Implement v1.local

common.go

@@ -0,0 +1,117 @@
+package paseto
+
+import (
+	"bytes"
+	"encoding/base64"
+	"encoding/binary"
+	"encoding/json"
+	"fmt"
+	"strings"
+)
+
+func pae(pieces ...[]byte) []byte {
+	var buf bytes.Buffer
+	binary.Write(&buf, binary.LittleEndian, int64(len(pieces)))
+
+	for _, p := range pieces {
+		binary.Write(&buf, binary.LittleEndian, int64(len(p)))
+		buf.Write(p)
+	}
+	return buf.Bytes()
+}
+
+func toBytes(x any) ([]byte, error) {
+	switch v := x.(type) {
+	case nil:
+		return nil, nil
+	case string:
+		return []byte(v), nil
+	case []byte:
+		return v, nil
+	default:
+		return json.Marshal(v)
+	}
+}
+
+func fromBytes(data []byte, x any) error {
+	switch f := x.(type) {
+	case *string:
+		*f = string(data)
+	case *[]byte:
+		*f = append(*f, data...)
+	default:
+		if err := json.Unmarshal(data, x); err != nil {
+			return fmt.Errorf("%v: %w", err, ErrDataUnmarshal)
+		}
+	}
+	return nil
+}
+
+func splitToken(token, header string) ([]byte, []byte, error) {
+	if !strings.HasPrefix(token, header) {
+		return nil, nil, ErrIncorrectTokenHeader
+	}
+
+	parts := bytes.Split([]byte(token[len(header):]), []byte("."))
+
+	var rawPayload, rawFooter []byte
+	switch len(parts) {
+	case 1:
+		rawPayload = parts[0]
+	case 2:
+		rawPayload = parts[0]
+		rawFooter = parts[1]
+	default:
+		return nil, nil, ErrIncorrectTokenFormat
+	}
+
+	payload := make([]byte, b64DecodedLen(len(rawPayload)))
+	if _, err := b64Decode(payload, rawPayload); err != nil {
+		return nil, nil, fmt.Errorf("decode payload: %w", err)
+	}
+
+	var footer []byte
+	if rawFooter != nil {
+		footer = make([]byte, b64DecodedLen(len(rawFooter)))
+		if _, err := b64Decode(footer, rawFooter); err != nil {
+			return nil, nil, fmt.Errorf("decode footer: %w", err)
+		}
+	}
+	return payload, footer, nil
+}
+
+func buildToken(header string, body, footer []byte) string {
+	size := len(header) + b64EncodedLen(len(body))
+	if len(footer) > 0 {
+		size += 1 + b64EncodedLen(len(footer))
+	}
+
+	token := make([]byte, size)
+	offset := 0
+	offset += copy(token[offset:], header)
+
+	b64Encode(token[offset:], body)
+	offset += b64EncodedLen(len(body))
+
+	if len(footer) > 0 {
+		offset += copy(token[offset:], ".")
+		b64Encode(token[offset:], footer)
+	}
+	return string(token)
+}
+
+func b64Decode(dst, src []byte) (n int, err error) {
+	return base64.RawURLEncoding.Decode(dst, src)
+}
+
+func b64DecodedLen(n int) int {
+	return base64.RawURLEncoding.DecodedLen(n)
+}
+
+func b64Encode(dst, src []byte) {
+	base64.RawURLEncoding.Encode(dst, src)
+}
+
+func b64EncodedLen(n int) int {
+	return base64.RawURLEncoding.EncodedLen(n)
+}

go.mod

@@ -1,3 +1,7 @@
 module paseto
 
 go 1.21
+
+require golang.org/x/crypto v0.22.0
+
+require golang.org/x/sys v0.19.0 // indirect

go.sum

@@ -0,0 +1,4 @@
+golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
+golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
+golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
+golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=

paseto_test.go

@@ -0,0 +1,86 @@
+package paseto
+
+import (
+	"encoding/hex"
+	"encoding/json"
+	"os"
+	"reflect"
+	"testing"
+)
+
+type GoldenCases struct {
+	Tests []GoldenCase `json:"tests"`
+}
+
+type GoldenCase struct {
+	Name              string `json:"name"`
+	ExpectFail        bool   `json:"expect-fail"`
+	Nonce             string `json:"nonce"`
+	Key               string `json:"key"`
+	PublicKey         string `json:"public-key"`
+	SecretKey         string `json:"secret-key"`
+	SecretKeySeed     string `json:"secret-key-seed"`
+	SecretKeyPem      string `json:"secret-key-pem"`
+	PublicKeyPem      string `json:"public-key-pem"`
+	Token             string `json:"token"`
+	Payload           string `json:"payload"`
+	Footer            string `json:"footer"`
+	ImplicitAssertion string `json:"implicit-assertion"`
+}
+
+func loadGoldenFile(filename string) GoldenCases {
+	f, err := os.Open(filename)
+	if err != nil {
+		panic(err)
+	}
+	defer f.Close()
+
+	var tc GoldenCases
+	if err := json.NewDecoder(f).Decode(&tc); err != nil {
+		panic(err)
+	}
+	return tc
+}
+
+func must[T any](v T, err error) T {
+	if err != nil {
+		panic(err)
+	}
+	return v
+}
+
+func mustHex(raw string) []byte {
+	return must(hex.DecodeString(raw))
+}
+
+func mustJSON(raw string) any {
+	if len(raw) == 0 || string(raw) == "" {
+		return nil
+	}
+	var dst any
+	if err := json.Unmarshal([]byte(raw), &dst); err != nil {
+		return string(raw)
+	}
+	return dst
+}
+
+func mustOk(tb testing.TB, err error) {
+	tb.Helper()
+	if err != nil {
+		tb.Fatal(err)
+	}
+}
+
+func mustFail(tb testing.TB, err error) {
+	tb.Helper()
+	if err == nil {
+		tb.Fatal()
+	}
+}
+
+func mustEqual[T any](tb testing.TB, have, want T) {
+	tb.Helper()
+	if !reflect.DeepEqual(have, want) {
+		tb.Fatalf("\nhave: %+v\nwant: %+v\n", have, want)
+	}
+}