summaryrefslogtreecommitdiff
path: root/vendor/github.com/SherClockHolmes/webpush-go/vapid.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/SherClockHolmes/webpush-go/vapid.go')
-rw-r--r--vendor/github.com/SherClockHolmes/webpush-go/vapid.go118
1 files changed, 0 insertions, 118 deletions
diff --git a/vendor/github.com/SherClockHolmes/webpush-go/vapid.go b/vendor/github.com/SherClockHolmes/webpush-go/vapid.go
deleted file mode 100644
index d1c2a9154..000000000
--- a/vendor/github.com/SherClockHolmes/webpush-go/vapid.go
+++ /dev/null
@@ -1,118 +0,0 @@
-package webpush
-
-import (
- "crypto/ecdsa"
- "crypto/elliptic"
- "crypto/rand"
- "encoding/base64"
- "math/big"
- "net/url"
- "strings"
- "time"
-
- "github.com/golang-jwt/jwt/v5"
-)
-
-// GenerateVAPIDKeys will create a private and public VAPID key pair
-func GenerateVAPIDKeys() (privateKey, publicKey string, err error) {
- // Get the private key from the P256 curve
- curve := elliptic.P256()
-
- private, x, y, err := elliptic.GenerateKey(curve, rand.Reader)
- if err != nil {
- return
- }
-
- public := elliptic.Marshal(curve, x, y)
-
- // Convert to base64
- publicKey = base64.RawURLEncoding.EncodeToString(public)
- privateKey = base64.RawURLEncoding.EncodeToString(private)
-
- return
-}
-
-// Generates the ECDSA public and private keys for the JWT encryption
-func generateVAPIDHeaderKeys(privateKey []byte) *ecdsa.PrivateKey {
- // Public key
- curve := elliptic.P256()
- px, py := curve.ScalarMult(
- curve.Params().Gx,
- curve.Params().Gy,
- privateKey,
- )
-
- pubKey := ecdsa.PublicKey{
- Curve: curve,
- X: px,
- Y: py,
- }
-
- // Private key
- d := &big.Int{}
- d.SetBytes(privateKey)
-
- return &ecdsa.PrivateKey{
- PublicKey: pubKey,
- D: d,
- }
-}
-
-// getVAPIDAuthorizationHeader
-func getVAPIDAuthorizationHeader(
- endpoint,
- subscriber,
- vapidPublicKey,
- vapidPrivateKey string,
- expiration time.Time,
-) (string, error) {
- // Create the JWT token
- subURL, err := url.Parse(endpoint)
- if err != nil {
- return "", err
- }
-
- // Unless subscriber is an HTTPS URL, assume an e-mail address
- if !strings.HasPrefix(subscriber, "https:") {
- subscriber = "mailto:" + subscriber
- }
-
- token := jwt.NewWithClaims(jwt.SigningMethodES256, jwt.MapClaims{
- "aud": subURL.Scheme + "://" + subURL.Host,
- "exp": time.Now().Add(time.Hour * 12).Unix(),
- "sub": subscriber,
- })
-
- // Decode the VAPID private key
- decodedVapidPrivateKey, err := decodeVapidKey(vapidPrivateKey)
- if err != nil {
- return "", err
- }
-
- privKey := generateVAPIDHeaderKeys(decodedVapidPrivateKey)
-
- // Sign token with private key
- jwtString, err := token.SignedString(privKey)
- if err != nil {
- return "", err
- }
-
- // Decode the VAPID public key
- pubKey, err := decodeVapidKey(vapidPublicKey)
- if err != nil {
- return "", err
- }
-
- return "vapid t=" + jwtString + ", k=" + base64.RawURLEncoding.EncodeToString(pubKey), nil
-}
-
-// Need to decode the vapid private key in multiple base64 formats
-// Solution from: https://github.com/SherClockHolmes/webpush-go/issues/29
-func decodeVapidKey(key string) ([]byte, error) {
- bytes, err := base64.URLEncoding.DecodeString(key)
- if err == nil {
- return bytes, nil
- }
-
- return base64.RawURLEncoding.DecodeString(key)
-}
generated by cgit v1.2.3 (git 2.46.0) at 2025-07-30 16:48:50 +0000