Created
June 4, 2021 09:45
-
-
Save luoqeng/1b352cb37a7abbfc437dbaa6e436048c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import ( | |
"bytes" | |
"crypto/hmac" | |
"crypto/sha256" | |
"encoding/base64" | |
"io/ioutil" | |
"net/http" | |
"strings" | |
"time" | |
) | |
//SignRequest Setup the auth header for accessing Azure App Configuration service | |
func SignRequest(id string, secret string, req *http.Request) error { | |
method := req.Method | |
host := req.URL.Host | |
pathAndQuery := req.URL.Path | |
if req.URL.RawQuery != "" { | |
pathAndQuery = pathAndQuery + "?" + req.URL.RawQuery | |
} | |
content, err := ioutil.ReadAll(req.Body) | |
if err != nil { | |
return err | |
} | |
req.Body = ioutil.NopCloser(bytes.NewBuffer(content)) | |
key, err := base64.StdEncoding.DecodeString(secret) | |
if err != nil { | |
return err | |
} | |
timestamp := time.Now().UTC().Format(http.TimeFormat) | |
contentHash := getContentHashBase64(content) | |
stringToSign := fmt.Sprintf("%s\n%s\n%s;%s;%s", strings.ToUpper(method), pathAndQuery, timestamp, host, contentHash) | |
signature := getHmac(stringToSign, key) | |
req.Header.Set("x-ms-content-sha256", contentHash) | |
req.Header.Set("x-ms-date", timestamp) | |
req.Header.Set("Authorization", "HMAC-SHA256 Credential="+id+", SignedHeaders=x-ms-date;host;x-ms-content-sha256, Signature="+signature) | |
return nil | |
} | |
func getContentHashBase64(content []byte) string { | |
hasher := sha256.New() | |
hasher.Write(content) | |
return base64.StdEncoding.EncodeToString(hasher.Sum(nil)) | |
} | |
func getHmac(content string, key []byte) string { | |
hmac := hmac.New(sha256.New, key) | |
hmac.Write([]byte(content)) | |
return base64.StdEncoding.EncodeToString(hmac.Sum(nil)) | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment