID string `flag:"key-id" desc:"Signature key ID"`
KeyFile string `flag:"key-file" desc:"Public key file (PEM format)" default:"./key.pem"`
JSON string `flag:"json" desc:"JSON payload"`
}
func main() {
conf := &config{}
configflag.Bind(conf, "HTTP_SIG")
flag.Parse()
if conf.KeyID == "" {
log.Fatal("missing key ID")
}
args := flag.Args()
if len(args) <= 0 {
log.Fatal("missing target URL")
}
targetURL := args[0]
if _, err := url.Parse(targetURL); err != nil {
log.Fatal("invalid target URL")
}
keyBytes, err := ioutil.ReadFile(conf.KeyFile)
if err != nil {
log.Fatal(err.Error())
}
pemBlock, _ := pem.Decode(keyBytes)
if pemBlock == nil {
log.Fatal("invalid PEM format")
}
privateKey, err := x509.ParsePKCS1PrivateKey(pemBlock.Bytes)
if err != nil {
log.Fatal(err.Error())
}
var payload io.Reader
var jsonBytes []byte
if conf.JSON != "" {
var err error
jsonBytes, err = ioutil.ReadFile(conf.JSON)
if err != nil {
log.Fatal(err.Error())
}
payload = bytes.NewReader(jsonBytes)
}
prefs := []httpsig.Algorithm{httpsig.RSA_SHA256}
digestAlgorithm := httpsig.DigestSha256
headers := []string{httpsig.RequestTarget, "date"}
signer, _, err := httpsig.NewSigner(prefs, digestAlgorithm, headers, httpsig.Signature, 0)
if err != nil {
log.Fatal(err.Error())
}
req, err := http.NewRequest("POST", targetURL, payload)
if err != nil {
log.Fatal(err.Error())
}
if payload != nil {
req.Header.Add("content-type", "application/json")
}
req.Header.Add("date", time.Now().UTC().Format(http.TimeFormat))
if err = signer.SignRequest(privateKey, conf.KeyID, req, jsonBytes); err != nil {
log.Fatal(err.Error())
}
dump, err := httputil.DumpRequest(req, true)
if err != nil {
log.Fatal(err.Error())
}
scanner := bufio.NewScanner(strings.NewReader(string(dump)))
for scanner.Scan() {
fmt.Println(">", scanner.Text())
}
client := &http.Client{Timeout: 10 * time.Second}
res, err := client.Do(req)
if err != nil {
log.Fatal(err.Error())
}
dump, err = httputil.DumpResponse(res, true)
if err != nil {
log.Fatal(err.Error())
}
scanner = bufio.NewScanner(strings.NewReader(string(dump)))
for scanner.Scan() {
fmt.Println("<", scanner.Text())
}
}
from httpsig.
Hi @khanzf ,
I see you've already resolved the issue. However, the "I don't know how to use the library" type of issue is very concerning to me. Do you have a minute, where you can elaborate what was confusing you before you found the code snippet? That will allow me to address the underlying problem for future folks, hopefully.
from httpsig.
Hey @cjslep, first off I apologize to make you concerned and I appreciate work on this code. I am using it in my project.
Second, looking at the sample code on the README.md
did not help me until I could put the pieces together. For example, the example provided has this function header:
func sign(privateKey crypto.PrivateKey, pubKeyId string, r *http.Request) error {
.
It wasn't clear to me how to use this. For example, what should the privateKey
? I would need to see that populated. I now understand that the pubKeyId
is just a URL to the public key, but I did not realize that from looking at the code.
What helped me was seeing a start-to-finish example with a main function and a resulting web request. For my purposes, I modified an example I foun donline (similar to what I posted above), then modified it to be more general.
from httpsig.
Related Issues (14)
- Integrate with vgo HOT 1
- Authorization header should begin with `Signature` HOT 2
- (request-target) should use path instead of URL HOT 1
- Signature verification : Digest should be calculated upfront using the body HOT 5
- Voice implementer support for HTTP Signatures in IETF HTTP WG
- Bump version HOT 1
- Should Support Signing with SSHAgent HOT 1
- Support created and expires values
- Support ECDSA encryption
- Make showing algo configurable? HOT 7
- Tag new release HOT 1
- c++ counterpart
- Support for newer HTTPBIS message digest headers
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from httpsig.