diff options
| author | Duco van Amstel <duco.vanamstel@gmail.com> | 2018-10-07 22:17:46 +0100 |
|---|---|---|
| committer | Wim <wim@42.be> | 2018-10-07 23:17:46 +0200 |
| commit | 917040b044e349eadc886f9685ada30d164687eb (patch) | |
| tree | ea063d87a415f89060b376f29a844e4d1ed86363 /vendor/github.com/nlopes/slack/security.go | |
| parent | 69646a160d8597944c307334901f0acfd32582c5 (diff) | |
| download | matterbridge-msglm-917040b044e349eadc886f9685ada30d164687eb.tar.gz matterbridge-msglm-917040b044e349eadc886f9685ada30d164687eb.tar.bz2 matterbridge-msglm-917040b044e349eadc886f9685ada30d164687eb.zip | |
Update of nlopes/slack dependency (#511)
Diffstat (limited to 'vendor/github.com/nlopes/slack/security.go')
| -rw-r--r-- | vendor/github.com/nlopes/slack/security.go | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/vendor/github.com/nlopes/slack/security.go b/vendor/github.com/nlopes/slack/security.go new file mode 100644 index 00000000..50201d99 --- /dev/null +++ b/vendor/github.com/nlopes/slack/security.go @@ -0,0 +1,47 @@ +package slack
+
+import (
+ "crypto/hmac"
+ "crypto/sha256"
+ "encoding/hex"
+ "errors"
+ "fmt"
+ "hash"
+ "net/http"
+)
+
+// SecretsVerifier contains the information needed to verify that the request comes from Slack
+type SecretsVerifier struct {
+ slackSig string
+ timeStamp string
+ hmac hash.Hash
+}
+
+// NewSecretsVerifier returns a SecretsVerifier object in exchange for an http.Header object and signing secret
+func NewSecretsVerifier(header http.Header, signingSecret string) (SecretsVerifier, error) {
+ if header["X-Slack-Signature"][0] == "" || header["X-Slack-Request-Timestamp"][0] == "" {
+ return SecretsVerifier{}, errors.New("Headers are empty, cannot create SecretsVerifier")
+ }
+
+ hash := hmac.New(sha256.New, []byte(signingSecret))
+ hash.Write([]byte(fmt.Sprintf("v0:%s:", header["X-Slack-Request-Timestamp"][0])))
+ return SecretsVerifier{
+ slackSig: header["X-Slack-Signature"][0],
+ timeStamp: header["X-Slack-Request-Timestamp"][0],
+ hmac: hash,
+ }, nil
+}
+
+func (v *SecretsVerifier) Write(body []byte) (n int, err error) {
+ return v.hmac.Write(body)
+}
+
+// Ensure compares the signature sent from Slack with the actual computed hash to judge validity
+func (v SecretsVerifier) Ensure() error {
+ computed := "v0=" + string(hex.EncodeToString(v.hmac.Sum(nil)))
+ if computed == v.slackSig {
+ return nil
+ }
+
+ return fmt.Errorf("Expected signing signature: %s, but computed: %s", v.slackSig, computed)
+}
|