Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
c7f24e3b6d | ||
| f7948263c5 | |||
| fc42bc92ff | |||
| b8f693ef82 | |||
| 6ec06c2813 |
@@ -2,9 +2,8 @@ package service
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"strconv"
|
||||
|
||||
"git.apinb.com/bsm-sdk/core/crypto/encipher"
|
||||
"git.apinb.com/bsm-sdk/core/errcode"
|
||||
"git.apinb.com/bsm-sdk/core/utils"
|
||||
"google.golang.org/grpc/metadata"
|
||||
@@ -15,6 +14,7 @@ type Meta struct {
|
||||
IDENTITY string `json:"identity"`
|
||||
EXTEND map[string]string `json:"extend"`
|
||||
CLIENT string `json:"client"`
|
||||
ROLE string `json:"role"`
|
||||
}
|
||||
|
||||
// 解析Context中MetaData的数据
|
||||
@@ -30,31 +30,22 @@ func ParseMetaCtx(ctx context.Context, opts *ParseOptions) (*Meta, error) {
|
||||
return nil, errcode.ErrJWTAuthNotFound
|
||||
}
|
||||
|
||||
// 安全获取 metadata 中的值
|
||||
identityValues := md.Get("authorization_identity")
|
||||
clientValues := md.Get("client")
|
||||
|
||||
if len(identityValues) == 0 {
|
||||
var Authorizations []string = md.Get("authorization")
|
||||
if len(Authorizations) == 0 || Authorizations[0] == "" {
|
||||
return nil, errcode.ErrJWTAuthNotFound
|
||||
}
|
||||
if len(clientValues) == 0 {
|
||||
return nil, errcode.ErrJWTAuthNotFound
|
||||
|
||||
claims, err := encipher.ParseTokenAes(Authorizations[0])
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
meta := &Meta{
|
||||
IDENTITY: md["authorization_identity"][0],
|
||||
CLIENT: md["client"][0],
|
||||
}
|
||||
|
||||
if id, err := strconv.Atoi(md["authorization_id"][0]); err != nil {
|
||||
return nil, errcode.ErrJWTAuthKeyId
|
||||
} else {
|
||||
meta.ID = uint(id)
|
||||
}
|
||||
|
||||
data := make(map[string]string)
|
||||
if err := json.Unmarshal([]byte(md["authorization_extend"][0]), &data); err == nil {
|
||||
meta.EXTEND = data
|
||||
ID: claims.ID,
|
||||
IDENTITY: claims.Identity,
|
||||
CLIENT: claims.Client,
|
||||
EXTEND: claims.Extend,
|
||||
ROLE: claims.Role,
|
||||
}
|
||||
|
||||
if opts != nil {
|
||||
|
||||
65
third/wechat.go
Normal file
65
third/wechat.go
Normal file
@@ -0,0 +1,65 @@
|
||||
package third
|
||||
|
||||
import (
|
||||
"crypto/aes"
|
||||
"crypto/cipher"
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
)
|
||||
|
||||
func WeChat_Decrypt(sessionKey, encryptedData, iv string) (string, error) {
|
||||
aesKey, err := base64.StdEncoding.DecodeString(sessionKey)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
cipherText, err := base64.StdEncoding.DecodeString(encryptedData)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
ivBytes, err := base64.StdEncoding.DecodeString(iv)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
block, err := aes.NewCipher(aesKey)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
mode := cipher.NewCBCDecrypter(block, ivBytes)
|
||||
mode.CryptBlocks(cipherText, cipherText)
|
||||
cipherText, err = WeChat_Pkcs7Unpad(cipherText, block.BlockSize())
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
