From a328e7ccc4f94e19cddfe5894636228663f5c7fa Mon Sep 17 00:00:00 2001 From: E99p1ant Date: Sun, 5 Jun 2022 13:34:21 +0800 Subject: access_token: encrypt access token with SHA256 (#7008) * access_token: encrypt access token with SHA256 * revert list access token * fix lint * generate schemadoc * add database migrations * fix tests * fix tests * add test case for access token golden * fix test in postgres * `Sha256` -> `SHA256` * Use GORM for migration * task generate-schemadoc * Use unique * change migration name * allow read * task generate-schemadoc * add changelog * fix lint error * update changelog * remove Debug * add comments Co-authored-by: Joe Chen --- internal/cryptoutil/sha.go | 25 +++++++++++++++++++++++ internal/cryptoutil/sha1.go | 17 ---------------- internal/cryptoutil/sha1_test.go | 27 ------------------------- internal/cryptoutil/sha_test.go | 43 ++++++++++++++++++++++++++++++++++++++++ 4 files changed, 68 insertions(+), 44 deletions(-) create mode 100644 internal/cryptoutil/sha.go delete mode 100644 internal/cryptoutil/sha1.go delete mode 100644 internal/cryptoutil/sha1_test.go create mode 100644 internal/cryptoutil/sha_test.go (limited to 'internal/cryptoutil') diff --git a/internal/cryptoutil/sha.go b/internal/cryptoutil/sha.go new file mode 100644 index 00000000..d829d526 --- /dev/null +++ b/internal/cryptoutil/sha.go @@ -0,0 +1,25 @@ +// Copyright 2020 The Gogs Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package cryptoutil + +import ( + "crypto/sha1" + "crypto/sha256" + "encoding/hex" +) + +// SHA1 encodes string to hexadecimal of SHA1 checksum. +func SHA1(str string) string { + h := sha1.New() + _, _ = h.Write([]byte(str)) + return hex.EncodeToString(h.Sum(nil)) +} + +// SHA256 encodes string to hexadecimal of SHA256 checksum. +func SHA256(str string) string { + h := sha256.New() + _, _ = h.Write([]byte(str)) + return hex.EncodeToString(h.Sum(nil)) +} diff --git a/internal/cryptoutil/sha1.go b/internal/cryptoutil/sha1.go deleted file mode 100644 index 38133960..00000000 --- a/internal/cryptoutil/sha1.go +++ /dev/null @@ -1,17 +0,0 @@ -// Copyright 2020 The Gogs Authors. All rights reserved. -// Use of this source code is governed by a MIT-style -// license that can be found in the LICENSE file. - -package cryptoutil - -import ( - "crypto/sha1" - "encoding/hex" -) - -// SHA1 encodes string to hexadecimal of SHA1 checksum. -func SHA1(str string) string { - h := sha1.New() - _, _ = h.Write([]byte(str)) - return hex.EncodeToString(h.Sum(nil)) -} diff --git a/internal/cryptoutil/sha1_test.go b/internal/cryptoutil/sha1_test.go deleted file mode 100644 index c9795c98..00000000 --- a/internal/cryptoutil/sha1_test.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020 The Gogs Authors. All rights reserved. -// Use of this source code is governed by a MIT-style -// license that can be found in the LICENSE file. - -package cryptoutil - -import ( - "testing" - - "github.com/stretchr/testify/assert" -) - -func TestSHA1(t *testing.T) { - tests := []struct { - input string - output string - }{ - {input: "", output: "da39a3ee5e6b4b0d3255bfef95601890afd80709"}, - {input: "The quick brown fox jumps over the lazy dog", output: "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12"}, - {input: "The quick brown fox jumps over the lazy dog.", output: "408d94384216f890ff7a0c3528e8bed1e0b01621"}, - } - for _, test := range tests { - t.Run(test.input, func(t *testing.T) { - assert.Equal(t, test.output, SHA1(test.input)) - }) - } -} diff --git a/internal/cryptoutil/sha_test.go b/internal/cryptoutil/sha_test.go new file mode 100644 index 00000000..a3cbf484 --- /dev/null +++ b/internal/cryptoutil/sha_test.go @@ -0,0 +1,43 @@ +// Copyright 2020 The Gogs Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package cryptoutil + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestSHA1(t *testing.T) { + tests := []struct { + input string + output string + }{ + {input: "", output: "da39a3ee5e6b4b0d3255bfef95601890afd80709"}, + {input: "The quick brown fox jumps over the lazy dog", output: "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12"}, + {input: "The quick brown fox jumps over the lazy dog.", output: "408d94384216f890ff7a0c3528e8bed1e0b01621"}, + } + for _, test := range tests { + t.Run(test.input, func(t *testing.T) { + assert.Equal(t, test.output, SHA1(test.input)) + }) + } +} + +func TestSHA256(t *testing.T) { + tests := []struct { + input string + output string + }{ + {input: "", output: "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"}, + {input: "The quick brown fox jumps over the lazy dog", output: "d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592"}, + {input: "The quick brown fox jumps over the lazy dog.", output: "ef537f25c895bfa782526529a9b63d97aa631564d5d789c2b765448c8635fb6c"}, + } + for _, test := range tests { + t.Run(test.input, func(t *testing.T) { + assert.Equal(t, test.output, SHA256(test.input)) + }) + } +} -- cgit v1.2.3