zhou1203/license.go Secret

## license.go
package license

import (
	"crypto/x509"
	"encoding/json"
	"encoding/pem"
	"errors"
	"fmt"
	"github.com/golang-jwt/jwt/v4"
	"time"
)

var (
	ErrorInvalidSignature = errors.New("validation error: the license signature is invalid")
)

type User struct {
	Corporation string `json:"co,omitempty"`
	Name        string `json:"name,omitempty"`
	Id          string `json:"id,omitempty"`
}

type ResourceLimit struct {
	MaxCluster int `json:"maxCluster,omitempty"`
	MaxVCPU    int `json:"maxVCpu,omitempty"`
	MaxCPU     int `json:"maxCpu,omitempty"`
}

type License struct {
	ID               string          `json:"id"`
	Type             string          `json:"type"`
	Subject          User            `json:"subject,omitempty"`
	Issuer           User            `json:"issuer,omitempty"`
	ClusterId        string          `json:"clusterId,omitempty"`
	NotBefore        *time.Time      `json:"notBefore,omitempty"`
	NotAfter         *time.Time      `json:"notAfter,omitempty"`
	IssueAt          time.Time       `json:"issueAt,omitempty"`
	ComponentName    string          `json:"componentName"`
	ResourceLimit    *ResourceLimit  `json:"resourceLimit,omitempty"`
	ResourceType     string          `json:"resourceType,omitempty"`
	CustomParameters json.RawMessage `json:"customParameters,omitempty"`
}

func (l *License) Valid() error {
	return nil
}

func Verify(publicKey []byte, licenseStr string) (*License, error) {
	block, _ := pem.Decode(publicKey)
	if block == nil || block.Type != "RSA PUBLIC KEY" {
		return nil, errors.New("failed to decode PEM block containing public key")
	}
	pkcs1PublicKey, err := x509.ParsePKCS1PublicKey(block.Bytes)
	if err != nil {
		return nil, err
	}

	parser := jwt.NewParser(jwt.WithValidMethods([]string{jwt.SigningMethodRS256.Alg()}))

	license := &License{}
	_, err = parser.ParseWithClaims(licenseStr, license, func(token *jwt.Token) (interface{}, error) {
		alg := token.Header["alg"].(string)
		if alg == jwt.SigningMethodRS256.Alg() {
			return pkcs1PublicKey, nil
		}
		return nil, fmt.Errorf("unsupported token type %s", alg)
	})

	if err != nil {
		if vErr, isVErr := err.(*jwt.ValidationError); isVErr && vErr.Errors == jwt.ValidationErrorSignatureInvalid {
			return nil, ErrorInvalidSignature
		}
		return nil, err
	}

	return license, nil
}

## public_key.txt
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAyHFk2HO1YFJR9X/raGEwgpjObOe/FvyiX3KG2T8zgBH8tlT34fgn
roklUNAF0wU9Ida3SFypxM73QgmnYvb9CZuutlnyup6MynsceF+rH3UHQCLhmBUX
b8FdSiDGKmU28mKXg/3TTRLoSegKaIfmwQnBj9bdB3h/P9SUNXI61D3fuUooJ3Hc
aZ6RP4Mi4sQrrQ9mVstu9IMtILWPqc5F66QOi4eYmJJSVekXmNz6ujQA95v8uFmK
8/MxcGfPJ8hAYyE53Uqw7NvQPtzJ7ICAzTE4vEiRPkrYZ0kwO3RerRLBmMPydBAB
6v4m67iBtZ0J3korL8LrMpadJzw9EDoXfmdMtZ1trnp2ZwnNaFCdK99blUNtroz4
c4lx2w/fjsOlFE1ktLhnhgs/YWoaZ0Uixwl/CwrcwWh8tDr81Am6b6BLpau20/ON
R8zG/A8uJJBXdvjW+fISC1ZD9MGh8GVNvaBCesKLuZ5ygfnmdJN+8jXPgFHELSe5
Q5I/1s+x1ScVnSOzpug5EJm6LJwcxTj2NxoHUBndvjlbiHk6h5cheuspdFfK0X57
AiRf9gnP1Xjd8gOZZoeRQPwoMAHE5SQcZsrHMleN3X8B5l9SJhrdf98lKrM9lson
6DqJpXT/SISSFiQTv/B+Jre0dKILLpoBW9tqlt8UHVAb0ZdcG0564JkCAwEAAQ==
-----END RSA PUBLIC KEY-----
	package license

