Revert API to use map[string]string

README.md

@@ -10,7 +10,8 @@ This is almost a direct port of [capless/warrant](https://github.com/capless/war
 All crypto functions are tested against equivalent values produced by warrant
 
 * v2 - Removed dependency on `aws-sdk-go-v2`
-* v3 - Package and usage have been updated to improve compatibility with latest `aws-sdk-go-v2` API
+* v3 - Migrate to `map[string]*string` types for better compatability with `aws-sdk-go-v2`
+* v4 - Migrate back to `map[string]string` types as `aws-sdk-go-v2` reverted their API changes
 
 ## Usage
 
@@ -22,7 +23,7 @@ import (
 	"fmt"
 	"time"
 
-	cognitosrp "github.com/alexrudd/cognito-srp/v3"
+	cognitosrp "github.com/alexrudd/cognito-srp/v4"
 
 	"github.com/aws/aws-sdk-go-v2/aws"
 	"github.com/aws/aws-sdk-go-v2/config"

cognitosrp.go

@@ -96,14 +96,14 @@ func (csrp *CognitoSRP) GetUserPoolName() string {
 
 // GetAuthParams returns the AuthParms map of values required for make
 // InitiateAuth requests
-func (csrp *CognitoSRP) GetAuthParams() map[string]*string {
-	params := map[string]*string{
-		"USERNAME": stringPtr(csrp.username),
-		"SRP_A":    stringPtr(bigToHex(csrp.bigA)),
+func (csrp *CognitoSRP) GetAuthParams() map[string]string {
+	params := map[string]string{
+		"USERNAME": csrp.username,
+		"SRP_A":    bigToHex(csrp.bigA),
 	}
 
 	if secret, err := csrp.GetSecretHash(csrp.username); err == nil {
-		params["SECRET_HASH"] = stringPtr(secret)
+		params["SECRET_HASH"] = secret
 	}
 
 	return params
@@ -132,13 +132,13 @@ func (csrp *CognitoSRP) GetSecretHash(username string) (string, error) {
 // PasswordVerifierChallenge returns the ChallengeResponses map to be used
 // inside the cognitoidentityprovider.RespondToAuthChallengeInput object which
 // fulfils the PASSWORD_VERIFIER Cognito challenge
-func (csrp *CognitoSRP) PasswordVerifierChallenge(challengeParms map[string]*string, ts time.Time) (map[string]*string, error) {
+func (csrp *CognitoSRP) PasswordVerifierChallenge(challengeParms map[string]string, ts time.Time) (map[string]string, error) {
 	var (
-		internalUsername = stringVal(challengeParms["USERNAME"])
-		userId           = stringVal(challengeParms["USER_ID_FOR_SRP"])
-		saltHex          = stringVal(challengeParms["SALT"])
-		srpBHex          = stringVal(challengeParms["SRP_B"])
-		secretBlockB64   = stringVal(challengeParms["SECRET_BLOCK"])
+		internalUsername = challengeParms["USERNAME"]
+		userId           = challengeParms["USER_ID_FOR_SRP"]
+		saltHex          = challengeParms["SALT"]
+		srpBHex          = challengeParms["SRP_B"]
+		secretBlockB64   = challengeParms["SECRET_BLOCK"]
 
 		timestamp = ts.In(time.UTC).Format("Mon Jan 2 03:04:05 MST 2006")
 		hkdf      = csrp.getPasswordAuthenticationKey(userId, csrp.password, hexToBig(srpBHex), hexToBig(saltHex))
@@ -154,14 +154,14 @@ func (csrp *CognitoSRP) PasswordVerifierChallenge(challengeParms map[string]*str
 	hmacObj.Write([]byte(msg))
 	signature := base64.StdEncoding.EncodeToString(hmacObj.Sum(nil))
 
-	response := map[string]*string{
-		"TIMESTAMP":                   stringPtr(timestamp),
-		"USERNAME":                    stringPtr(internalUsername),
-		"PASSWORD_CLAIM_SECRET_BLOCK": stringPtr(secretBlockB64),
-		"PASSWORD_CLAIM_SIGNATURE":    stringPtr(signature),
+	response := map[string]string{
+		"TIMESTAMP":                   timestamp,
+		"USERNAME":                    internalUsername,
+		"PASSWORD_CLAIM_SECRET_BLOCK": secretBlockB64,
+		"PASSWORD_CLAIM_SIGNATURE":    signature,
 	}
 	if secret, err := csrp.GetSecretHash(csrp.username); err == nil {
-		response["SECRET_HASH"] = stringPtr(secret)
+		response["SECRET_HASH"] = secret
 	}
 
 	return response, nil
@@ -259,15 +259,3 @@ func computeHKDF(ikm, salt string) []byte {
 func calculateU(bigA, bigB *big.Int) *big.Int {
 	return hexToBig(hexHash(padHex(bigA.Text(16)) + padHex(bigB.Text(16))))
 }
-
-func stringPtr(s string) *string {
-	return &s
-}
-
-func stringVal(s *string) string {
-	if s == nil {
-		return ""
-	}
-
-	return *s
-}

cognitosrp_test.go

@@ -71,15 +71,15 @@ func Test_GetAuthParams(t *testing.T) {
 
 	params := csrp.GetAuthParams()
 
