nginx

Paddy 2015-06-30 Parent:68478c1bddde

1:ac9c19126939 Go to Latest

nginx/jwt-lib/basexx.lua

Make nginx kubernetes-ready. We had to update to use a ubuntu-based image to build nginx into, because (and I kid you not) alpine linux straight-up ignores your resolv.conf file, meaning any attempt to use it with kubernetes DNS is doomed to fail. Who thought this was a good idea? So we're using a bloated image instead. Oh well. We also are running a wrapper script instead of nginx directly, so we can inject the JWT_SECRET environment variable based on a kubernetes secret file. We define the secret file (using a placeholder secret, obvs) so that future-Paddy can remember what the hell it looks like, when he inevitably loses the file and needs to sin up a new cluster. Or whatever. Finally, we updated the token expiration error message to be in an errors array, as God (and our API conventions) intended.

Download raw file
View source Diff to previous Annotate
History
1 ------------------------------------------------------------------------------------------------------------------------
2 -- util functions
3 ------------------------------------------------------------------------------------------------------------------------
4
5 function divide_string( str, max, fillChar )
6 fillChar = fillChar or ""
7 local result = {}
8
9 local start = 1
10 for i = 1, #str do
11 if i % max == 0 then
12 table.insert( result, str:sub( start, i ) )
13 start = i + 1
14 elseif i == #str then
15 table.insert( result, str:sub( start, i ) )
16 end
17 end
18
19 return result
20 end
21
22 function number_to_bit( num, length )
23 local bits = {}
24
25 while num > 0 do
26 local rest = math.fmod( num, 2 )
27 table.insert( bits, rest )
28 num = ( num - rest ) / 2
29 end
30
31 while #bits < length do
32 table.insert( bits, "0" )
33 end
34
35 return string.reverse( table.concat( bits ) )
36 end
37
38 ------------------------------------------------------------------------------------------------------------------------
39
40 local basexx = {}
41
42 ------------------------------------------------------------------------------------------------------------------------
43 -- base2(bitfield) decode and encode function
44 ------------------------------------------------------------------------------------------------------------------------
45
46 local bitMap = { o = "0", i = "1", l = "1" }
47
48 function basexx.from_bit( str )
49 str = string.lower( str )
50 str = str:gsub( '[ilo]', function( c ) return bitMap[ c ] end )
51 return ( str:gsub( '........', function ( cc )
52 return string.char( tonumber( cc, 2 ) )
53 end ) )
54 end
55
56 function basexx.to_bit( str )
57 return ( str:gsub( '.', function ( c )
58 local byte = string.byte( c )
59 local bits = {}
60 for i = 1,8 do
61 table.insert( bits, byte % 2 )
62 byte = math.floor( byte / 2 )
63 end
64 return table.concat( bits ):reverse()
65 end ) )
66 end
67
68 ------------------------------------------------------------------------------------------------------------------------
69 -- base16(hex) decode and encode function
70 ------------------------------------------------------------------------------------------------------------------------
71
72 function basexx.from_hex( str )
73 return ( str:gsub( '..', function ( cc )
74 return string.char( tonumber( cc, 16 ) )
75 end ) )
76 end
77
78 function basexx.to_hex( str )
79 return ( str:gsub( '.', function ( c )
80 return string.format('%02X', string.byte( c ) )
81 end ) )
82 end
83
84 ------------------------------------------------------------------------------------------------------------------------
85 -- generic function to decode and encode base32/base64
86 ------------------------------------------------------------------------------------------------------------------------
87
88 local function from_basexx( str, alphabet, bits )
89 local result = {}
90 for i = 1, #str do
91 local c = string.sub( str, i, i )
92 if c ~= '=' then
93 local index = string.find( alphabet, c )
94 table.insert( result, number_to_bit( index - 1, bits ) )
95 end
96 end
97
98 local value = table.concat( result )
99 local pad = #value % 8
100 return basexx.from_bit( string.sub( value, 1, #value - pad ) )
101 end
102
103 local function to_basexx( str, alphabet, bits, pad )
104 local bitString = basexx.to_bit( str )
105
106 local chunks = divide_string( bitString, bits )
107 local result = {}
108 for key,value in ipairs( chunks ) do
109 if ( #value < bits ) then
110 value = value .. string.rep( '0', bits - #value )
111 end
112 local pos = tonumber( value, 2 ) + 1
113 table.insert( result, alphabet:sub( pos, pos ) )
114 end
115
116 table.insert( result, pad )
117 return table.concat( result )
118 end
119
120 ------------------------------------------------------------------------------------------------------------------------
121 -- rfc 3548: http://www.rfc-editor.org/rfc/rfc3548.txt
122 ------------------------------------------------------------------------------------------------------------------------
123
124 local base32Alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567"
125
126 function basexx.from_base32( str )
127 return from_basexx( string.upper( str ), base32Alphabet, 5 )
128 end
129
130 function basexx.to_base32( str )
131 return to_basexx( str, base32Alphabet, 5, ({ '', '======', '====', '===', '=' })[ #str % 5 + 1 ] )
132 end
133
134 ------------------------------------------------------------------------------------------------------------------------
135 -- crockford: http://www.crockford.com/wrmg/base32.html
136 ------------------------------------------------------------------------------------------------------------------------
137
138 local crockfordAlphabet = "0123456789ABCDEFGHJKMNPQRSTVWXYZ"
139 local crockfordMap = { O = "0", I = "1", L = "1", U = "V" }
140
141 function basexx.from_crockford( str )
142 str = string.upper( str )
143 str = str:gsub( '[ILOU]', function( c ) return crockfordMap[ c ] end )
144 return from_basexx( str, crockfordAlphabet, 5 )
145 end
146
147 function basexx.to_crockford( str )
148 return to_basexx( str, crockfordAlphabet, 5, "" )
149 end
150
151 ------------------------------------------------------------------------------------------------------------------------
152 -- base64 decode and encode function
153 ------------------------------------------------------------------------------------------------------------------------
154
155 local base64Alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
156
157 function basexx.from_base64( str )
158 return from_basexx( str, base64Alphabet, 6 )
159 end
160
161 function basexx.to_base64( str )
162 return to_basexx( str, base64Alphabet, 6, ({ '', '==', '=' })[ #str % 3 + 1 ] )
163 end
164
165 ------------------------------------------------------------------------------------------------------------------------
166
167 return basexx