From 436de7f687f97cd3a52285190d084972889adaf9 Mon Sep 17 00:00:00 2001 From: Chapuis Bertil Date: Mon, 7 Sep 2015 15:11:03 +0200 Subject: [PATCH] https support --- README.md | 4 ++++ htpasswd.go | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 README.md create mode 100644 htpasswd.go diff --git a/README.md b/README.md new file mode 100644 index 0000000..15259f5 --- /dev/null +++ b/README.md @@ -0,0 +1,4 @@ +``` +openssl genrsa -out private_key 2048 +openssl req -new -x509 -key private_key -out public_key -days 365 +``` diff --git a/htpasswd.go b/htpasswd.go new file mode 100644 index 0000000..17956cf --- /dev/null +++ b/htpasswd.go @@ -0,0 +1,62 @@ +package main + +// Copied from github.com/bitly/oauth2_proxy + +import ( + "crypto/sha1" + "encoding/base64" + "encoding/csv" + "io" + "log" + "os" +) + +// lookup passwords in a htpasswd file +// The entries must have been created with -s for SHA encryption + +type HtpasswdFile struct { + Users map[string]string +} + +func NewHtpasswdFromFile(path string) (*HtpasswdFile, error) { + r, err := os.Open(path) + if err != nil { + return nil, err + } + defer r.Close() + return NewHtpasswd(r) +} + +func NewHtpasswd(file io.Reader) (*HtpasswdFile, error) { + csv_reader := csv.NewReader(file) + csv_reader.Comma = ':' + csv_reader.Comment = '#' + csv_reader.TrimLeadingSpace = true + + records, err := csv_reader.ReadAll() + if err != nil { + return nil, err + } + h := &HtpasswdFile{Users: make(map[string]string)} + for _, record := range records { + h.Users[record[0]] = record[1] + } + return h, nil +} + +func (h *HtpasswdFile) Validate(user string, password string) bool { + realPassword, exists := h.Users[user] + if !exists { + return false + } + if realPassword[:5] == "{SHA}" { + d := sha1.New() + d.Write([]byte(password)) + if realPassword[5:] == base64.StdEncoding.EncodeToString(d.Sum(nil)) { + return true + } + } else { + log.Printf("Invalid htpasswd entry for %s. Must be a SHA entry.", user) + } + return false +}