return string(cipherText), nil
|
||||
}
|
||||
|
||||
// pkcs7Unpad returns slice of the original data without padding
|
||||
func WeChat_Pkcs7Unpad(data []byte, blockSize int) ([]byte, error) {
|
||||
var (
|
||||
// ErrInvalidBlockSize block size不合法
|
||||
ErrInvalidBlockSize = errors.New("invalid block size")
|
||||
// ErrInvalidPKCS7Data PKCS7数据不合法
|
||||
ErrInvalidPKCS7Data = errors.New("invalid PKCS7 data")
|
||||
// ErrInvalidPKCS7Padding 输入padding失败
|
||||
ErrInvalidPKCS7Padding = errors.New("invalid padding on input")
|
||||
)
|
||||
|
||||
if blockSize <= 0 {
|
||||
return nil, ErrInvalidBlockSize
|
||||
}
|
||||
if len(data)%blockSize != 0 || len(data) == 0 {
|
||||
return nil, ErrInvalidPKCS7Data
|
||||
}
|
||||
c := data[len(data)-1]
|
||||
n := int(c)
|
||||
if n == 0 || n > len(data) {
|
||||
return nil, ErrInvalidPKCS7Padding
|
||||
}
|
||||
for i := 0; i < n; i++ {
|
||||
if data[len(data)-n+i] != c {
|
||||
return nil, ErrInvalidPKCS7Padding
|
||||
}
|
||||
}
|
||||
return data[:len(data)-n], nil
|
||||
}
|
||||
58
utils/net.go
58
utils/net.go
@@ -9,6 +9,7 @@ import (
|
||||
"net/http"
|
||||
"os"
|
||||
"strconv"
|
||||
"strings"
|
||||
)
|
||||
|
||||
func IsPublicIP(ipString string) bool {
|
||||
@@ -32,24 +33,55 @@ func IsPublicIP(ipString string) bool {
|
||||
}
|
||||
|
||||
// Get Location IP .
|
||||
func GetLocationIP() string {
|
||||
addrs, err := net.InterfaceAddrs()
|
||||
func GetLocationIP() (localIp string) {
|
||||
localIp = "127.0.0.1"
|
||||
// Get all network interfaces
|
||||
interfaces, err := net.Interfaces()
|
||||
if err != nil {
|
||||
return ""
|
||||
return
|
||||
}
|
||||
ip := ""
|
||||
for _, a := range addrs {
|
||||
if ipnet, ok := a.(*net.IPNet); ok && !ipnet.IP.IsLoopback() {
|
||||
if ipnet.IP.To4() != nil {
|
||||
ip = ipnet.IP.String()
|
||||
break
|
||||
|
||||
for _, iface := range interfaces {
|
||||
// Skip the loopback interface
|
||||
if iface.Flags&net.FlagLoopback != 0 {
|
||||
continue
|
||||
}
|
||||
|
||||
// Get addresses associated with the interface
|
||||
addrs, err := iface.Addrs()
|
||||
if err != nil {
|
||||
continue
|
||||
}
|
||||
|
||||
for _, addr := range addrs {
|
||||
// Check if the address is an IPNet
|
||||
ipnet, ok := addr.(*net.IPNet)
|
||||
if !ok || ipnet.IP.IsLoopback() {
|
||||
continue
|
||||
}
|
||||
|
||||
// Get the IP address
|
||||
ip := ipnet.IP.To4()
|
||||
if ip == nil {
|
||||
continue
|
||||
}
|
||||
|
||||
// Skip IP addresses in the 169.254.x.x range
|
||||
if strings.HasPrefix(ip.String(), "169.254") {
|
||||
continue
|
||||
}
|
||||
|
||||
// Skip IP addresses in the 169.254.x.x range
|
||||
if strings.HasPrefix(ip.String(), "26.26") {
|
||||
continue
|
||||
}
|
||||
|
||||
// Return the first valid IP address found
|
||||
return ip.String()
|
||||
}
|
||||
}
|
||||
if ip == "" {
|
||||
return ""
|
||||
}
|
||||
return ip
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
func LocalIPv4s() ([]string, error) {
|
||||
|
||||
Reference in New Issue
Block a user