File tree 2 files changed +61
-0
lines changed
main/kotlin/no/nav/dagpenger/ktor/auth
test/kotlin/no/nav/dagpenger/ktor/auth
2 files changed +61
-0
lines changed Original file line number Diff line number Diff line change 1+ package no.nav.dagpenger.ktor.auth
2+
3+ import javax.crypto.Mac
4+ import javax.crypto.spec.SecretKeySpec
5+
6+ class ApiKeyVerifier (private val secret : ByteArray ) {
7+
8+ private val algorithm = " HmacSHA256"
9+
10+ fun verify (apiKey : ByteArray , expectedApiKey : ByteArray ): Boolean {
11+
12+ val hmac = generate(apiKey)
13+
14+ if (hmac.size != expectedApiKey.size) return false
15+ var result = 0
16+ for (i in 0 until hmac.size) {
17+ result = result.or (hmac[i].toInt().xor(expectedApiKey[i].toInt()))
18+ }
19+
20+ return result == 0
21+ }
22+
23+ fun generate (apiKey : ByteArray ): ByteArray {
24+ val keySpec = SecretKeySpec (secret, algorithm)
25+ val mac = Mac .getInstance(algorithm)
26+ mac.init (keySpec)
27+
28+ val hmac = mac.doFinal(apiKey)
29+ return hmac
30+ }
31+ }
Original file line number Diff line number Diff line change 1+ package no.nav.dagpenger.ktor.auth
2+
3+ import org.junit.jupiter.api.Test
4+ import kotlin.test.assertFalse
5+ import kotlin.test.assertTrue
6+
7+ internal class ApiKeyVerifierTest {
8+
9+ @Test
10+ fun `Should be able to verify api key with same secret`
11+ val verifier = ApiKeyVerifier (" secret"
12+ val enc = verifier.generate(" apikey"
13+ assertTrue { verifier.verify(" apikey"
14+ }
15+
16+ @Test
17+ fun `Should not be able to verify api if key has changed key with same secret`
18+ val verifier = ApiKeyVerifier (" secret"
19+ val enc = verifier.generate(" apikey"
20+ assertFalse { verifier.verify(" Apikey"
21+ }
22+
23+ @Test
24+ fun `Should not be able to verify api if with secret changed`
25+ val generator = ApiKeyVerifier (" another secret"
26+ val enc = generator.generate(" apikey"
27+ val verifier = ApiKeyVerifier (" secret"
28+ assertFalse { verifier.verify(" apikey"
29+ }
30+ }
You can’t perform that action at this time.
0 commit comments