token.go
package mnemosyne
import (
"crypto/rand"
"encoding/hex"
"io"
"golang.org/x/crypto/sha3"
"golang.org/x/net/context"
)
const (
// AccessTokenMetadataKey is used by Mnemosyne to retrieve session token from gRPC metadata object.
AccessTokenMetadataKey = "authorization"
)
type key struct{}
var accessTokenContextKey = key{}
// NewAccessTokenContext returns a new Context that carries token value.
func NewAccessTokenContext(ctx context.Context, at string) context.Context {
return context.WithValue(ctx, accessTokenContextKey, at)
}
// AccessTokenFromContext returns the token value stored in context, if any.
func AccessTokenFromContext(ctx context.Context) (string, bool) {
at, ok := ctx.Value(accessTokenContextKey).(string)
return at, ok
}
// RandomAccessToken generate Access Token with given key and generated hash of length 64.
func RandomAccessToken() (string, error) {
buf, err := generateRandomBytes(128)
if err != nil {
return "", err
}
// A hash needs to be 64 bytes long to have 256-bit collision resistance.
hash := make([]byte, 64)
// Compute a 64-byte hash of buf and put it in h.
sha3.ShakeSum256(hash, buf)
hash2 := make([]byte, hex.EncodedLen(len(hash)))
hex.Encode(hash2, hash)
return string(hash2), nil
}
func generateRandomBytes(length int) ([]byte, error) {
k := make([]byte, length)
if _, err := io.ReadFull(rand.Reader, k); err != nil {
return nil, err
}
return k, nil
}