38 lines
1.0 KiB
Go
38 lines
1.0 KiB
Go
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package state
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"crypto/subtle"
|
|
"encoding/hex"
|
|
"io"
|
|
|
|
"github.com/pkg/errors"
|
|
)
|
|
|
|
// Generate generates a new random state parameter of an appropriate size.
|
|
func Generate() (State, error) { return generate(rand.Reader) }
|
|
|
|
func generate(rand io.Reader) (State, error) {
|
|
var buf [16]byte
|
|
if _, err := io.ReadFull(rand, buf[:]); err != nil {
|
|
return "", errors.WithMessage(err, "could not generate random state")
|
|
}
|
|
return State(hex.EncodeToString(buf[:])), nil
|
|
}
|
|
|
|
// State implements some utilities for working with OAuth2 state parameters.
|
|
type State string
|
|
|
|
// String returns the string encoding of this state value.
|
|
func (s *State) String() string {
|
|
return string(*s)
|
|
}
|
|
|
|
// Validate the returned state (from a callback parameter). Returns true iff the state is valid.
|
|
func (s *State) Valid(returnedState string) bool {
|
|
return subtle.ConstantTimeCompare([]byte(returnedState), []byte(*s)) == 1
|
|
}
|