reorg imports
kevin
4 years ago
parent
18a80efd70
commit
8094ebd876
@ -1,11 +0,0 @@
|
||||
seconds,goodOk,goodFail,goodReject,goodErrs,goodUnknowns,goodDropRatio,heavyOk,heavyFail,heavyReject,heavyErrs,heavyUnknowns,heavyDropRatio
|
||||
1,172,0,0,0,0,0.0,159,0,0,0,0,0.0
|
||||
2,598,0,0,0,0,0.0,591,0,0,0,0,0.0
|
||||
3,583,0,0,0,0,0.0,631,0,0,0,0,0.0
|
||||
4,3,0,0,0,0,0.0,2,0,0,0,0,0.0
|
||||
5,17,0,0,17,0,0.0,17,0,0,16,0,0.0
|
||||
6,27,0,0,1,0,0.0,21,0,0,1,0,0.0
|
||||
7,81,0,0,4,0,0.0,93,0,0,3,0,0.0
|
||||
8,349,0,0,39,0,0.0,325,0,0,40,0,0.0
|
||||
9,337,0,0,35,0,0.0,335,0,0,34,0,0.0
|
||||
10,76,0,0,42,0,0.0,73,0,0,42,0,0.0
|
||||
|
@ -1,56 +0,0 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
|
||||
"github.com/tal-tech/go-zero/core/codec"
|
||||
)
|
||||
|
||||
const (
|
||||
pubKey = `-----BEGIN PUBLIC KEY-----
|
||||
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD7bq4FLG0ctccbEFEsUBuRxkjE
|
||||
eJ5U+0CAEjJk20V9/u2Fu76i1oKoShCs7GXtAFbDb5A/ImIXkPY62nAaxTGK4KVH
|
||||
miYbRgh5Fy6336KepLCtCmV/r0PKZeCyJH9uYLs7EuE1z9Hgm5UUjmpHDhJtkAwR
|
||||
my47YlhspwszKdRP+wIDAQAB
|
||||
-----END PUBLIC KEY-----`
|
||||
body = "hello"
|
||||
)
|
||||
|
||||
var key = []byte("q4t7w!z%C*F-JaNdRgUjXn2r5u8x/A?D")
|
||||
|
||||
func main() {
|
||||
encrypter, err := codec.NewRsaEncrypter([]byte(pubKey))
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
decrypter, err := codec.NewRsaDecrypter("private.pem")
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
output, err := encrypter.Encrypt([]byte(body))
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
actual, err := decrypter.Decrypt(output)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
fmt.Println(actual)
|
||||
|
||||
out, err := codec.EcbEncrypt(key, []byte(body))
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
ret, err := codec.EcbDecrypt(key, out)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
fmt.Println(string(ret))
|
||||
}
|
||||
@ -1,113 +0,0 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"crypto/hmac"
|
||||
"crypto/md5"
|
||||
"crypto/sha256"
|
||||
"encoding/base64"
|
||||
"flag"
|
||||
"fmt"
|
||||
"io"
|
||||
"log"
|
||||
"net/http"
|
||||
"os"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/tal-tech/go-zero/core/codec"
|
||||
)
|
||||
|
||||
const pubKey = `-----BEGIN PUBLIC KEY-----
|
||||
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD7bq4FLG0ctccbEFEsUBuRxkjE
|
||||
eJ5U+0CAEjJk20V9/u2Fu76i1oKoShCs7GXtAFbDb5A/ImIXkPY62nAaxTGK4KVH
|
||||
miYbRgh5Fy6336KepLCtCmV/r0PKZeCyJH9uYLs7EuE1z9Hgm5UUjmpHDhJtkAwR
|
||||
my47YlhspwszKdRP+wIDAQAB
|
||||
-----END PUBLIC KEY-----`
|
||||
|
||||
var (
|
||||
crypt = flag.Bool("crypt", false, "encrypt body or not")
|
||||
key = []byte("q4t7w!z%C*F-JaNdRgUjXn2r5u8x/A?D")
|
||||
)
|
||||
|
||||
func fingerprint(key string) string {
|
||||
h := md5.New()
|
||||
io.WriteString(h, key)
|
||||
return base64.StdEncoding.EncodeToString(h.Sum(nil))
|
||||
}
|
||||
|
||||
func hs256(key []byte, body string) string {
|
||||
h := hmac.New(sha256.New, key)
|
||||
io.WriteString(h, body)
|
||||
return base64.StdEncoding.EncodeToString(h.Sum(nil))
|
||||
}
|
||||
|
||||
func main() {
|
||||
flag.Parse()
|
||||
|
||||
var err error
|
||||
body := "hello world!"
