mirror of
https://github.com/raseels-repos/golang-saas-starter-kit.git
synced 2025-06-08 23:56:37 +02:00
ca8670eadf
Created a storage interface used by authenticator to support multiple types of storage types for private keys. Added a new file storage engine which is now the default for web-api. Migrated aws secrets manager to be optional.
34 lines
680 B
Go
34 lines
680 B
Go
package auth
|
|
|
|
import (
|
|
"bytes"
|
|
"crypto/rand"
|
|
"crypto/rsa"
|
|
"crypto/x509"
|
|
"encoding/pem"
|
|
"github.com/pkg/errors"
|
|
)
|
|
|
|
// Algorithm to be used to for the private key.
|
|
const algorithm = "RS256"
|
|
|
|
// keyGen creates an x509 private key for signing auth tokens.
|
|
func keyGen() ([]byte, error) {
|
|
key, err := rsa.GenerateKey(rand.Reader, 2048)
|
|
if err != nil {
|
|
return []byte{}, errors.Wrap(err, "generating keys")
|
|
}
|
|
|
|
block := pem.Block{
|
|
Type: "RSA PRIVATE KEY",
|
|
Bytes: x509.MarshalPKCS1PrivateKey(key),
|
|
}
|
|
|
|
buf := new(bytes.Buffer)
|
|
if err := pem.Encode(buf, &block); err != nil {
|
|
return []byte{}, errors.Wrap(err, "encoding to private file")
|
|
}
|
|
|
|
return buf.Bytes(), nil
|
|
}
|