Documentation
¶
Index ¶
- Constants
- func CheckNonce(nonce []byte, hashed string) bool
- func GenerateCodeChallenge(method, codeVerifier string) (string, error)
- func GenerateRandomASCIIString(length int) (string, error)
- func HashNonce(nonce []byte) string
- func Nonce(length int) ([]byte, error)
- func SecretBytes(secret string) []byte
- func SignedValue(seed string, key string, value []byte, now time.Time) (string, error)
- func Validate(cookie *http.Cookie, seed string, expiration time.Duration) (value []byte, t time.Time, ok bool)
- type Cipher
Constants ¶
View Source
const ( CodeChallengeMethodPlain = "plain" CodeChallengeMethodS256 = "S256" )
Variables ¶
This section is empty.
Functions ¶
func CheckNonce ¶
CheckNonce tests if a nonce matches the hashed version of it
func GenerateCodeChallenge ¶
func HashNonce ¶
HashNonce returns the BLAKE2b 256-bit hash of a nonce NOTE: Error checking (G104) is purposefully skipped:
- `blake2b.New256` has no error path with a nil signing key
- `hash.Hash` interface's `Write` has an error signature, but `blake2b.digest.Write` does not use it. #nosec G104
func SecretBytes ¶
SecretBytes attempts to base64 decode the secret, if that fails it treats the secret as binary
func SignedValue ¶
SignedValue returns a cookie that is signed and can later be checked with Validate
Types ¶
type Cipher ¶
type Cipher interface {
Encrypt(value []byte) ([]byte, error)
Decrypt(ciphertext []byte) ([]byte, error)
}
Cipher provides methods to encrypt and decrypt
func NewBase64Cipher ¶
NewBase64Cipher returns a new AES Cipher for encrypting cookie values and wrapping them in Base64 -- Supports Legacy encryption scheme
func NewCFBCipher ¶
NewCFBCipher returns a new AES CFB Cipher
func NewGCMCipher ¶
NewGCMCipher returns a new AES GCM Cipher
Source Files
Click to show internal directories.
Click to hide internal directories.