kaz/decode_shc.go

## decode_shc.go
package main

import (
	"bytes"
	"compress/flate"
	"encoding/json"
	"fmt"
	"io"
	"net/http"
	"os"
	"strconv"

	"github.com/go-jose/go-jose/v3"
)

// spec: https://spec.smarthealth.cards/

type (
	UnsafePaylaod struct {
		Issuer string `json:"iss"`
	}
)

func run() error {
	data := ""
	if _, err := fmt.Scanln(&data); err != nil {
		return fmt.Errorf("failed to read data: %w", err)
	}

	if data[0:5] != "shc:/" {
		return fmt.Errorf("invalid format")
	}

	rawToken := make([]byte, 0, (len(data)-5)/2)
	for i := 5; i < len(data); i += 2 {
		v, err := strconv.Atoi(data[i : i+2])
		if err != nil {
			return fmt.Errorf("failed to convert to int: %w", err)
		}
		rawToken = append(rawToken, byte(v)+45)
	}

	token, err := jose.ParseSigned(string(rawToken))
	if err != nil {
		return fmt.Errorf("failed to parse token: %w", err)
	}

	unsafePayloadReader := flate.NewReader(bytes.NewBuffer(token.UnsafePayloadWithoutVerification()))
	defer unsafePayloadReader.Close()

	var unsafePayload UnsafePaylaod
	if err := json.NewDecoder(unsafePayloadReader).Decode(&unsafePayload); err != nil {
		return fmt.Errorf("failed to decode payload: %w", err)
	}

	resp, err := http.Get(unsafePayload.Issuer + "/.well-known/jwks.json")
	if err != nil {
		return fmt.Errorf("failed to get jwks: %w", err)
	}
	defer resp.Body.Close()

	var jwks jose.JSONWebKeySet
	if err := json.NewDecoder(resp.Body).Decode(&jwks); err != nil {
		return fmt.Errorf("failed to decode jwks: %w", err)
	}

	rawPayload, err := token.Verify(jwks)
	if err != nil {
		return fmt.Errorf("failed to verify token: %w", err)
	}

	payloadReader := flate.NewReader(bytes.NewBuffer(rawPayload))
	defer payloadReader.Close()

	if _, err := io.Copy(os.Stdout, payloadReader); err != nil {
		return fmt.Errorf("failed to copy payload: %w", err)
	}
	return nil
}

func main() {
	if err := run(); err != nil {
		panic(err)
	}
}
	package main

	import (
	"bytes"
	"compress/flate"
	"encoding/json"
	"fmt"
	"io"
	"net/http"
	"os"
	"strconv"

	"github.com/go-jose/go-jose/v3"
	)

	// spec: https://spec.smarthealth.cards/

	type (
	UnsafePaylaod struct {
	Issuer string `json:"iss"`
	}
	)

	func run() error {
	data := ""
	if _, err := fmt.Scanln(&data); err != nil {
	return fmt.Errorf("failed to read data: %w", err)
	}

	if data[0:5] != "shc:/" {
	return fmt.Errorf("invalid format")
	}

	rawToken := make([]byte, 0, (len(data)-5)/2)
	for i := 5; i < len(data); i += 2 {
	v, err := strconv.Atoi(data[i : i+2])
	if err != nil {
	return fmt.Errorf("failed to convert to int: %w", err)
	}
	rawToken = append(rawToken, byte(v)+45)
	}

	token, err := jose.ParseSigned(string(rawToken))
	if err != nil {
	return fmt.Errorf("failed to parse token: %w", err)
	}

	unsafePayloadReader := flate.NewReader(bytes.NewBuffer(token.UnsafePayloadWithoutVerification()))
	defer unsafePayloadReader.Close()

	var unsafePayload UnsafePaylaod
	if err := json.NewDecoder(unsafePayloadReader).Decode(&unsafePayload); err != nil {
	return fmt.Errorf("failed to decode payload: %w", err)
	}

	resp, err := http.Get(unsafePayload.Issuer + "/.well-known/jwks.json")
	if err != nil {
	return fmt.Errorf("failed to get jwks: %w", err)
	}
	defer resp.Body.Close()

	var jwks jose.JSONWebKeySet
	if err := json.NewDecoder(resp.Body).Decode(&jwks); err != nil {
	return fmt.Errorf("failed to decode jwks: %w", err)
	}

	rawPayload, err := token.Verify(jwks)
	if err != nil {
	return fmt.Errorf("failed to verify token: %w", err)
	}

	payloadReader := flate.NewReader(bytes.NewBuffer(rawPayload))
	defer payloadReader.Close()

	if _, err := io.Copy(os.Stdout, payloadReader); err != nil {
	return fmt.Errorf("failed to copy payload: %w", err)
	}
	return nil
	}

	func main() {
	if err := run(); err != nil {
	panic(err)
	}
	}