37 lines
894 B
Go
37 lines
894 B
Go
package auth
|
|
|
|
import (
|
|
"crypto/sha256"
|
|
"crypto/subtle"
|
|
"net/http"
|
|
)
|
|
|
|
type apiKeyMethod struct {
|
|
apiKeyDigest [32]byte
|
|
}
|
|
|
|
func newAPIKeyMethod(apiKey string) *apiKeyMethod {
|
|
return &apiKeyMethod{
|
|
apiKeyDigest: sha256.Sum256([]byte(apiKey)),
|
|
}
|
|
}
|
|
|
|
// equal returns true if another auth checker is equal.
|
|
// This is used to deduplicate checkers for a particular route.
|
|
func (a *apiKeyMethod) equal(other authorizationChecker) bool {
|
|
otherTokenMethod, ok := other.(*apiKeyMethod)
|
|
if !ok {
|
|
return false
|
|
}
|
|
return a.apiKeyDigest == otherTokenMethod.apiKeyDigest
|
|
}
|
|
|
|
func (a *apiKeyMethod) isAuthorized(_ http.Header, request *http.Request) bool {
|
|
xAPIKey := request.Header.Get("X-API-Key")
|
|
if xAPIKey == "" {
|
|
xAPIKey = request.URL.Query().Get("api_key")
|
|
}
|
|
xAPIKeyDigest := sha256.Sum256([]byte(xAPIKey))
|
|
return subtle.ConstantTimeCompare(xAPIKeyDigest[:], a.apiKeyDigest[:]) == 1
|
|
}
|