Comments (3)
khanzf
commented on August 15, 2024
For anyone running into the same issue, I found this:
https://searchcode.com/codesearch/raw/340850947/
Pasting code in case the site goes down:
package main
import (
"bufio"
"bytes"
"crypto/x509"
"encoding/pem"
"flag"
"fmt"
"io"
"io/ioutil"
"log"
"net/http"
"net/http/httputil"
"net/url"
"strings"
"time"
"github.com/go-fed/httpsig"
configflag "github.com/ncarlier/webhookd/pkg/config/flag"
)
type config struct {
KeyID string `flag:"key-id" desc:"Signature key ID"`
KeyFile string `flag:"key-file" desc:"Public key file (PEM format)" default:"./key.pem"`
JSON string `flag:"json" desc:"JSON payload"`
}
func main() {
conf := &config{}
configflag.Bind(conf, "HTTP_SIG")
flag.Parse()
if conf.KeyID == "" {
log.Fatal("missing key ID")
}
args := flag.Args()
if len(args) <= 0 {
log.Fatal("missing target URL")
}
targetURL := args[0]
if _, err := url.Parse(targetURL); err != nil {
log.Fatal("invalid target URL")
}
keyBytes, err := ioutil.ReadFile(conf.KeyFile)
if err != nil {
log.Fatal(err.Error())
}
pemBlock, _ := pem.Decode(keyBytes)
if pemBlock == nil {
log.Fatal("invalid PEM format")
}
privateKey, err := x509.ParsePKCS1PrivateKey(pemBlock.Bytes)
if err != nil {
log.Fatal(err.Error())
}
var payload io.Reader
var jsonBytes []byte
if conf.JSON != "" {
var err error
jsonBytes, err = ioutil.ReadFile(conf.JSON)
if err != nil {
log.Fatal(err.Error())
}
payload = bytes.NewReader(jsonBytes)
}
prefs := []httpsig.Algorithm{httpsig.RSA_SHA256}
digestAlgorithm := httpsig.DigestSha256
headers := []string{httpsig.RequestTarget, "date"}
signer, _, err := httpsig.NewSigner(prefs, digestAlgorithm, headers, httpsig.Signature, 0)
if err != nil {
log.Fatal(err.Error())
}
req, err := http.NewRequest("POST", targetURL, payload)
if err != nil {
log.Fatal(err.Error())
}
if payload != nil {
req.Header.Add("content-type", "application/json")
}
req.Header.Add("date", time.Now().UTC().Format(http.TimeFormat))
if err = signer.SignRequest(privateKey, conf.KeyID, req, jsonBytes); err != nil {
log.Fatal(err.Error())
}
dump, err := httputil.DumpRequest(req, true)
if err != nil {
log.Fatal(err.Error())
}
scanner := bufio.NewScanner(strings.NewReader(string(dump)))
for scanner.Scan() {
fmt.Println(">", scanner.Text())
}
client := &http.Client{Timeout: 10 * time.Second}
res, err := client.Do(req)
if err != nil {
log.Fatal(err.Error())
}
dump, err = httputil.DumpResponse(res, true)
if err != nil {
log.Fatal(err.Error())
}
scanner = bufio.NewScanner(strings.NewReader(string(dump)))
for scanner.Scan() {
fmt.Println("<", scanner.Text())
}
}from httpsig.
cjslep
commented on August 15, 2024
Hi @khanzf ,
I see you've already resolved the issue. However, the "I don't know how to use the library" type of issue is very concerning to me. Do you have a minute, where you can elaborate what was confusing you before you found the code snippet? That will allow me to address the underlying problem for future folks, hopefully.
from httpsig.
khanzf
commented on August 15, 2024
Hey @cjslep, first off I apologize to make you concerned and I appreciate work on this code. I am using it in my project.
Second, looking at the sample code on the README.md did not help me until I could put the pieces together. For example, the example provided has this function header:
func sign(privateKey crypto.PrivateKey, pubKeyId string, r *http.Request) error {.
It wasn't clear to me how to use this. For example, what should the privateKey? I would need to see that populated. I now understand that the pubKeyId is just a URL to the public key, but I did not realize that from looking at the code.
What helped me was seeing a start-to-finish example with a main function and a resulting web request. For my purposes, I modified an example I foun donline (similar to what I posted above), then modified it to be more general.
from httpsig.
Related Issues (14)
- Integrate with vgo HOT 1
- Authorization header should begin with `Signature` HOT 2
- (request-target) should use path instead of URL HOT 1
- Signature verification : Digest should be calculated upfront using the body HOT 5
- Voice implementer support for HTTP Signatures in IETF HTTP WG
- Bump version HOT 1
- Should Support Signing with SSHAgent HOT 1
- Support created and expires values
- Support ECDSA encryption
- Make showing algo configurable? HOT 7
- Tag new release HOT 1
- c++ counterpart
- Support for newer HTTPBIS message digest headers
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from httpsig.