add examples

example.go

@@ -19,14 +19,14 @@ func main() {
 	}
 	pp.Println(user)
 
-	signature, err := stns.Signature([]byte("secret message"))
+	signature, err := stns.Sign([]byte("secret message"))
 	if err != nil {
 		panic(err)
 	}
 
 	// it is ok
-	fmt.Println(stns.VerifyWithUser("pyama", signature))
+	fmt.Println(stns.VerifyWithUser("pyama", []byte("secret message"), signature))
 
 	// verify error
-	fmt.Println(stns.VerifyWithUser("pyama", []byte("dummy")))
+	fmt.Println(stns.VerifyWithUser("pyama", []byte("invalid message"), signature))
 }

example/challenge.go

@@ -0,0 +1,108 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+
+	"github.com/STNS/libstns-go/libstns"
+)
+
+var stns *libstns.STNS
+
+func challengeCode(w http.ResponseWriter, r *http.Request) {
+	if err := r.ParseForm(); err != nil {
+		panic(err)
+	}
+	code, err := stns.CreateUserChallengeCode(r.FormValue("user"))
+	if err != nil {
+		panic(err)
+	}
+
+	fmt.Fprintf(w, string(code))
+}
+
+func verify(w http.ResponseWriter, r *http.Request) {
+	if err := r.ParseForm(); err != nil {
+		panic(err)
+	}
+	err := stns.VerifyWithUser(r.FormValue("user"), []byte(r.FormValue("code")), []byte(r.FormValue("signature")))
+	if err != nil {
+		w.WriteHeader(http.StatusUnauthorized)
+		return
+	}
+	code, err := stns.GetUserChallengeCode(r.FormValue("user"))
+	if err != nil {
+		panic(err)
+	}
+	if string(code) == r.FormValue("code") {
+		w.WriteHeader(http.StatusOK)
+		return
+	}
+	w.WriteHeader(http.StatusUnauthorized)
+}
+func main() {
+	s, err := libstns.NewSTNS("https://stns.lolipop.io/v1/", nil)
+	if err != nil {
+		panic(err)
+	}
+	stns = s
+
+	go func() {
+		http.HandleFunc("/challenge", challengeCode)
+		http.HandleFunc("/verify", verify)
+		if err := http.ListenAndServe("127.0.0.1:18000", nil); err != nil {
+			panic(err)
+		}
+	}()
+
+	// sorry...
+	time.Sleep(1 * time.Second)
+	u := "http://127.0.0.1:18000/challenge?user=pyama"
+
+	resp, err := http.Get(u)
+	if err != nil {
+		panic(err)
+	}
+	defer resp.Body.Close()
+	code, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		panic(err)
+	}
+
+	sig, err := stns.Sign(code)
+	if err != nil {
+		panic(err)
+	}
+	values := url.Values{}
+	values.Set("user", "pyama")
+	values.Set("signature", string(sig))
+	values.Add("code", string(code))
+
+	req, err := http.NewRequest(
+		"POST",
+		"http://127.0.0.1:18000/verify",
+		strings.NewReader(values.Encode()),
+	)
+	if err != nil {
+		panic(err)
+	}
+
+	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+
+	client := &http.Client{}
+	resp, err = client.Do(req)
+	if err != nil {
+		panic(err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode == http.StatusOK {
+		fmt.Println("verify ok")
+	} else {
+		fmt.Println("verify failed")
+	}
+}

example/simple.go

@@ -0,0 +1,32 @@
+package main
+
+import (
+	"fmt"
+
+	"github.com/STNS/libstns-go/libstns"
+	"github.com/k0kubun/pp"
+)
+
+func main() {
+	stns, err := libstns.NewSTNS("https://stns.lolipop.io/v1/", nil)
+	if err != nil {
+		panic(err)
+	}
+
+	user, err := stns.GetUserByName("pyama")
+	if err != nil {
+		panic(err)
+	}
+	pp.Println(user)
+
+	signature, err := stns.Sign([]byte("secret message"))
+	if err != nil {
+		panic(err)
+	}
+
+	// it is ok
+	fmt.Println(stns.VerifyWithUser("pyama", []byte("secret message"), signature))
+
+	// verify error
+	fmt.Println(stns.VerifyWithUser("pyama", []byte("invalid message"), signature))
+}

libstns/stns.go

@@ -25,6 +25,7 @@ type STNS struct {
 }
 
 func DefaultStoreChallengeCode(user string, code []byte) error {
+	fmt.Sprint(path.Join(os.TempDir(), user))
 	err := ioutil.WriteFile(path.Join(os.TempDir(), user), code, 0600)
 	if err != nil {
 		return err
@@ -188,7 +189,11 @@ func (c *STNS) CreateUserChallengeCode(name string) ([]byte, error) {
 	return code, nil
 }
 
-func (c *STNS) Signature(code []byte) ([]byte, error) {
+func (c *STNS) GetUserChallengeCode(name string) ([]byte, error) {
+	return c.getChallengeCode(name)
+}
+
+func (c *STNS) Sign(code []byte) ([]byte, error) {
 	privateKey, err := c.loadPrivateKey()
 	if err != nil {
 		return nil, err
@@ -206,20 +211,16 @@ func (c *STNS) Signature(code []byte) ([]byte, error) {
 	return jsonSig, nil
 }
 
-func (c *STNS) VerifyWithUser(name string, signature []byte) error {
+func (c *STNS) VerifyWithUser(name string, msg, signature []byte) error {
 	user, err := c.GetUserByName(name)
 	if err != nil {
 		return err
 	}
-	msg, err := c.getChallengeCode(name)
-	if err != nil {
-		return err
-	}
 
-	return c.verify(msg, []byte(strings.Join(user.Keys, "\n")), signature)
+	return c.Verify(msg, []byte(strings.Join(user.Keys, "\n")), signature)
 }
 
-func (c *STNS) verify(msg, publicKeyBytes, signature []byte) error {
+func (c *STNS) Verify(msg, publicKeyBytes, signature []byte) error {
 	for len(publicKeyBytes) > 0 {
 		publicKey, _, _, rest, err := ssh.ParseAuthorizedKey(publicKeyBytes)
 		if err != nil {

libstns/stns_test.go

@@ -478,7 +478,7 @@ func TestSTNS_GetGroupByID(t *testing.T) {
 	}
 }
 
-func TestSTNS_Signature(t *testing.T) {
+func TestSTNS_Sign(t *testing.T) {
 	type fields struct {
 		client             *client
 		PrivatekeyPath     string
@@ -518,9 +518,9 @@ func TestSTNS_Signature(t *testing.T) {
 					return errors.New("unmatch store code")
 				},
 			}
-			_, err := c.Signature(tt.msg)
+			_, err := c.Sign(tt.msg)
 			if (err != nil) != tt.wantErr {
-				t.Errorf("STNS.Signature() error = %v, wantErr %v", err, tt.wantErr)
+				t.Errorf("STNS.Sign() error = %v, wantErr %v", err, tt.wantErr)
 				return
 			}
 		})
@@ -656,7 +656,7 @@ func TestSTNS_Verify(t *testing.T) {
 					PrivatekeyPassword: tt.fields.PrivatekeyPassword,
 				},
 			}
-			if err := c.verify(tt.args.msg, tt.args.publicKeyBytes, tt.args.signature); (err != nil) != tt.wantErr {
+			if err := c.Verify(tt.args.msg, tt.args.publicKeyBytes, tt.args.signature); (err != nil) != tt.wantErr {
 				t.Errorf("STNS.Verify() error = %v, wantErr %v", err, tt.wantErr)
 			}
 		})