170 lines
3.7 KiB
Go
170 lines
3.7 KiB
Go
package auth
|
|
|
|
import (
|
|
"crypto/aes"
|
|
"crypto/cipher"
|
|
"encoding/hex"
|
|
"log"
|
|
"net/url"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/golang-jwt/jwt"
|
|
)
|
|
|
|
func BenchmarkConfirmationLink(b *testing.B) {
|
|
|
|
type Register struct {
|
|
Id int64
|
|
Password string
|
|
platform string
|
|
Expired time.Time
|
|
}
|
|
|
|
key := "21321321"
|
|
cl := NewConfirmationLink[Register](key, "http://localhost:9900/api/auth/oauth2/register")
|
|
for i := 0; i < b.N; i++ {
|
|
|
|
uri, _ := cl.Generate(&Register{Id: 39, Password: "21dsadsad", platform: "google", Expired: time.Now().UTC()})
|
|
u, _ := url.Parse(uri)
|
|
token := u.Query()["token"]
|
|
cl.Decrypt(token[0])
|
|
}
|
|
}
|
|
|
|
func BenchmarkAesXor(b *testing.B) {
|
|
// 生成一个256位的密钥
|
|
key := []byte("abcdefghijklmnopqrstuvwxyz123456")
|
|
|
|
// // 初始向量IV必须是唯一的,但不需要保密
|
|
iv := []byte("1234567890123456")
|
|
|
|
// // 要加密的明文
|
|
plaintext := []byte("hello world sadsadsadssadadsada ")
|
|
|
|
// // 使用AES加密,返回一个Block接口
|
|
// block, err := aes.NewCipher(key)
|
|
// if err != nil {
|
|
// panic(err)
|
|
// }
|
|
|
|
// // 使用CTR模式
|
|
// stream := cipher.NewCTR(block, iv)
|
|
|
|
// // 加密明文
|
|
// ciphertext := make([]byte, len(plaintext))
|
|
// stream.XORKeyStream(ciphertext, plaintext)
|
|
|
|
// // 转为hex编码打印出来
|
|
// // fmt.Println(hex.EncodeToString(ciphertext))
|
|
// ciphertextHex := hex.EncodeToString(ciphertext)
|
|
// // 将hex解码成[]byte
|
|
// ciphertext, _ = hex.DecodeString(ciphertextHex)
|
|
|
|
// // 生成Block接口
|
|
// block, err = aes.NewCipher(key)
|
|
// if err != nil {
|
|
// panic(err)
|
|
// }
|
|
|
|
// // 生成CTR模式
|
|
// stream = cipher.NewCTR(block, iv)
|
|
|
|
// // 解密密文
|
|
// plaintext = make([]byte, len(ciphertext))
|
|
// stream.XORKeyStream(plaintext, ciphertext)
|
|
|
|
// // 打印明文
|
|
// fmt.Println(string(plaintext))
|
|
|
|
for i := 0; i < b.N; i++ {
|
|
// 使用AES加密,返回一个Block接口
|
|
block, err := aes.NewCipher(key)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
// 使用CTR模式
|
|
stream := cipher.NewCTR(block, iv)
|
|
|
|
// 加密明文
|
|
ciphertext := make([]byte, len(plaintext))
|
|
stream.XORKeyStream(ciphertext, plaintext)
|
|
|
|
// 转为hex编码打印出来
|
|
// fmt.Println(hex.EncodeToString(ciphertext))
|
|
ciphertextHex := hex.EncodeToString(ciphertext)
|
|
// 将hex解码成[]byte
|
|
ciphertext, _ = hex.DecodeString(ciphertextHex)
|
|
|
|
// 生成Block接口
|
|
block, err = aes.NewCipher(key)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
// 生成CTR模式
|
|
stream = cipher.NewCTR(block, iv)
|
|
|
|
// 解密密文
|
|
plaintext = make([]byte, len(ciphertext))
|
|
stream.XORKeyStream(plaintext, ciphertext)
|
|
|
|
}
|
|
}
|
|
|
|
func TestConfirmationLink(t *testing.T) {
|
|
|
|
type Register struct {
|
|
OperateType
|
|
Id int64
|
|
Password string
|
|
platform string
|
|
Expired time.Time
|
|
}
|
|
|
|
key := "21321321"
|
|
|
|
cl := NewConfirmationLink[Register](key, "http://localhost:9900/api/auth/oauth2/register")
|
|
robj := &Register{Id: 39, Password: "21dsadsad", platform: "google", Expired: time.Now().UTC(), OperateType: OpTypeResetToken}
|
|
uri, _ := cl.Generate(robj)
|
|
log.Println(uri)
|
|
|
|
u, _ := url.Parse(uri)
|
|
log.Println(uri)
|
|
|
|
token := u.Query()["token"]
|
|
log.Println(cl.Decrypt(token[0]))
|
|
|
|
}
|
|
|
|
const secret = "your-256-bit-secret"
|
|
|
|
func BenchmarkJWT(b *testing.B) {
|
|
|
|
b.ResetTimer()
|
|
|
|
for i := 0; i < b.N; i++ {
|
|
claims := &jwt.StandardClaims{
|
|
ExpiresAt: time.Now().UTC().Unix() + 1020213021,
|
|
Issuer: "test",
|
|
}
|
|
|
|
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
|
ss, err := token.SignedString([]byte(secret))
|
|
if err != nil {
|
|
b.Fatal(err)
|
|
}
|
|
|
|
_, err = jwt.Parse(ss, func(token *jwt.Token) (interface{}, error) {
|
|
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
|
|
return nil, jwt.ErrSignatureInvalid
|
|
}
|
|
return []byte(secret), nil
|
|
})
|
|
if err != nil {
|
|
b.Fatal(err)
|
|
}
|
|
}
|
|
}
|