|
||||
if *crypt {
|
||||
bodyBytes, err := codec.EcbEncrypt(key, []byte(body))
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
body = base64.StdEncoding.EncodeToString(bodyBytes)
|
||||
}
|
||||
|
||||
r, err := http.NewRequest(http.MethodPost, "http://localhost:3333/a/b?c=first&d=second", strings.NewReader(body))
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
timestamp := time.Now().Unix()
|
||||
sha := sha256.New()
|
||||
sha.Write([]byte(body))
|
||||
bodySign := fmt.Sprintf("%x", sha.Sum(nil))
|
||||
contentOfSign := strings.Join([]string{
|
||||
strconv.FormatInt(timestamp, 10),
|
||||
http.MethodPost,
|
||||
r.URL.Path,
|
||||
r.URL.RawQuery,
|
||||
bodySign,
|
||||
}, "\n")
|
||||
sign := hs256(key, contentOfSign)
|
||||
var mode string
|
||||
if *crypt {
|
||||
mode = "1"
|
||||
} else {
|
||||
mode = "0"
|
||||
}
|
||||
content := strings.Join([]string{
|
||||
"version=v1",
|
||||
"type=" + mode,
|
||||
fmt.Sprintf("key=%s", base64.StdEncoding.EncodeToString(key)),
|
||||
"time=" + strconv.FormatInt(timestamp, 10),
|
||||
}, "; ")
|
||||
|
||||
encrypter, err := codec.NewRsaEncrypter([]byte(pubKey))
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
output, err := encrypter.Encrypt([]byte(content))
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
encryptedContent := base64.StdEncoding.EncodeToString(output)
|
||||
r.Header.Set("X-Content-Security", strings.Join([]string{
|
||||
fmt.Sprintf("key=%s", fingerprint(pubKey)),
|
||||
"secret=" + encryptedContent,
|
||||
"signature=" + sign,
|
||||
}, "; "))
|
||||
client := &http.Client{}
|
||||
resp, err := client.Do(r)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
fmt.Println(resp.Status)
|
||||
io.Copy(os.Stdout, resp.Body)
|
||||
}
|
||||
@ -1,59 +0,0 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"flag"
|
||||
"io"
|
||||
"net/http"
|
||||
|
||||
"github.com/tal-tech/go-zero/core/logx"
|
||||
"github.com/tal-tech/go-zero/core/service"
|
||||
"github.com/tal-tech/go-zero/rest"
|
||||
"github.com/tal-tech/go-zero/rest/httpx"
|
||||
)
|
||||
|
||||
var keyPem = flag.String("prikey", "private.pem", "the private key file")
|
||||
|
||||
type Request struct {
|
||||
User string `form:"user,optional"`
|
||||
}
|
||||
|
||||
func handle(w http.ResponseWriter, r *http.Request) {
|
||||
var req Request
|
||||
err := httpx.Parse(r, &req)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
io.Copy(w, r.Body)
|
||||
}
|
||||
|
||||
func main() {
|
||||
flag.Parse()
|
||||
|
||||
engine := rest.MustNewServer(rest.RestConf{
|
||||
ServiceConf: service.ServiceConf{
|
||||
Log: logx.LogConf{
|
||||
Path: "logs",
|
||||
},
|
||||
},
|
||||
Port: 3333,
|
||||
Signature: rest.SignatureConf{
|
||||
Strict: true,
|
||||
PrivateKeys: []rest.PrivateKeyConf{
|
||||
{
|
||||
Fingerprint: "bvw8YlnSqb+PoMf3MBbLdQ==",
|
||||
KeyFile: *keyPem,
|
||||
},
|
||||
},
|
||||
},
|
||||
})
|
||||
defer engine.Stop()
|
||||
|
||||
engine.AddRoute(rest.Route{
|
||||
Method: http.MethodPost,
|
||||
Path: "/a/b",
|
||||
Handler: handle,
|
||||
})
|
||||
engine.Start()
|
||||
}
|
||||
@ -1,257 +0,0 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/tal-tech/go-zero/core/conf"
|
||||
"github.com/tal-tech/go-zero/rest"
|
||||
"github.com/tal-tech/go-zero/rest/httpx"
|
||||
|
||||
"github.com/dgrijalva/jwt-go"
|
||||
"github.com/dgrijalva/jwt-go/request"
|
||||
)
|
||||
|
||||
const jwtUserField = "user"
|
||||
|
||||
type (
|
||||
Config struct {
|
||||
rest.RestConf
|
||||
AccessSecret string
|
||||
AccessExpire int64 `json:",default=1209600"` // 2 weeks
|
||||
RefreshSecret string
|
||||
RefreshExpire int64 `json:",default=2419200"` // 4 weeks
