You've already forked img-proxy-url-generator
code cleanup
This commit is contained in:
@@ -1,17 +1,8 @@
|
||||
package generator
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto/aes"
|
||||
"crypto/cipher"
|
||||
"crypto/hmac"
|
||||
"crypto/rand"
|
||||
"crypto/sha256"
|
||||
"encoding/base64"
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
"github.com/siteworxpro/img-proxy-url-generator/printer"
|
||||
"io"
|
||||
"strings"
|
||||
)
|
||||
|
||||
@@ -48,51 +39,15 @@ func NewGenerator(config Config) (*Generator, error) {
|
||||
|
||||
if gen.config.EncryptionKey != nil && *gen.config.EncryptionKey != "" {
|
||||
if gen.config.encryptionKeyBin, err = hex.DecodeString(*gen.config.EncryptionKey); err != nil {
|
||||
return nil, fmt.Errorf("Key expected to be hex-encoded string")
|
||||
return nil, fmt.Errorf("key expected to be hex-encoded string")
|
||||
}
|
||||
}
|
||||
|
||||
return gen, nil
|
||||
}
|
||||
|
||||
func (g *Generator) generatePlainUrl(file []byte) {
|
||||
|
||||
}
|
||||
|
||||
func (g *Generator) generateBase64Url(file []byte) string {
|
||||
return base64.RawURLEncoding.EncodeToString(file)
|
||||
}
|
||||
|
||||
func pkcs7pad(data []byte, blockSize int) []byte {
|
||||
padLen := blockSize - len(data)%blockSize
|
||||
padding := bytes.Repeat([]byte{byte(padLen)}, padLen)
|
||||
return append(data, padding...)
|
||||
}
|
||||
|
||||
func (g *Generator) generateBaseAesEncUrl(file []byte) (string, error) {
|
||||
c, err := aes.NewCipher(g.config.encryptionKeyBin)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
data := pkcs7pad(file, aes.BlockSize)
|
||||
|
||||
ciphertext := make([]byte, aes.BlockSize+len(data))
|
||||
iv := ciphertext[:aes.BlockSize]
|
||||
|
||||
if _, err = io.ReadFull(rand.Reader, iv); err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
mode := cipher.NewCBCEncrypter(c, iv)
|
||||
mode.CryptBlocks(ciphertext[aes.BlockSize:], data)
|
||||
|
||||
encryptedURL := g.generateBase64Url(ciphertext)
|
||||
|
||||
return "enc/" + encryptedURL, nil
|
||||
}
|
||||
|
||||
func (g *Generator) GenerateUrl(file string, params []string, format Format) (string, error) {
|
||||
|
||||
if params == nil || len(params) == 0 || params[0] == "" {
|
||||
params = []string{"raw:1"}
|
||||
} else {
|
||||
@@ -107,16 +62,16 @@ func (g *Generator) GenerateUrl(file string, params []string, format Format) (st
|
||||
|
||||
var url string
|
||||
var err error
|
||||
|
||||
if g.config.PlainUrl {
|
||||
url = "plain/" + file
|
||||
url, _ = g.generatePlainUrl(file)
|
||||
} else if g.config.encryptionKeyBin != nil {
|
||||
url, err = g.generateBaseAesEncUrl([]byte(file))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
} else {
|
||||
url = g.generateBase64Url([]byte(file))
|
||||
url, _ = g.generateBase64Url([]byte(file))
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
path := fmt.Sprintf("%s%s", paramString, url)
|
||||
@@ -125,18 +80,7 @@ func (g *Generator) GenerateUrl(file string, params []string, format Format) (st
|
||||
path = path + "." + string(format)
|
||||
}
|
||||
|
||||
var signature string
|
||||
if len(g.config.keyBin) == 0 || len(g.config.saltBin) == 0 {
|
||||
signature = "insecure"
|
||||
|
||||
printer.NewPrinter().LogWarning("Insecure url generated. Provide salt and key to sign and secure url.")
|
||||
|
||||
} else {
|
||||
mac := hmac.New(sha256.New, g.config.keyBin)
|
||||
mac.Write(g.config.saltBin)
|
||||
mac.Write([]byte(path))
|
||||
signature = base64.RawURLEncoding.EncodeToString(mac.Sum(nil))
|
||||
}
|
||||
signature := g.generateSignature(path)
|
||||
|
||||
return fmt.Sprintf("%s/%s%s", g.config.Host, signature, path), nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user