Add a state parameter to oidc flow

Refs: #1619
2025-06-22 10:28:27 +00:00 · 2022-07-06 23:46:16 +02:00
parent 44243b3d6d
commit 2e5ad4960b
8 changed files with 194 additions and 25 deletions
--- a/modules/common/src/main/scala/docspell/common/util/SignUtil.scala
+++ b/modules/common/src/main/scala/docspell/common/util/SignUtil.scala
@ -0,0 +1,39 @@
+/*
+ * Copyright 2020 Eike K. & Contributors
+ *
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+package docspell.common.util
+
+import javax.crypto.Mac
+import javax.crypto.spec.SecretKeySpec
+
+import scodec.bits.ByteVector
+
+object SignUtil {
+  private val utf8 = java.nio.charset.StandardCharsets.UTF_8
+
+  private val macAlgo = "HmacSHA1"
+
+  private def getMac(key: ByteVector) = {
+    val mac = Mac.getInstance(macAlgo)
+    mac.init(new SecretKeySpec(key.toArray, macAlgo))
+    mac
+  }
+
+  def signString(data: String, key: ByteVector): ByteVector = {
+    val mac = getMac(key)
+    ByteVector.view(mac.doFinal(data.getBytes(utf8)))
+  }
+
+  def signBytes(data: ByteVector, key: ByteVector): ByteVector = {
+    val mac = getMac(key)
+    ByteVector.view(mac.doFinal(data.toArray))
+  }
+
+  def isEqual(sig1: ByteVector, sig2: ByteVector): Boolean =
+    sig1
+      .zipWith(sig2)((b1, b2) => (b1 - b2).toByte)
+      .foldLeft(true)(_ && _ == 0) && sig1.length == sig2.length
+}
--- a/modules/common/src/test/scala/docspell/common/util/SignUtilTest.scala
+++ b/modules/common/src/test/scala/docspell/common/util/SignUtilTest.scala
@ -0,0 +1,20 @@
+/*
+ * Copyright 2020 Eike K. & Contributors
+ *
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+package docspell.common.util
+
+import munit.FunSuite
+import scodec.bits.ByteVector
+
+class SignUtilTest extends FunSuite {
+
+  private val key = ByteVector.fromValidHex("caffee")
+
+  test("create and validate") {
+    val sig = SignUtil.signString("hello", key)
+    assert(SignUtil.isEqual(sig, SignUtil.signString("hello", key)))
+  }
+}