|
||||
RefreshAfter int64 `json:",default=604800"` // 1 week
|
||||
}
|
||||
|
||||
TokenOptions struct {
|
||||
AccessSecret string
|
||||
AccessExpire int64
|
||||
RefreshSecret string
|
||||
RefreshExpire int64
|
||||
RefreshAfter int64
|
||||
Fields map[string]interface{}
|
||||
}
|
||||
|
||||
Tokens struct {
|
||||
// Access token to access the apis
|
||||
AccessToken string `json:"access_token"`
|
||||
// Access token expire time, generated like: time.Now().Add(time.Day*14).Unix()
|
||||
AccessExpire int64 `json:"access_expire"`
|
||||
// Refresh token, use this to refresh the token
|
||||
RefreshToken string `json:"refresh_token"`
|
||||
// Refresh token expire time, generated like: time.Now().Add(time.Month).Unix()
|
||||
RefreshExpire int64 `json:"refresh_expire"`
|
||||
// Recommended time to refresh the access token
|
||||
RefreshAfter int64 `json:"refresh_after"`
|
||||
}
|
||||
|
||||
UserCredentials struct {
|
||||
Username string `json:"username"`
|
||||
Password string `json:"password"`
|
||||
}
|
||||
|
||||
User struct {
|
||||
ID int `json:"id"`
|
||||
Name string `json:"name"`
|
||||
Username string `json:"username"`
|
||||
Password string `json:"password"`
|
||||
}
|
||||
|
||||
Response struct {
|
||||
Data string `json:"data"`
|
||||
}
|
||||
|
||||
Token struct {
|
||||
Token string `json:"token"`
|
||||
}
|
||||
|
||||
AuthRequest struct {
|
||||
User string `json:"u"`
|
||||
}
|
||||
)
|
||||
|
||||
func main() {
|
||||
var c Config
|
||||
conf.MustLoad("user.json", &c)
|
||||
|
||||
engine, err := rest.NewServer(c.RestConf)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
defer engine.Stop()
|
||||
|
||||
engine.AddRoute(rest.Route{
|
||||
Method: http.MethodPost,
|
||||
Path: "/login",
|
||||
Handler: LoginHandler(c),
|
||||
})
|
||||
engine.AddRoute(rest.Route{
|
||||
Method: http.MethodGet,
|
||||
Path: "/resource",
|
||||
Handler: ProtectedHandler,
|
||||
}, rest.WithJwt(c.AccessSecret))
|
||||
engine.AddRoute(rest.Route{
|
||||
Method: http.MethodPost,
|
||||
Path: "/refresh",
|
||||
Handler: RefreshHandler(c),
|
||||
}, rest.WithJwt(c.RefreshSecret))
|
||||
|
||||
fmt.Println("Now listening...")
|
||||
engine.Start()
|
||||
}
|
||||
|
||||
func RefreshHandler(c Config) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
var authReq AuthRequest
|
||||
|
||||
if err := httpx.Parse(r, &authReq); err != nil {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
fmt.Println(err)
|
||||
return
|
||||
}
|
||||
|
||||
token, err := request.ParseFromRequest(r, request.AuthorizationHeaderExtractor,
|
||||
func(token *jwt.Token) (interface{}, error) {
|
||||
return []byte(c.RefreshSecret), nil
|
||||
})
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
fmt.Println("Unauthorized access to this resource")
|
||||
return
|
||||
}
|
||||
|
||||
if !token.Valid {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
fmt.Println("Token is not valid")
|
||||
return
|
||||
}
|
||||
|
||||
claims, ok := token.Claims.(jwt.MapClaims)
|
||||
if !ok {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
fmt.Println("not a valid jwt.MapClaims")
|
||||
return
|
||||
}
|
||||
|
||||
user, ok := claims[jwtUserField]
|
||||
if !ok {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
fmt.Println("no user info in fresh token")
|
||||
return
|
||||
}
|
||||
|
||||
userStr, ok := user.(string)
|
||||
if !ok || authReq.User != userStr {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
fmt.Println("user info not match in query and fresh token")
|
||||
return
|
||||
}
|
||||
|
||||
respond(w, c, userStr)
|
||||
}
|
||||
}
|
||||
|
||||
