Codebase list golang-github-nlopes-slack / upstream/0.6.0+dfsg security.go
upstream/0.6.0+dfsg

Tree @upstream/0.6.0+dfsg (Download .tar.gz)

security.go @upstream/0.6.0+dfsgraw · history · blame 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
package slack

import (
	"crypto/hmac"
	"crypto/sha256"
	"encoding/hex"
	"fmt"
	"hash"
	"net/http"
	"strconv"
	"strings"
	"time"
)

// Signature headers
const (
	hSignature = "X-Slack-Signature"
	hTimestamp = "X-Slack-Request-Timestamp"
)

// SecretsVerifier contains the information needed to verify that the request comes from Slack
type SecretsVerifier struct {
	signature []byte
	hmac      hash.Hash
}

func unsafeSignatureVerifier(header http.Header, secret string) (_ SecretsVerifier, err error) {
	var (
		bsignature []byte
	)

	signature := header.Get(hSignature)
	stimestamp := header.Get(hTimestamp)

	if signature == "" || stimestamp == "" {
		return SecretsVerifier{}, ErrMissingHeaders
	}

	if bsignature, err = hex.DecodeString(strings.TrimPrefix(signature, "v0=")); err != nil {
		return SecretsVerifier{}, err
	}

	hash := hmac.New(sha256.New, []byte(secret))
	if _, err = hash.Write([]byte(fmt.Sprintf("v0:%s:", stimestamp))); err != nil {
		return SecretsVerifier{}, err
	}

	return SecretsVerifier{
		signature: bsignature,
		hmac:      hash,
	}, nil
}

// NewSecretsVerifier returns a SecretsVerifier object in exchange for an http.Header object and signing secret
func NewSecretsVerifier(header http.Header, secret string) (sv SecretsVerifier, err error) {
	var (
		timestamp int64
	)

	stimestamp := header.Get(hTimestamp)

	if sv, err = unsafeSignatureVerifier(header, secret); err != nil {
		return SecretsVerifier{}, err
	}

	if timestamp, err = strconv.ParseInt(stimestamp, 10, 64); err != nil {
		return SecretsVerifier{}, err
	}

	diff := absDuration(time.Since(time.Unix(timestamp, 0)))
	if diff > 5*time.Minute {
		return SecretsVerifier{}, ErrExpiredTimestamp
	}

	return sv, err
}

func (v *SecretsVerifier) Write(body []byte) (n int, err error) {
	return v.hmac.Write(body)
}

// Ensure compares the signature sent from Slack with the actual computed hash to judge validity
func (v SecretsVerifier) Ensure() error {
	computed := v.hmac.Sum(nil)
	// use hmac.Equal prevent leaking timing information.
	if hmac.Equal(computed, v.signature) {
		return nil
	}

	return fmt.Errorf("Expected signing signature: %s, but computed: %s", hex.EncodeToString(v.signature), hex.EncodeToString(computed))
}

func abs64(n int64) int64 {
	y := n >> 63
	return (n ^ y) - y
}

func absDuration(n time.Duration) time.Duration {
	return time.Duration(abs64(int64(n)))
}