summaryrefslogtreecommitdiffstats
path: root/vendor/github.com/nlopes/slack/security.go
diff options
context:
space:
mode:
authorWim <wim@42.be>2020-03-01 20:59:19 +0100
committerGitHub <noreply@github.com>2020-03-01 20:59:19 +0100
commit250b3bb5795240d5ebdab5416ab99dbc41be734b (patch)
tree11e44ec2e7e37cd7eb0deaf0a7843fe6bf3c0e40 /vendor/github.com/nlopes/slack/security.go
parente9edbfc051afc643d91fc04bc7fb3fe70039c213 (diff)
downloadmatterbridge-msglm-250b3bb5795240d5ebdab5416ab99dbc41be734b.tar.gz
matterbridge-msglm-250b3bb5795240d5ebdab5416ab99dbc41be734b.tar.bz2
matterbridge-msglm-250b3bb5795240d5ebdab5416ab99dbc41be734b.zip
Use upstream slack-go/slack again (#1018)
Diffstat (limited to 'vendor/github.com/nlopes/slack/security.go')
-rw-r--r--vendor/github.com/nlopes/slack/security.go100
1 files changed, 0 insertions, 100 deletions
diff --git a/vendor/github.com/nlopes/slack/security.go b/vendor/github.com/nlopes/slack/security.go
deleted file mode 100644
index dbe8fb2d..00000000
--- a/vendor/github.com/nlopes/slack/security.go
+++ /dev/null
@@ -1,100 +0,0 @@
-package slack
-
-import (
- "crypto/hmac"
- "crypto/sha256"
- "encoding/hex"
- "fmt"
- "hash"
- "net/http"
- "strconv"
- "strings"
- "time"
-)
-
-// Signature headers
-const (
- hSignature = "X-Slack-Signature"
- hTimestamp = "X-Slack-Request-Timestamp"
-)
-
-// SecretsVerifier contains the information needed to verify that the request comes from Slack
-type SecretsVerifier struct {
- signature []byte
- hmac hash.Hash
-}
-
-func unsafeSignatureVerifier(header http.Header, secret string) (_ SecretsVerifier, err error) {
- var (
- bsignature []byte
- )
-
- signature := header.Get(hSignature)
- stimestamp := header.Get(hTimestamp)
-
- if signature == "" || stimestamp == "" {
- return SecretsVerifier{}, ErrMissingHeaders
- }
-
- if bsignature, err = hex.DecodeString(strings.TrimPrefix(signature, "v0=")); err != nil {
- return SecretsVerifier{}, err
- }
-
- hash := hmac.New(sha256.New, []byte(secret))
- if _, err = hash.Write([]byte(fmt.Sprintf("v0:%s:", stimestamp))); err != nil {
- return SecretsVerifier{}, err
- }
-
- return SecretsVerifier{
- signature: bsignature,
- hmac: hash,
- }, nil
-}
-
-// NewSecretsVerifier returns a SecretsVerifier object in exchange for an http.Header object and signing secret
-func NewSecretsVerifier(header http.Header, secret string) (sv SecretsVerifier, err error) {
- var (
- timestamp int64
- )
-
- stimestamp := header.Get(hTimestamp)
-
- if sv, err = unsafeSignatureVerifier(header, secret); err != nil {
- return SecretsVerifier{}, err
- }
-
- if timestamp, err = strconv.ParseInt(stimestamp, 10, 64); err != nil {
- return SecretsVerifier{}, err
- }
-
- diff := absDuration(time.Since(time.Unix(timestamp, 0)))
- if diff > 5*time.Minute {
- return SecretsVerifier{}, ErrExpiredTimestamp
- }
-
- return sv, err
-}
-
-func (v *SecretsVerifier) Write(body []byte) (n int, err error) {
- return v.hmac.Write(body)
-}
-
-// Ensure compares the signature sent from Slack with the actual computed hash to judge validity
-func (v SecretsVerifier) Ensure() error {
- computed := v.hmac.Sum(nil)
- // use hmac.Equal prevent leaking timing information.
- if hmac.Equal(computed, v.signature) {
- return nil
- }
-
- return fmt.Errorf("Expected signing signature: %s, but computed: %s", hex.EncodeToString(v.signature), hex.EncodeToString(computed))
-}
-
-func abs64(n int64) int64 {
- y := n >> 63
- return (n ^ y) - y
-}
-
-func absDuration(n time.Duration) time.Duration {
- return time.Duration(abs64(int64(n)))
-}