func ProtectedHandler(w http.ResponseWriter, r *http.Request) {
|
||||
response := Response{"Gained access to protected resource"}
|
||||
JsonResponse(response, w)
|
||||
}
|
||||
|
||||
func LoginHandler(c Config) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
var user UserCredentials
|
||||
|
||||
if err := httpx.Parse(r, &user); err != nil {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
fmt.Fprint(w, "Error in request")
|
||||
return
|
||||
}
|
||||
|
||||
if strings.ToLower(user.Username) != "someone" {
|
||||
if user.Password != "p@ssword" {
|
||||
w.WriteHeader(http.StatusForbidden)
|
||||
fmt.Println("Error logging in")
|
||||
fmt.Fprint(w, "Invalid credentials")
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
respond(w, c, user.Username)
|
||||
}
|
||||
}
|
||||
|
||||
func JsonResponse(response interface{}, w http.ResponseWriter) {
|
||||
content, err := json.Marshal(response)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
w.WriteHeader(http.StatusOK)
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
w.Write(content)
|
||||
}
|
||||
|
||||
type ()
|
||||
|
||||
func buildTokens(opt TokenOptions) (Tokens, error) {
|
||||
var tokens Tokens
|
||||
|
||||
accessToken, err := genToken(opt.AccessSecret, opt.Fields, opt.AccessExpire)
|
||||
if err != nil {
|
||||
return tokens, err
|
||||
}
|
||||
|
||||
refreshToken, err := genToken(opt.RefreshSecret, opt.Fields, opt.RefreshExpire)
|
||||
if err != nil {
|
||||
return tokens, err
|
||||
}
|
||||
|
||||
now := time.Now().Unix()
|
||||
tokens.AccessToken = accessToken
|
||||
tokens.AccessExpire = now + opt.AccessExpire
|
||||
tokens.RefreshAfter = now + opt.RefreshAfter
|
||||
tokens.RefreshToken = refreshToken
|
||||
tokens.RefreshExpire = now + opt.RefreshExpire
|
||||
|
||||
return tokens, nil
|
||||
}
|
||||
|
||||
func genToken(secretKey string, payloads map[string]interface{}, seconds int64) (string, error) {
|
||||
now := time.Now().Unix()
|
||||
claims := make(jwt.MapClaims)
|
||||
claims["exp"] = now + seconds
|
||||
claims["iat"] = now
|
||||
for k, v := range payloads {
|
||||
claims[k] = v
|
||||
}
|
||||
|
||||
token := jwt.New(jwt.SigningMethodHS256)
|
||||
token.Claims = claims
|
||||
|
||||
return token.SignedString([]byte(secretKey))
|
||||
}
|
||||
|
||||
func respond(w http.ResponseWriter, c Config, user string) {
|
||||
tokens, err := buildTokens(TokenOptions{
|
||||
AccessSecret: c.AccessSecret,
|
||||
AccessExpire: c.AccessExpire,
|
||||
RefreshSecret: c.RefreshSecret,
|
||||
RefreshExpire: c.RefreshExpire,
|
||||
RefreshAfter: c.RefreshAfter,
|
||||
Fields: map[string]interface{}{
|
||||
jwtUserField: user,
|
||||
},
|
||||
})
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusServiceUnavailable)
|
||||
fmt.Println(err)
|
||||
return
|
||||
}
|
||||
|
||||
httpx.OkJson(w, tokens)
|
||||
}
|
||||
@ -1,10 +0,0 @@
|
||||
{
|
||||
"Name": "example.user",
|
||||
"Host": "localhost",
|
||||
"Port": 8080,
|
||||
"AccessSecret": "B63F477D-BBA3-4E52-96D3-C0034C27694A",
|
||||
"AccessExpire": 1800,
|
||||
"RefreshSecret": "14F17379-EB8F-411B-8F12-6929002DCA76",
|
||||
"RefreshExpire": 3600,
|
||||
"RefreshAfter": 600
|
||||
}
|
||||
@ -1,13 +0,0 @@
|
||||
second,maxFlight,flying,agressiveAvgFlying,lazyAvgFlying,bothAvgFlying
|
||||
1,1,1,0.10,0.00,0.09
|
||||
55,1,1,1.00,0.00,0.47
|
||||
189,1,1,1.00,0.00,0.47
|
||||
403,1,1,1.00,0.00,0.47
|
||||
697,1,1,1.00,0.00,0.47
|
||||
1072,1,1,1.17,0.15,0.62
|
||||
1527,1,1,1.20,0.18,0.61
|
||||
2063,1,1,1.43,0.49,1.02
|
||||
2678,1,1,1.37,0.34,0.73
|
||||
3373,1,2,1.51,0.56,1.14
|
||||
4148,1,2,1.61,0.64,1.13
|
||||
5002,1,2,1.86,0.87,1.39
|
||||
|
Loading…
Reference in New Issue