Added generation of signature based on request.

1 files changed, 43 insertions, 18 deletions

diff --git a/http-server/main.go b/http-server/main.go
index 55306e8..e2402b2 100644
--- a/http-server/main.go
+++ b/http-server/main.go
@@ -1,6 +1,8 @@
 package main
 
 import (
+	"crypto/sha256"
+	"encoding/base64"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -8,6 +10,7 @@ import (
 	"net/http"
 	"os"
 	"strconv"
+	"strings"
 	"time"
 )
 
@@ -16,9 +19,8 @@ type Response struct {
 }
 
 type Request struct {
-	User      string
-	Data      string
-	Signature string
+	User string
+	Data string
 }
 
 type Message struct {
@@ -27,16 +29,31 @@ type Message struct {
 	Timestamp int64
 }
 
-func parseRequest(w http.ResponseWriter, r *http.Request) (Request, error) {
-	var resp Request
+func parseRequest(w http.ResponseWriter, r *http.Request) (Request, string, error) {
+	var req Request
 
 	body, _ := io.ReadAll(r.Body)
-	err := json.Unmarshal(body, &resp)
+	bodyStr := string(body)
+	parts := strings.Split(bodyStr, ".")
+	if len(parts) != 2 {
+		_ = badRequest(w)
+		return req, "", errors.New("request doesn't contain exactly two parts")
+	}
+
+	payload := parts[0]
+	signature := parts[1]
+
+	requestBody, err := base64.StdEncoding.DecodeString(payload)
+	if err != nil {
+		return req, "", err
+	}
+
+	err = json.Unmarshal(requestBody, &req)
 	if err != nil {
 		_ = badRequest(w)
-		return resp, err
+		return req, "", err
 	}
-	return resp, nil
+	return req, signature, nil
 }
 
 func jsonResponse(w http.ResponseWriter, resp Response) error {
@@ -75,11 +92,14 @@ func register(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	req, err := parseRequest(w, r)
+	req, signature, err := parseRequest(w, r)
 	if err != nil {
 		return
 	}
 
+	// TODO(andrew): Разобраться с процессом регистрации с подписью
+	_ = fmt.Sprintf("%s", signature)
+
 	userRegistered, err := db.checkUserRegistered(req.User)
 	if err != nil {
 		_ = serverError(w)
@@ -117,7 +137,7 @@ func register(w http.ResponseWriter, r *http.Request) {
 	})
 }
 
-func handleAuthentication(req Request) (error, error) {
+func handleAuthentication(req Request, signature string) (error, error) {
 	userRegistered, dbError := db.checkUserRegistered(req.User)
 	if dbError != nil {
 		return nil, dbError
@@ -132,8 +152,13 @@ func handleAuthentication(req Request) (error, error) {
 		return nil, err
 	}
 
-	// TODO(andrew): Добавить проверку подписи req.Signature
-	fmt.Sprintf("%s", key)
+	// TODO(andrew): Добавить проверку подписи signature
+	reqBytes, _ := json.Marshal(req)
+	req64 := base64.StdEncoding.EncodeToString(reqBytes)
+	h := sha256.Sum256([]byte(req64))
+	generatedSignature := fmt.Sprintf("%x", h)
+	fmt.Println(generatedSignature == signature)
+	fmt.Println(key)
 
 	return nil, nil
 }
@@ -144,12 +169,12 @@ func sendMessage(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	req, err := parseRequest(w, r)
+	req, signature, err := parseRequest(w, r)
 	if err != nil {
 		return
 	}
 
-	authErr, dbErr := handleAuthentication(req)
+	authErr, dbErr := handleAuthentication(req, signature)
 	if authErr != nil {
 		w.WriteHeader(http.StatusForbidden)
 		_ = jsonResponse(w, Response{
@@ -188,12 +213,12 @@ func pollMessages(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	req, err := parseRequest(w, r)
+	req, signature, err := parseRequest(w, r)
 	if err != nil {
 		return
 	}
 
-	authErr, dbErr := handleAuthentication(req)
+	authErr, dbErr := handleAuthentication(req, signature)
 	if authErr != nil {
 		w.WriteHeader(http.StatusForbidden)
 		_ = jsonResponse(w, Response{
@@ -233,12 +258,12 @@ func getUserKey(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	req, err := parseRequest(w, r)
+	req, signature, err := parseRequest(w, r)
 	if err != nil {
 		return
 	}
 
-	authErr, dbErr := handleAuthentication(req)
+	authErr, dbErr := handleAuthentication(req, signature)
 	if authErr != nil {
 		w.WriteHeader(http.StatusForbidden)
 		_ = jsonResponse(w, Response{