Initial commit (code only without large binaries)

EdgePlus/pkg/utils/encoder.go

@@ -0,0 +1,130 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package utils
+
+import (
+	"bytes"
+	"encoding/base64"
+	"encoding/json"
+	"errors"
+	teaconst "github.com/TeaOSLab/EdgePlus/pkg/const"
+	"github.com/TeaOSLab/EdgePlus/pkg/encrypt"
+	"github.com/iwind/TeaGo/maps"
+	"time"
+)
+
+// Encode 加密
+func Encode(data []byte) (string, error) {
+	instance, err := encrypt.NewMethodInstance("aes-256-cfb", teaconst.PlusKey, teaconst.PlusIV)
+	if err != nil {
+		return "", errors.New("不支持选择的加密方式")
+	}
+	dist, err := instance.Encrypt(data)
+	if err != nil {
+		return "", errors.New("加密失败：" + err.Error())
+	}
+	return base64.StdEncoding.EncodeToString(dist), nil
+}
+
+// EncodeMap 加密Map
+func EncodeMap(m maps.Map) (string, error) {
+	m["updatedAt"] = time.Now().Unix() // 用来校验Authority服务是否已经更新
+
+	data, err := json.Marshal(m)
+	if err != nil {
+		return "", err
+	}
+	return Encode(data)
+}
+
+// DecodeData 解密
+func DecodeData(data []byte) (maps.Map, error) {
+	instance, err := encrypt.NewMethodInstance("aes-256-cfb", teaconst.PlusKey, teaconst.PlusIV)
+	if err != nil {
+		return nil, errors.New("encrypt method not supported")
+	}
+	source, err := base64.StdEncoding.DecodeString(string(bytes.TrimSpace(data)))
+	if err != nil {
+		return nil, errors.New("decode key failed: base64 decode failed: " + err.Error())
+	}
+	dist, err := instance.Decrypt(source)
+	if err != nil {
+		return nil, errors.New("decode key failed: decrypt failed: " + err.Error())
+	}
+	var m = maps.Map{}
+	err = json.Unmarshal(dist, &m)
+	if err != nil {
+		return nil, errors.New("decode key failed: decode json failed: " + err.Error())
+	}
+
+	return m, nil
+}
+
+func Decode(data []byte) (maps.Map, error) {
+	m, err := DecodeData(data)
+	if err != nil {
+		return nil, err
+	}
+
+	// 控制 STILL 用户权限
+	if m.GetString("company") == "STILL" {
+		m["components"] = []ComponentCode{
+			ComponentCodeLog,
+			ComponentCodeNS,
+			ComponentCodeUser,
+		}
+	}
+
+	if len(m.GetString("dayFrom")) == 0 || len(m.GetString("dayTo")) == 0 || m.GetInt("nodes") <= 0 {
+		return nil, errors.New("invalid key")
+	}
+	return m, nil
+}
+
+// EncodeKey 加密Key
+func EncodeKey(key *Key) (string, error) {
+	key.UpdatedAt = time.Now().Unix() // 用来校验Authority服务是否已经更新
+	data, err := json.Marshal(key)
+	if err != nil {
+		return "", err
+	}
+	return Encode(data)
+}
+
+// DecodeKey 解密Key
+func DecodeKey(data []byte) (*Key, error) {
+	instance, err := encrypt.NewMethodInstance("aes-256-cfb", teaconst.PlusKey, teaconst.PlusIV)
+	if err != nil {
+		return nil, errors.New("encrypt method not supported")
+	}
+	source, err := base64.StdEncoding.DecodeString(string(bytes.TrimSpace(data)))
+	if err != nil {
+		return nil, errors.New("decode key failed: base64 decode failed: " + err.Error())
+	}
+	dist, err := instance.Decrypt(source)
+	if err != nil {
+		return nil, errors.New("decode key failed: decrypt failed: " + err.Error())
+	}
+
+	var result = &Key{}
+	err = json.Unmarshal(dist, result)
+	if err != nil {
+		return nil, errors.New("decode key failed: " + err.Error())
+	}
+
+	// 这里不能限制节点，因为以往有不限节点的授权
+	if len(result.DayFrom) == 0 || len(result.DayTo) == 0 {
+		return nil, errors.New("invalid key")
+	}
+
+	// 控制 STILL 用户权限
+	if result.Company == "STILL" {
+		result.Components = []ComponentCode{
+			ComponentCodeLog,
+			ComponentCodeNS,
+			ComponentCodeUser,
+		}
+	}
+
+	return result, nil
+}