Created
November 4, 2022 12:57
-
-
Save badri/e37c9a07d4a22b107a3aa2092fac8492 to your computer and use it in GitHub Desktop.
SAML2 verification
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| local resty_rsa = require "resty.rsa" | |
| local function verify_saml2_signature(payload, signature, public_key) | |
| local rsa_public_key = "-----BEGIN PUBLIC KEY-----\n" .. public_key .. "\n-----END PUBLIC KEY-----" | |
| local pub, err = resty_rsa:new({ public_key = rsa_public_key, key_type = resty_rsa.KEY_TYPE.PKCS8, algorithm = "SHA256" }) | |
| if not pub then | |
| ngx.say('unable to extract public key') | |
| return nil | |
| end | |
| local decoded_signature, err = ngx.decode_base64(signature) | |
| if not decoded_signature then | |
| ngx.say("unable to base64 decode signature") | |
| return nil | |
| end | |
| local verify, err = pub:verify(payload, decoded_signature) | |
| if not verify then | |
| ngx.say("unable to verify token") | |
| return nil | |
| end | |
| return verify | |
| end | |
| local payload = "_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d72014-07-17T01:01:18Z2024-01-18T06:21:48Z" | |
| local signature = "blYo5Msn1VjXHJPVusrslqz6Yx67Ik5KbXqYRWg6jU9pRyb2X+/3ogkK7sZ3Ec4HBBeBkQ/14PUImgmGXwnjTIwcP5wDbJQUY+RBZR5XC9IyLZLp2gmeXvNVtX+EgFhc" | |
| local public_key = "MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAOz0YTcc5qsRSyNYUBPD/6H/vcbFqtTb+IcW45PAZ5lMIMj4DLdNF+/4ZlVSVKU9QfC5lio/X76sZhwG2u+7vwOBi1awuwQ91xVroeR4ozpRqs31DYDl7uCfbMZhbG2m4wIDAQAB" | |
| local verify = verify_saml2_signature(payload, signature, public_key) | |
| ngx.say(verify) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment