| 12345678910111213141516171819202122232425262728 |
- package signature
- import (
- "fmt"
- "net/http"
- "github.com/go-fed/httpsig"
- "github.com/ncarlier/webhookd/pkg/truststore"
- )
- // HTTPSignatureHandler validate request HTTP signature
- func HTTPSignatureHandler(r *http.Request, ts truststore.TrustStore) error {
- verifier, err := httpsig.NewVerifier(r)
- if err != nil {
- return err
- }
- pubkeyID := verifier.KeyId()
- pubkey := ts.GetPublicKey(pubkeyID)
- if pubkey == nil {
- return fmt.Errorf("public key not found: %s", pubkeyID)
- }
- // TODO dynamic algo
- err = verifier.Verify(pubkey, httpsig.RSA_SHA256)
- if err != nil {
- return err
- }
- return nil
- }
|