-	if *params["USERNAME"] != csrp.username {
-		t.Errorf("actual USERNAME: %s, did not match expected USERNAME: %s", *params["USERNAME"], csrp.username)
+	if params["USERNAME"] != csrp.username {
+		t.Errorf("actual USERNAME: %s, did not match expected USERNAME: %s", params["USERNAME"], csrp.username)
 	}
-	if *params["SRP_A"] != csrp.bigA.Text(16) {
-		t.Errorf("actual SRP_A: %s, did not match expected SRP_A: %s", *params["SRP_A"], csrp.bigA.Text(16))
+	if params["SRP_A"] != csrp.bigA.Text(16) {
+		t.Errorf("actual SRP_A: %s, did not match expected SRP_A: %s", params["SRP_A"], csrp.bigA.Text(16))
 	}
 	expectedHash := "LoIX/oPJWZzFYv8liJYRo+CHv16FNDY10JlZEDjL3Vg="
-	if *params["SECRET_HASH"] != expectedHash {
-		t.Errorf("actual SECRET_HASH: %s, did not match expected SECRET_HASH: %s", *params["SECRET_HASH"], expectedHash)
+	if params["SECRET_HASH"] != expectedHash {
+		t.Errorf("actual SECRET_HASH: %s, did not match expected SECRET_HASH: %s", params["SECRET_HASH"], expectedHash)
 	}
 }
 
@@ -109,22 +109,22 @@ func Test_PasswordVerifierChallenge(t *testing.T) {
 	csrp, _ := NewCognitoSRP("test", "test", "eu-west-1_myPool", "123abd", &cs)
 	csrp.a = big.NewInt(1234567890)
 	csrp.bigA = csrp.calculateA()
-	challengeParmas := map[string]*string{
-		"USER_ID_FOR_SRP": stringPtr("test"),
-		"SALT":            stringPtr(big.NewInt(1234567890).Text(16)),
-		"SRP_B":           stringPtr(big.NewInt(1234567890).Text(16)),
-		"SECRET_BLOCK":    stringPtr(base64.StdEncoding.EncodeToString([]byte("secretssecrestssecrets"))),
+	challengeParmas := map[string]string{
+		"USER_ID_FOR_SRP": "test",
+		"SALT":            big.NewInt(1234567890).Text(16),
+		"SRP_B":           big.NewInt(1234567890).Text(16),
+		"SECRET_BLOCK":    base64.StdEncoding.EncodeToString([]byte("secretssecrestssecrets")),
 	}
 
 	challResp, _ := csrp.PasswordVerifierChallenge(challengeParmas, time.Date(2018, 7, 10, 11, 1, 0, 0, time.UTC))
 
 	expected := "tdvQu/Li/qWl8Nni0aFPs+MwY4rvKZm0kSMrGIMSUHk="
-	if *challResp["PASSWORD_CLAIM_SIGNATURE"] != expected {
-		t.Errorf("actual PASSWORD_CLAIM_SIGNATURE: %s, did not match expected PASSWORD_CLAIM_SIGNATURE: %s", *challResp["PASSWORD_CLAIM_SIGNATURE"], expected)
+	if challResp["PASSWORD_CLAIM_SIGNATURE"] != expected {
+		t.Errorf("actual PASSWORD_CLAIM_SIGNATURE: %s, did not match expected PASSWORD_CLAIM_SIGNATURE: %s", challResp["PASSWORD_CLAIM_SIGNATURE"], expected)
 	}
 
 	// Bad challenge params
-	challengeParmas["SECRET_BLOCK"] = stringPtr("not base64 encoded")
+	challengeParmas["SECRET_BLOCK"] = "not base64 encoded"
 	_, err := csrp.PasswordVerifierChallenge(challengeParmas, time.Date(2018, 7, 10, 11, 46, 0, 0, time.UTC))
 	if err == nil {
 		t.Fatal("PasswordVerifierChallenge should error on bad 'SECRET_BLOCK'")

go.mod

@@ -1,3 +1,3 @@
-module github.com/alexrudd/cognito-srp/v3
+module github.com/alexrudd/cognito-srp/v4
 
 go 1.15