cosmium/internal/authentication/authentication.go

32 lines
908 B
Go

package authentication
import (
"crypto/hmac"
"crypto/sha256"
"encoding/base64"
"fmt"
"strings"
)
// https://learn.microsoft.com/en-us/rest/api/cosmos-db/access-control-on-cosmosdb-resources
func GenerateSignature(verb string, resourceType string, resourceId string, date string, masterKey string) string {
isNameBased := resourceId != "" && ((len(resourceId) > 4 && resourceId[3] == '/') || strings.HasPrefix(strings.ToLower(resourceId), "interopusers"))
if !isNameBased {
resourceId = strings.ToLower(resourceId)
}
payload := fmt.Sprintf(
"%s\n%s\n%s\n%s\n%s\n",
strings.ToLower(verb),
strings.ToLower(resourceType),
resourceId,
strings.ToLower(date),
"")
masterKeyBytes, _ := base64.StdEncoding.DecodeString(masterKey)
hash := hmac.New(sha256.New, masterKeyBytes)
hash.Write([]byte(payload))
signature := base64.StdEncoding.EncodeToString(hash.Sum(nil))
return signature
}