-
Notifications
You must be signed in to change notification settings - Fork 2
/
api-key.lisp
69 lines (61 loc) · 2.29 KB
/
api-key.lisp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
;;; -*- Mode: LISP; Syntax: COMMON-LISP; Package: RLGL-SERVER; Base: 10 -*-
;;;
;;; Copyright (C) 2018, 2019, 2020, 2021 Anthony Green <[email protected]>
;;;
;;; This program is free software: you can redistribute it and/or
;;; modify it under the terms of the GNU Affero General Public License
;;; as published by the Free Software Foundation, either version 3 of
;;; the License, or (at your option) any later version.
;;;
;;; This program is distributed in the hope that it will be useful,
;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
;;; Affero General Public License for more details.
;;;
;;; You should have received a copy of the GNU Affero General Public
;;; License along with this program. If not, see
;;; <http://www.gnu.org/licenses/>.
;; Make base32-style API keys.
;; Inspired by https://www.npmjs.com/package/uuid-apikey
(defpackage #:rlgl.api-key
(:use #:cl)
(:shadow #:package)
(:export #:make-api-key #:authorize-by-api-key #:authorize-by-policy-bound-api-key))
(in-package #:rlgl.api-key)
(defun authorize-by-api-key (db api-key)
(if (or (rlgl.db:find-puk-by-api-key db api-key)
(rlgl.db:find-policy-bound-api-key db api-key))
t
nil))
(defun authorize-by-policy-bound-api-key (db api-key policy-name)
"Return nil if API-KEY is bound to a policy that is not POLICY-NAME, and t otherwise."
(let ((bound-policy (rlgl.db:find-policy-bound-api-key db api-key)))
(if bound-policy
(string= policy-name bound-policy)
t)))
(defun int-to-byte-array (int)
(let ((a (make-array 4)))
(setf (aref a 0) (ldb (byte 8 0) int))
(setf (aref a 1) (ldb (byte 8 8) int))
(setf (aref a 2) (ldb (byte 8 16) int))
(setf (aref a 3) (ldb (byte 8 24) int))
a))
(defun string-to-base32 (s start end)
(str:substring
0 7
(base32:bytes-to-base32
(int-to-byte-array (parse-integer
(str:substring start end s) :radix 16)))))
(defun make-api-key ()
"Make a base32-style API key."
(let ((uuid (str:replace-all "-" ""
(print-object (uuid:make-v4-uuid) nil))))
(str:upcase
(str:concat
(string-to-base32 uuid 0 7)
"-"
(string-to-base32 uuid 8 15)
"-"
(string-to-base32 uuid 16 23)
"-"
(string-to-base32 uuid 24 31)))))