|
|
@ -119,7 +119,7 @@ func VerifySignature(r *http.Request, securityHeader *ContentSecurityHeader, tol
|
|
|
|
}, "\n")
|
|
|
|
}, "\n")
|
|
|
|
actualSignature := codec.HmacBase64(securityHeader.Key, signContent)
|
|
|
|
actualSignature := codec.HmacBase64(securityHeader.Key, signContent)
|
|
|
|
|
|
|
|
|
|
|
|
passed := securityHeader.Signature == actualSignature
|
|
|
|
/*passed := securityHeader.Signature == actualSignature
|
|
|
|
if !passed {
|
|
|
|
if !passed {
|
|
|
|
logx.Infof("signature different, expect: %s, actual: %s",
|
|
|
|
logx.Infof("signature different, expect: %s, actual: %s",
|
|
|
|
securityHeader.Signature, actualSignature)
|
|
|
|
securityHeader.Signature, actualSignature)
|
|
|
@ -127,7 +127,12 @@ func VerifySignature(r *http.Request, securityHeader *ContentSecurityHeader, tol
|
|
|
|
|
|
|
|
|
|
|
|
if passed {
|
|
|
|
if passed {
|
|
|
|
return httpx.CodeSignaturePass
|
|
|
|
return httpx.CodeSignaturePass
|
|
|
|
|
|
|
|
}*/
|
|
|
|
|
|
|
|
if securityHeader.Signature == actualSignature {
|
|
|
|
|
|
|
|
return httpx.CodeSignaturePass
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
logx.Infof("signature different, expect: %s, actual: %s",
|
|
|
|
|
|
|
|
securityHeader.Signature, actualSignature)
|
|
|
|
|
|
|
|
|
|
|
|
return httpx.CodeSignatureInvalidToken
|
|
|
|
return httpx.CodeSignatureInvalidToken
|
|
|
|
}
|
|
|
|
}
|
|
|
|