	import (
	"crypto/x509"
	"encoding/json"
	"encoding/pem"
	"errors"
	"fmt"
	"github.com/golang-jwt/jwt/v4"
	"time"
	)

	var (
	ErrorInvalidSignature = errors.New("validation error: the license signature is invalid")
	)

	type User struct {
	Corporation string `json:"co,omitempty"`
	Name string `json:"name,omitempty"`
	Id string `json:"id,omitempty"`
	}

	type ResourceLimit struct {
	MaxCluster int `json:"maxCluster,omitempty"`
	MaxVCPU int `json:"maxVCpu,omitempty"`
	MaxCPU int `json:"maxCpu,omitempty"`
	}

	type License struct {
	ID string `json:"id"`
	Type string `json:"type"`
	Subject User `json:"subject,omitempty"`
	Issuer User `json:"issuer,omitempty"`
	ClusterId string `json:"clusterId,omitempty"`
	NotBefore *time.Time `json:"notBefore,omitempty"`
	NotAfter *time.Time `json:"notAfter,omitempty"`
	IssueAt time.Time `json:"issueAt,omitempty"`
	ComponentName string `json:"componentName"`
	ResourceLimit *ResourceLimit `json:"resourceLimit,omitempty"`
	ResourceType string `json:"resourceType,omitempty"`
	CustomParameters json.RawMessage `json:"customParameters,omitempty"`
	}

	func (l *License) Valid() error {
	return nil
	}

	func Verify(publicKey []byte, licenseStr string) (*License, error) {
	block, _ := pem.Decode(publicKey)
	if block == nil \|\| block.Type != "RSA PUBLIC KEY" {
	return nil, errors.New("failed to decode PEM block containing public key")
	}
	pkcs1PublicKey, err := x509.ParsePKCS1PublicKey(block.Bytes)
	if err != nil {
	return nil, err
	}

	parser := jwt.NewParser(jwt.WithValidMethods([]string{jwt.SigningMethodRS256.Alg()}))

	license := &License{}
	_, err = parser.ParseWithClaims(licenseStr, license, func(token *jwt.Token) (interface{}, error) {
	alg := token.Header["alg"].(string)
	if alg == jwt.SigningMethodRS256.Alg() {
	return pkcs1PublicKey, nil
	}
	return nil, fmt.Errorf("unsupported token type %s", alg)
	})

	if err != nil {
	if vErr, isVErr := err.(*jwt.ValidationError); isVErr && vErr.Errors == jwt.ValidationErrorSignatureInvalid {
	return nil, ErrorInvalidSignature
	}
	return nil, err
	}

	return license, nil
	}
	-----BEGIN RSA PUBLIC KEY-----
	MIICCgKCAgEAyHFk2HO1YFJR9X/raGEwgpjObOe/FvyiX3KG2T8zgBH8tlT34fgn
	roklUNAF0wU9Ida3SFypxM73QgmnYvb9CZuutlnyup6MynsceF+rH3UHQCLhmBUX
	b8FdSiDGKmU28mKXg/3TTRLoSegKaIfmwQnBj9bdB3h/P9SUNXI61D3fuUooJ3Hc
	aZ6RP4Mi4sQrrQ9mVstu9IMtILWPqc5F66QOi4eYmJJSVekXmNz6ujQA95v8uFmK
	8/MxcGfPJ8hAYyE53Uqw7NvQPtzJ7ICAzTE4vEiRPkrYZ0kwO3RerRLBmMPydBAB
	6v4m67iBtZ0J3korL8LrMpadJzw9EDoXfmdMtZ1trnp2ZwnNaFCdK99blUNtroz4
	c4lx2w/fjsOlFE1ktLhnhgs/YWoaZ0Uixwl/CwrcwWh8tDr81Am6b6BLpau20/ON
	R8zG/A8uJJBXdvjW+fISC1ZD9MGh8GVNvaBCesKLuZ5ygfnmdJN+8jXPgFHELSe5
	Q5I/1s+x1ScVnSOzpug5EJm6LJwcxTj2NxoHUBndvjlbiHk6h5cheuspdFfK0X57
	AiRf9gnP1Xjd8gOZZoeRQPwoMAHE5SQcZsrHMleN3X8B5l9SJhrdf98lKrM9lson
	6DqJpXT/SISSFiQTv/B+Jre0dKILLpoBW9tqlt8UHVAb0ZdcG0564JkCAwEAAQ==
	-----END RSA PUBLIC KEY-----