mirror of
https://github.com/gogrlx/nats-server.git
synced 2026-04-14 10:10:42 -07:00
0ee714ce28
Add in trusted keys options and binary stamp User JWT and Account fetch with AccountResolver Account and User expiration Account Imports/Exports w/ updates Import activation expiration Signed-off-by: Derek Collison <derek@nats.io>
43 lines
1.2 KiB
Go
43 lines
1.2 KiB
Go
// Copyright 2018 The NATS Authors
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package server
|
|
|
|
import (
|
|
"encoding/base64"
|
|
)
|
|
|
|
// Raw length of the nonce challenge
|
|
const (
|
|
nonceRawLen = 11
|
|
nonceLen = 16 // base64.StdEncoding.EncodedLen(nonceRawLen)
|
|
)
|
|
|
|
// nonceRequired tells us if we should send a nonce.
|
|
// Assumes server lock is held
|
|
func (s *Server) nonceRequired() bool {
|
|
s.optsMu.RLock()
|
|
defer s.optsMu.RUnlock()
|
|
|
|
return len(s.opts.Nkeys) > 0 || len(s.opts.TrustedNkeys) > 0
|
|
}
|
|
|
|
// Generate a nonce for INFO challenge.
|
|
// Assumes server lock is held
|
|
func (s *Server) generateNonce(n []byte) {
|
|
var raw [nonceRawLen]byte
|
|
data := raw[:]
|
|
s.prand.Read(data)
|
|
base64.StdEncoding.Encode(n, data)
|
|
}
|