util: refactor daypass to be a more generic secret key

This should allow us to reuse this code to also implement song downloading.
R-a-dio · Apr 2, 2024 · 86e21e3 · 86e21e3
1 parent 4e21269
commit 86e21e3
Show file tree

Hide file tree

Showing 4 changed files with 102 additions and 97 deletions.
diff --git a/util/daypass/daypass.go b/util/daypass/daypass.go
diff --git a/util/daypass/daypass_test.go b/util/daypass/daypass_test.go
diff --git a/util/secret/secret.go b/util/secret/secret.go
@@ -0,0 +1,59 @@
+package secret
+
+import (
+	"crypto/rand"
+	"crypto/sha256"
+	"encoding/base64"
+	"time"
+)
+
+const keySize = 256
+
+func NewSecretWithKey(length int, key []byte) Secret {
+	return secret{length, key}
+}
+
+func NewSecret(length int) (Secret, error) {
+	key := make([]byte, keySize)
+	_, err := rand.Read(key[:])
+	if err != nil {
+		return nil, err
+	}
+
+	return NewSecretWithKey(length, key), nil
+}
+
+const DaypassLength = 16
+
+type Secret interface {
+	Equal(secret string, salt []byte) bool
+	Get(salt []byte) (secret string)
+}
+
+type secret struct {
+	maxLen int
+	key    []byte
+}
+
+func (s secret) Get(salt []byte) (secret string) {
+	sc := append(date(), s.key...)
+	if salt != nil {
+		sc = append(sc, salt...)
+	}
+	b := sha256.Sum256(sc)
+	res := base64.RawURLEncoding.EncodeToString(b[:])
+	if len(res) > s.maxLen {
+		res = res[:s.maxLen]
+	}
+	return res
+}
+
+func (s secret) Equal(secret string, salt []byte) bool {
+	return secret == s.Get(salt)
+}
+
+var date = dateNow
+
+func dateNow() []byte {
+	return []byte(time.Now().Format(time.DateOnly))
+}
diff --git a/util/secret/secret_test.go b/util/secret/secret_test.go
@@ -0,0 +1,43 @@
+package secret_test
+
+import (
+	"crypto/sha256"
+	"strconv"
+	"testing"
+
+	"github.com/R-a-dio/valkyrie/util/daypass"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestSecretKeyGeneration(t *testing.T) {
+	s1, err := daypass.NewSecret(16)
+	require.NoError(t, err)
+	require.True(t, s1.Equal(s1.Get(nil), nil), "s1 should equal itself")
+
+	s2, err := daypass.NewSecret(16)
+	require.NoError(t, err)
+	require.True(t, s2.Equal(s2.Get(nil), nil), "s2 should equal itself")
+
+	// compare to each other. should never be true
+	assert.False(t, s1.Equal(s2.Get(nil), nil), "s2 should not equal s1")
+	assert.False(t, s2.Equal(s1.Get(nil), nil), "s1 should not equal s2")
+}
+
+func TestSecretSaltComparison(t *testing.T) {
+	for i := 1; i < sha256.Size*2; i++ {
+		t.Run(strconv.Itoa(i), func(t *testing.T) {
+			s, err := daypass.NewSecret(i)
+			require.NoError(t, err)
+
+			salt := []byte("testing world")
+			differentSalt := []byte("hello world")
+
+			assert.True(t, s.Equal(s.Get(salt), salt), "same salt should equal")
+			assert.False(t, s.Equal(s.Get(salt), nil), "salt and no salt should not equal")
+			assert.False(t, s.Equal(s.Get(nil), salt), "no salt and salt should not equal")
+			assert.False(t, s.Equal(s.Get(salt), differentSalt), "salt and differentSalt should not equal")
+			assert.False(t, s.Equal(s.Get(differentSalt), salt), "differentSalt and salt should not equal")
+		})
+	}
+}