aboutsummaryrefslogtreecommitdiffstats
path: root/library/cpp/tvmauth/src/parser.cpp
blob: 358de58d3653d9415bdf8d96135c0aba78a26953 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97

#include "parser.h"

#include "utils.h"

#include <library/cpp/tvmauth/exception.h>

#include <util/generic/strbuf.h>
#include <util/string/split.h>

#include <ctime>

namespace NTvmAuth {
    TString TParserTvmKeys::ParseStrV1(TStringBuf str) {
        while (str && str.back() == '\n') {
            str.Chop(1);
        }

        TStringBuf ver = str.NextTok(DELIM);
        if (!str || !ver || ver != "1") {
            throw TMalformedTvmKeysException() << "Malformed TVM keys";
        }
        TString res = NUtils::Base64url2bin(str);
        if (res.empty()) {
            throw TMalformedTvmKeysException() << "Malformed TVM keys";
        }
        return res;
    }

    TStringBuf TParserTickets::UserFlag() {
        static const char BUF_[] = "user";
        return TStringBuf(BUF_, sizeof(BUF_) - 1);
    }

    TStringBuf TParserTickets::ServiceFlag() {
        static const char BUF_[] = "serv";
        return TStringBuf(BUF_, sizeof(BUF_) - 1);
    }

    TParserTickets::TRes TParserTickets::ParseV3(TStringBuf body, const NRw::TPublicKeys& keys, TStringBuf type) {
        TStrRes str = ParseStrV3(body, type);
        TRes res(str.Status);
        if (str.Status != ETicketStatus::Ok) {
            return TRes(str.Status);
        }
        if (!res.Ticket.ParseFromString(str.Proto)) {
            res.Status = ETicketStatus::Malformed;
            return res;
        }
        if (res.Ticket.expirationtime() <= time(nullptr)) {
            res.Status = ETicketStatus::Expired;
            return res;
        }

        auto itKey = keys.find(res.Ticket.keyid());
        if (itKey == keys.end()) {
            res.Status = ETicketStatus::MissingKey;
            return res;
        }
        if (!itKey->second.CheckSign(str.ForCheck, str.Sign)) {
            res.Status = ETicketStatus::SignBroken;
            return res;
        }
        return res;
    }

    TParserTickets::TStrRes TParserTickets::ParseStrV3(TStringBuf body, TStringBuf type) {
        TStringBuf forCheck = body;
        TStringBuf version = body.NextTok(DELIM);
        if (!body || version.size() != 1) {
            return {ETicketStatus::Malformed, {}, {}, {}};
        }
        if (version != "3") {
            return {ETicketStatus::UnsupportedVersion, {}, {}, {}};
        }

        TStringBuf ticketType = body.NextTok(DELIM);
        if (ticketType != type) {
            return {ETicketStatus::InvalidTicketType, {}, {}, {}};
        }

        TStringBuf proto = body.NextTok(DELIM);
        TStringBuf sign = body.NextTok(DELIM);

        if (!proto || !sign || body.size() > 0) {
            return {ETicketStatus::Malformed, {}, {}, {}};
        }

        TString protoBin = NUtils::Base64url2bin(proto);
        TString signBin = NUtils::Base64url2bin(sign);

        if (!protoBin || !signBin) {
            return {ETicketStatus::Malformed, {}, {}, {}};
        }

        return {ETicketStatus::Ok, std::move(protoBin), std::move(signBin), forCheck.Chop(sign.size())};
    }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-07 13:40:17 +0000