casperrafn / surl Public

forked from leg100/surl

Notifications You must be signed in to change notification settings
Fork 0
Star 0

Create signed URLs in Go.

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 22 Commits
.github/workflows		.github/workflows
example		example
.gitignore		.gitignore
Makefile		Makefile
formatter.go		formatter.go
go.mod		go.mod
go.sum		go.sum
int_encoding.go		int_encoding.go
int_encoding_test.go		int_encoding_test.go
license.md		license.md
path_formatter.go		path_formatter.go
path_formatter_test.go		path_formatter_test.go
query_formatter.go		query_formatter.go
query_formatter_test.go		query_formatter_test.go
readme.md		readme.md
signer.go		signer.go
signer_test.go		signer_test.go

Repository files navigation

surl

Create signed URLs using go.

Installation

go get github.com/leg100/surl@latest

Usage

package main

import (
	"fmt"
	"time"

	"github.com/leg100/surl"
)

func main() {
	signer := surl.New([]byte("secret_sesame"))

	// Create a signed URL that expires in one hour.
	signed, _ := signer.Sign("https://example.com/a/b/c?foo=bar", time.Hour)
	fmt.Println("signed url:", signed)
	// Outputs something like:
	// https://example.com/a/b/c?expiry=1667331055&foo=bar&signature=TGvxmRwpoAUt9YEIbeJ164lMYrzA2DBnYB9Lcy9m1T

	err := signer.Verify(signed)
	if err != nil {
		fmt.Println("verification failed:", err.Error())
	}
	fmt.Println("verification succeeded")
}

Notes

Only the path and query are signed; the scheme and hostname are skipped when producing the signature. The query too can be skipped with the SkipQuery option.
Any change in the order of the query parameters in a signed URL renders it invalid, unless SkipQuery is specified.