working on auth

util/crypto/ed25519.go

@@ -0,0 +1,99 @@
+package crypto
+
+import (
+	"crypto/ed25519"
+	"crypto/rand"
+	"crypto/x509"
+	"encoding/pem"
+	"errors"
+)
+
+// NewPersistedED25519 public & private keys
+func NewPersistedED25519() ([]byte, []byte, error) {
+	pub, prv, err := ed25519.GenerateKey(rand.Reader)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	// marshal public key
+	pubB, err := marshalEdPublicKey(pub)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	// marshal private key
+	prvB, err := marshalEdPrivateKey(prv)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	// done
+	return pubB, prvB, nil
+}
+
+func marshalEdPrivateKey(key ed25519.PrivateKey) ([]byte, error) {
+	b, err := x509.MarshalPKCS8PrivateKey(key)
+	if err != nil {
+		return nil, err
+	}
+	enc := pem.EncodeToMemory(
+		&pem.Block{
+			Type:  "PRIVATE KEY",
+			Bytes: b,
+		},
+	)
+	return enc, nil
+}
+
+func parseEdPrivateKey(d []byte) (ed25519.PrivateKey, error) {
+	block, _ := pem.Decode(d)
+	if block == nil {
+		return nil, errors.New("failed to parse PEM block containing the key")
+	}
+
+	b, err := x509.ParsePKCS8PrivateKey(block.Bytes)
+	if err != nil {
+		return nil, err
+	}
+
+	switch pub := b.(type) {
+	case ed25519.PrivateKey:
+		return pub, nil
+	default:
+		return nil, errors.New("key type is not RSA")
+	}
+
+}
+
+func marshalEdPublicKey(key ed25519.PublicKey) ([]byte, error) {
+	b, err := x509.MarshalPKIXPublicKey(key)
+	if err != nil {
+		return nil, err
+	}
+	enc := pem.EncodeToMemory(
+		&pem.Block{
+			Type:  "PUBLIC KEY",
+			Bytes: b,
+		},
+	)
+	return enc, nil
+}
+
+func parseEdPublicKey(d []byte) (ed25519.PublicKey, error) {
+	block, _ := pem.Decode(d)
+	if block == nil {
+		return nil, errors.New("failed to parse PEM block containing the key")
+	}
+
+	b, err := x509.ParsePKIXPublicKey(block.Bytes)
+	if err != nil {
+		return nil, err
+	}
+
+	switch pub := b.(type) {
+	case ed25519.PublicKey:
+		return pub, nil
+	default:
+		return nil, errors.New("key type is not RSA")
+	}
+}

util/crypto/ed25519_test.go

@@ -0,0 +1,16 @@
+package crypto
+
+import (
+	"testing"
+)
+
+func TestGenerate(t *testing.T) {
+	public, private, err := NewPersistedED25519()
+	if err != nil {
+		t.Error(err)
+	} else {
+		t.Log(string(public))
+		t.Log(string(private))
+	}
+
+}

util/jwt/jwt.go

@@ -0,0 +1,58 @@
+// Copyright 2024 Patial Tech. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package jwt
+
+import (
+	"crypto/ed25519"
+	"fmt"
+	"time"
+
+	"github.com/lestrrat-go/jwx/v2/jwa"
+	"github.com/lestrrat-go/jwx/v2/jwk"
+	j "github.com/lestrrat-go/jwx/v2/jwt"
+)
+
+func Sign(key ed25519.PrivateKey, claims map[string]interface{}, issuer string, d time.Duration) (string, error) {
+	prv, err := jwk.FromRaw(key)
+	if err != nil {
+		return "", fmt.Errorf("failed to create JWK, %w", err)
+	}
+
+	builder := j.NewBuilder().
+		Issuer(issuer).
+		IssuedAt(time.Now()).
+		Expiration(time.Now().Add(d))
+
+	for k, v := range claims {
+		builder = builder.Claim(k, v)
+	}
+
+	token, err := builder.Build()
+	signed, err := j.Sign(token, j.WithKey(jwa.EdDSA, prv))
+	if err != nil {
+		return "", fmt.Errorf("failed to generate signed payload, %w", err)
+	}
+
+	return string(signed), nil
+}
+
+func Parse(key ed25519.PrivateKey, payload string) (j.Token, error) {
+	prv, err := jwk.FromRaw(key)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create JWK, %w", err)
+	}
+
+	pub, err := jwk.PublicKeyOf(prv)
+	if err != nil {
+		return nil, fmt.Errorf("failed on jwk.FromRaw, %w", err)
+	}
+
+	token, err := j.Parse([]byte(payload), j.WithKey(jwa.EdDSA, pub))
+	if err != nil {
+		return nil, fmt.Errorf("failed on jwk.FromRaw, %w", err)
+	}
+
+	return token, nil
+}

util/uid/sqid.go

@@ -13,7 +13,7 @@ var opts sqids.Options = sqids.Options{
 }
 
 // Encode a slice of IDs into one unique ID
-func Encode(ids []uint64) (string, error) {
+func Encode(ids ...uint64) (string, error) {
 	s, err := sqids.New()
 	if err != nil {
 		return "", err