TheAnachronism/docspell
1
0
Fork 0
mirror of https://github.com/TheAnachronism/docspell.git synced 2025-06-22 02:18:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add a state parameter to oidc flow

Browse Source 
Refs: #1619
This commit is contained in:
eikek
2022-07-06 23:46:16 +02:00
parent 44243b3d6d
commit 2e5ad4960b
8 changed files with 194 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
modules/backend/src/main/scala/docspell/backend/auth/TokenUtil.scala
View File

@ -6,11 +6,10 @@
package docspell.backend.auth
import javax.crypto.Mac
import javax.crypto.spec.SecretKeySpec
import cats.implicits._
import docspell.common.util.SignUtil
import scodec.bits._
private[auth] object TokenUtil {
@ -34,11 +33,8 @@ private[auth] object TokenUtil {
signRaw(raw, key)
}
private def signRaw(data: String, key: ByteVector): String = {
val mac = Mac.getInstance("HmacSHA1")
mac.init(new SecretKeySpec(key.toArray, "HmacSHA1"))
ByteVector.view(mac.doFinal(data.getBytes(utf8))).toBase64
}
private def signRaw(data: String, key: ByteVector): String =
SignUtil.signString(data, key).toBase64
def b64enc(s: String): String =
ByteVector.view(s.getBytes(utf8)).toBase64
@ -52,5 +48,4 @@ private[auth] object TokenUtil {
def constTimeEq(s1: String, s2: String): Boolean =
s1.zip(s2)
.foldLeft(true) { case (r, (c1, c2)) => r & c1 == c2 } & s1.length == s2.length
}