diff --git a/overFlow-private.key b/overFlow-private.key new file mode 100644 index 0000000..40d3195 --- /dev/null +++ b/overFlow-private.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKgIBAAKCAgEAsmcQLI5ZQQThoePzL4dTwuAxqGPIfNCqTirQxZesyXTOEX3o +QFLkd3s6dNHmFQIj1jVsFXDML5wRvv7YeI4a9wOrH+QR62KEzB6aT/yxSsVhNrLx +kQ35Xd9keGmfyMRNr72iiP8Hrm+7O0x2vlGUQp8+jMCzDVNlFvE5V9iqjSv4Q/AH +rURg5fH8JBIMZnhcz/kmNgWg2NByTFDiQXRjwBY5ts4Ylk8mZdAuumyiseXjE4l2 +JxdJJyRGqbx70wrC76MgTUvXEyw3MPSDGvN67PFYIJJwq5VpRNHeBMkNoPRWX6eE +9M1VNY+/rXuUGdg2ZxBzykAUjhjR9Iq/hawPZR78TaJ/w5wCVb7L6xIDqXb2Jqhl +FA4LHZmiDcR/m9Y2wI1DJkBeZpdxF1m19d5sxs3vNNKzNVquKEz1QBfKnLvPxBXK +pUT+zliCdzu1D/VU+veqDtKI8dmmGflc5lXeDUYfPc7Kt4XLEZDSTBQlMgtkgE94 +ZcCJu6zdM3DrjPTh9OP5sG+/B5/KRYqZb4YpPGQ0TkXCaJjBtBEOM1FTk9/uhU/9 +b6lFbgc/quCkmz8Vxe5sJ98tXMi/F5q5n8ba90AKaLUUwhTAxWV69NXweYtIMtKI +j7AuI7IuK64iIyW+CE6BAl0QOlMtgF2/EqKWltvmbYpb+YgWOYJwa8F8pj0CAwEA +AQKCAgEApv52U17ECWqqUkHwB1Njgo0droQIzVz9rcHCPtNleAYQRqtW1a9CEN2W +sHcyKgQgy4iiLceyOfabXe9rbh2G/CXA708rvuwvZmpXA/yDcHwmLW9/U8qC2+4a +O+STHvkxxwl5tUcUR6Jq3m0K0cfHQj2R7WsLr7OacslGZgZ4T0ETWXS7muLg2R2U +aadDWD/ekQalT/ggwhMMiodD4wUxwkKLr6Rnu3tHdBJVS0gZWvDXiBgqMxlG7o60 +XnoCZmAybOKDgBc3sci3uOmIN5gmPtkDJyossVBgg3z3l/8i9MECgPNsL0JtOn/e +amO9FBwhgIQT/wPQudpd3cxqzpNqrCsCI6twWxWnvkmjGQ/ia2eSHwPnt5gzu+du +FEt4ZNHJCYvPsd5Q18dr433M4aQxTB7ba7YCELy4Q3wBXXpwGDvf6+fo9GY0rJ41 +O7sCE2g2O9kGct12dD2saUZagXnHYJB3A9uSIMZ09o/mN2MZsIVx/umfbWWWcjug +iLqHWTAXeR27LTGjcPiNCVDM95+G71e76k+mLRyKYzQrmREeU6tXKUhXi2IDMAZm +tFKB2toLyoFrJLbTeVU8pv+PQK2iv5r7kQg14h2aaid3OyGubcvBGfORTuDR+rFF +2wn6kBUooP0J3xKhzCnaIB8qtQGpOKd+WJtKW/WgtvT2TOjdoAECggEBANub/8+v +mH/+OPPzA+9DgInynukt3knF+KVtZ9yEJYvrBP8eFYOIecPG000SRvfAoDJuqYc0 +yhfTWdDs1Yiw39SmP3ACgObBBRiEXXmWh1x9alytc0UTX1fh9mf5PocuxvWLtHCH +SZ89lzs6Znu8di3aUWwMF7oU+ZF1TgAC9YUpS+SqRG6rV2RJ+TiJWJdS3BaQzhLe +S7Ul4No7DByPnsTAJG82YARGi6EyBQA04kYB49dO+kAXNyQ6qNR89tchV9IAA6qz +kR2ExgoA9c6kZUsexkS2ir1iuwjYUmHxhadJFUTGVzbgOcAbSBmUNEINM0CPgddi +ttPaKMo80kUlKj0CggEBAM/3CkWa99j+T+oyoyLNiIWqfdktZaguDv+yxGV4rWx/ +rntRs6Dj0isTQYe3wgaeD7A6N618gS7etjI7q/wiw/0rknxyxLvQOTFLs/OWYcLs +smsnbHBvMnWcjKaH50DUrBAQDP39vOcBIkeEwP4AcUnJXJW6T8HI9nqBqMCJ1MHv +n16Fd6bnKM8AdiB6O8mLcPWVAN9aVy8CbL0G3EWV289+yDz9ftuxkOApfvIHfaHx +EbuvE2xTIaANXcF6h1CK0izejXQLu/J7tE0j+G5oIe3bblIQvQmxVEzTKgv+S9qC +6WqVBNFN0/Dll+HWrCYSP0XyRk5QzlN3lDSUCg+5LAECggEBALAkJoEZEVMPv/SC +pVRCKxX6ANV8Ub+QR0fAQb7QSyE3htFs+sp+K1QI5C/8CenrmVH6CoWEpNeJUI/P +ddHmNBFmqpkXmPX8OS8Z87NzNezMNwRQppTv3dgqSC3K7wkUTsZhoH9lM3rCtsrt +o4d5eLx8UDQ+WsWIz0eI89/0f6KnpdSpcKvnR/gLkRZ0qxbsgdSjnnXp0IVh9UB0 +fdlmpGygxFhjH44uWw4WhYZN5HNMTsfB89x2AmdPmVydQor4lmy8UDSZRDqN5R3e ++Ukd+JTRASvZ0dvnFacZgrJGOvIbHzEDeK5uGEPqXeEOSv/zgHk24Wi1J3kykObs +86Y8Ee0CggEAZNrywVTpU/Ppf7O1CADTb7eCNtvcTBaiMYFZ27gNquu1C5tQ2PsD +ht5czlvgneLzysxBCkKyR6+8floQC0Q09ke2T+I85LSTuAN1rvFEUgsGcA77eP+E +YiNc1rpb/UXmeBfApUDz5rfXDwYjrks6pcUgwIBNg7ZZSoos88skQjVafbWOlIPQ +d6tKnm+JJTIZww/TD365f1PWtkloc9q8ckGTDHkHl7Xig8O8C9Z0KCBIMFQ0wDkE +uqEg0d8BVp8sVJRN13SFXpB9nVePeMPJiJf9RZFWjCfSsTtLTeuyj7MjTgwc/QCY +g2BlKyI39HKu+tYHIJ3xoesBFgqhYoS0AQKCAQEA0E3oLbrGvq5U3SlDXmVzRNV6 +7vDhl9H7KJvNA4+C9XPDAyPNtzS1hYYlELSV4EW/G1GY9Mm0VSxLQrVMyhSCN/Ih +Tj7t4xfAevjYoI2XtXwjmjxKYznaL2t99g8NAzeK27Pa/z0J9tm9Uxm2akweGqsI +gJ6u7daFksV9JXQtbQ9nRmBQ1E7mYxjsTEDdPSEl+S4M4UjTE38OLpRZRv49vSNZ +wFjOnrpEETJY/eMhyyUgR2LNM2hrvd95QvykLpzVFguNQlsqCxWL8D81RSdSmDF9 +xdYsAuVTkhDWXwJ8hV95QxlurTu4rJgLBQA5gfxi20m8dWlO5KsMGyYqak3oWg== +-----END RSA PRIVATE KEY----- diff --git a/overFlow-public.pem b/overFlow-public.pem new file mode 100644 index 0000000..c4fae35 --- /dev/null +++ b/overFlow-public.pem @@ -0,0 +1,14 @@ +-----BEGIN PUBLIC KEY----- +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsmcQLI5ZQQThoePzL4dT +wuAxqGPIfNCqTirQxZesyXTOEX3oQFLkd3s6dNHmFQIj1jVsFXDML5wRvv7YeI4a +9wOrH+QR62KEzB6aT/yxSsVhNrLxkQ35Xd9keGmfyMRNr72iiP8Hrm+7O0x2vlGU +Qp8+jMCzDVNlFvE5V9iqjSv4Q/AHrURg5fH8JBIMZnhcz/kmNgWg2NByTFDiQXRj +wBY5ts4Ylk8mZdAuumyiseXjE4l2JxdJJyRGqbx70wrC76MgTUvXEyw3MPSDGvN6 +7PFYIJJwq5VpRNHeBMkNoPRWX6eE9M1VNY+/rXuUGdg2ZxBzykAUjhjR9Iq/hawP +ZR78TaJ/w5wCVb7L6xIDqXb2JqhlFA4LHZmiDcR/m9Y2wI1DJkBeZpdxF1m19d5s +xs3vNNKzNVquKEz1QBfKnLvPxBXKpUT+zliCdzu1D/VU+veqDtKI8dmmGflc5lXe +DUYfPc7Kt4XLEZDSTBQlMgtkgE94ZcCJu6zdM3DrjPTh9OP5sG+/B5/KRYqZb4Yp +PGQ0TkXCaJjBtBEOM1FTk9/uhU/9b6lFbgc/quCkmz8Vxe5sJ98tXMi/F5q5n8ba +90AKaLUUwhTAxWV69NXweYtIMtKIj7AuI7IuK64iIyW+CE6BAl0QOlMtgF2/EqKW +ltvmbYpb+YgWOYJwa8F8pj0CAwEAAQ== +-----END PUBLIC KEY----- diff --git a/servlet/webapp/gateway_rpc_handlers.go b/servlet/webapp/gateway_rpc_handlers.go index 31a5665..5004fba 100644 --- a/servlet/webapp/gateway_rpc_handlers.go +++ b/servlet/webapp/gateway_rpc_handlers.go @@ -1,16 +1,44 @@ package webapp import ( + "crypto/rsa" "fmt" + "io/ioutil" "git.loafle.net/commons_go/logging" cwf "git.loafle.net/commons_go/websocket_fasthttp" - "git.loafle.net/overflow/overflow_gateway_websocket/config" "git.loafle.net/overflow/overflow_gateway_websocket/rpc" jwt "github.com/dgrijalva/jwt-go" "github.com/valyala/fasthttp" ) +var ( + verifyKey *rsa.PublicKey + signKey *rsa.PrivateKey +) + +func init() { + signBytes, err := ioutil.ReadFile("overFlow-private.key") + if nil != err { + panic(err) + } + + signKey, err = jwt.ParseRSAPrivateKeyFromPEM(signBytes) + if nil != err { + panic(err) + } + + verifyBytes, err := ioutil.ReadFile("overFlow-public.pem") + if nil != err { + panic(err) + } + + verifyKey, err = jwt.ParseRSAPublicKeyFromPEM(verifyBytes) + if nil != err { + panic(err) + } +} + func newGatewayRPCHandler() rpc.GatewayRPCHandler { gh := &GatewayRPCHandlers{} @@ -27,16 +55,17 @@ func (sh *GatewayRPCHandlers) Init(serverCTX cwf.ServerContext) error { func (sh *GatewayRPCHandlers) Handshake(socketCTX cwf.SocketContext, ctx *fasthttp.RequestCtx) (id string, extensionsHeader *fasthttp.ResponseHeader) { var ok bool - // tokenString := string(soc.Conn().Headers().Cookie("AuthToken")) - tokenString := "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJvdmVyRmxvdyIsImlhdCI6MTUwNDU5NTExOSwiZXhwIjoxNTM2MTMxMTE5LCJhdWQiOiJ3d3cub3ZlcmZsb3cuY2xvdWQiLCJzdWIiOiJvdmVyZmxvd0Bsb2FmbGUuY29tIn0.-WQi3OykPlJ9x8RcZGhWXEtGw4GhU6wmyJ_AWh2rMeUatQylfPzvmum2Xfp6pwKLMmcP76XoDPNyq06i7RKWNQ" + // tokenString := string(ctx.Request.Header.Cookie("AuthToken")) + tokenString := string(ctx.QueryArgs().Peek("AuthToken")) + // tokenString := "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJ3d3cub3ZlcmZsb3cuY2xvdWQiLCJleHAiOjE1MjA4NTUwMDksImlhdCI6MTUyMDc2ODYwOSwiaXNzIjoib3ZlckZsb3ciLCJzdWIiOiJvdmVyZmxvd0Bsb2FmbGUuY29tIn0.YvpylMqHdL72p4Otm3y5L9-2zgvXvLFvt9MKK6-wF39_-EJLL-GgTiPVHx2--jr5ApuRIkJVRURVt7RtnGW65Te1to8u5Be6DnXenI5hRfGqfNLfoH0z_iNNbdjTDHLXa5TRE4Hf4oadYDgb7AotYi9-Mz0iNMyVNqPA4mzPO1ABvUPaHi89CwHYN2ZroaicQwaGxgWUX-KIjYXdxmWHi2shTJGpnHQd5RWeRN3H-AZVXkq05f4NSh6kpGIDu-e7lLHHSB4slWWQ0ML00c0C5fdnBJG4Xeisu195Y69ePZu_5lRpv2T3eH9mbEzUw_TEKZP-WGK_koDUGirYKFBaBJvJlaVOM3hUD3hYQ0DueNHqAwaDpr0dGuvSQwjr6tAqGnXscH6Gfj4x_hNMySVzMR-nWYeG7cDSNq9X5N-A93FKF_n-HCf11doDMsgM9rlpH04eVFCpZqNToLgsJVtEOUezuHSwOmnFTbLelquqUD02S_gGlowtE2CVBOccsfHZK9oTw1lInJYRjpxyevdWx1bvyMyZrf1Dk_PRsTtdboqd-RYp6zP1E4x3dky_VSe7AjUQI0t_SQpxL4ysmzs_hXhdiaQ9PwoHKkZW5Cz9z3oPuUi0iEatMx_9gvFUfVqaVRjNCW79ULGB900TixOxHy1UlNDFN9xip2Mmr7qZwrI" token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) { // Don't forget to validate the alg is what you expect: - if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { + if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok { return nil, fmt.Errorf("Webapp: Unexpected signing method: %v", token.Header["alg"]) } // hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key") - return []byte(config.Config.Auth.SigningKey), nil + return verifyKey, nil }) if nil != err {