Support new webhook signature method

Author: khanh.nguyen

go.mod

@@ -2,4 +2,7 @@ module github.com/messagebird/go-rest-api/v7
 
 go 1.14
 
-require github.com/stretchr/testify v1.7.0
+require (
+	github.com/dgrijalva/jwt-go v3.2.0+incompatible
+	github.com/stretchr/testify v1.7.0
+)

go.sum

@@ -1,8 +1,9 @@
 github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=

signature/claims.go

@@ -0,0 +1,74 @@
+package signature
+
+import (
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/dgrijalva/jwt-go"
+)
+
+// maxSkew is the maximum time skew that we accept.  Sometimes the Internet is *so* fast
+// that messages are received before they are sent, or the clocks of two servers are not
+// in-sync, whichever cause seems more likely to you.
+const maxSkew = 1 * time.Second
+
+// Claims replaces jwt.StandardClaims as it checks all aspects of the the JWT token that
+// have been specified by the MessageBird RFC.
+type Claims struct {
+	// The following 3 fields are added to Claims before JWT is parsed so that the
+	// immediately following call to Valid() by jwt-go has *all* necessary information to
+	// determine whether JWT is valid.  These fields should not be overwritten by JSON
+	// unmarshal.
+	receivedTime       time.Time `json:"-"`
+	correctPayloadHash string    `json:"-"`
+	correctURLHash     string    `json:"-"`
+
+	Issuer         string `json:"iss"`
+	IssuedAt       int64  `json:"iat"`
+	ExpirationTime int64  `json:"exp"`
+	JWTID          string `json:"jti"`
+	URLHash        string `json:"url_hash"`
+	PayloadHash    string `json:"payload_hash,omitempty"`
+}
+
+// Valid is called by jwt-go after the Claims struct has been filled.  If an error is
+// returned, it means that the JWT should not be trusted.
+func (c Claims) Valid() error {
+	var errs []string
+
+	if c.Issuer != "MessageBird" {
+		errs = append(errs, "wrong iss")
+	}
+
+	if iat := time.Unix(c.IssuedAt, int64(c.receivedTime.Nanosecond())).Add(-maxSkew); c.receivedTime.Before(iat) {
+		errs = append(errs, "iat is in the future")
+	}
+
+	if exp := time.Unix(c.ExpirationTime, int64(c.receivedTime.Nanosecond())).Add(maxSkew); c.receivedTime.After(exp) {
+		errs = append(errs, "exp is in the past")
+	}
+
+	if c.JWTID == "" {
+		errs = append(errs, "jti is empty or missing")
+	}
+
+	if c.correctURLHash != c.URLHash {
+		errs = append(errs, "url_hash is invalid")
+	}
+
+	switch {
+	case c.correctPayloadHash == "" && c.PayloadHash != "":
+		errs = append(errs, "payload_hash was set; expected no payload value")
+	case c.correctPayloadHash != "" && c.correctPayloadHash != c.PayloadHash:
+		errs = append(errs, "payload_hash is invalid")
+	}
+
+	if len(errs) == 0 {
+		return nil
+	}
+	return fmt.Errorf("%s", strings.Join(errs, "; "))
+}
+
+// Claims satisfies jwt.Claims.
+var _ jwt.Claims = Claims{}

signature/signature.go

@@ -1,124 +1,98 @@
 /*
 Package signature implements signature verification for MessageBird webhooks.
 
-To use define a new validator using your MessageBird Signing key.  You can use the
-ValidRequest method, just pass the request as a parameter:
+To use define a new validator using your MessageBird Signing key. You can use the
+ValidRequest method, just pass the request and base url as parameters:
 
-    validator := signature.NewValidator("your signing key")
-    if err := validator.ValidRequest(r); err != nil {
+    validator := signature.NewValidator([]byte("your signing key"))
+	baseUrl := "https://messagebird.io"
+    if err := validator.ValidRequest(r, baseUrl); err != nil {
         // handle error
     }
 
 Or use the handler as a middleware for your server:
 
-	http.Handle("/path", validator.Validate(YourHandler))
+	http.Handle("/path", validator.Validate(YourHandler, baseUrl))
 
 It will reject the requests that contain invalid signatures.
-The validator uses a 5ms seconds window to accept requests as valid, to change
-this value, set the ValidityWindow to the disired duration.
-Take into account that the validity window works around the current time:
-	[now - ValidityWindow/2, now + ValidityWindow/2]
 */
 package signature
 
 import (
 	"bytes"
-	"crypto/hmac"
 	"crypto/sha256"
-	"encoding/base64"
+	"encoding/hex"
 	"fmt"
 	"io/ioutil"
 	"net/http"
 	"net/url"
-	"strconv"
 	"time"
-)
 
-const (
-	tsHeader = "MessageBird-Request-Timestamp"
-	sHeader  = "MessageBird-Signature"
+	"github.com/dgrijalva/jwt-go"
 )
 
-// ValidityWindow defines the time window in which to validate a request.
-var ValidityWindow = 5 * time.Second
+const signatureHeader = "MessageBird-Signature-JWT"
 
-// StringToTime converts from Unicode Epoch encoded timestamps to the time.Time type.
-func stringToTime(s string) (time.Time, error) {
-	sec, err := strconv.ParseInt(s, 10, 64)
-	if err != nil {
-		return time.Time{}, err
-	}
-	return time.Unix(sec, 0), nil
+// TimeFunc provides the current time same as time.Now but can be overridden for testing.
+var TimeFunc = time.Now
+
+// allowedMethods lists the signing methods that we accept.  We only allow symmetric-key
+// algorithms as our customer signing keys are currently all simple byte strings.  HMAC is
+// also the only symkey signature method that is required by the RFC7518 Section 3.1 and
+// thus should be supported by all JWT implementations.
+var allowedMethods = []string{
+	jwt.SigningMethodHS256.Name,
+	jwt.SigningMethodHS384.Name,
+	jwt.SigningMethodHS512.Name,
 }
 
 // Validator type represents a MessageBird signature validator.
 type Validator struct {
-	SigningKey string // Signing Key provided by MessageBird.
+	SigningKey []byte // Signing Key provided by MessageBird.
 }
 
 // NewValidator returns a signature validator object.
-func NewValidator(signingKey string) *Validator {
+func NewValidator(signingKey []byte) *Validator {
 	return &Validator{
 		SigningKey: signingKey,
 	}
 }
 
-// validTimestamp validates if the MessageBird-Request-Timestamp is a valid
-// date and if the request is older than the validator Period.
-func (v *Validator) validTimestamp(ts string) bool {
-	t, err := stringToTime(ts)
-	if err != nil {
-		return false
-	}
-	diff := time.Now().Add(ValidityWindow / 2).Sub(t)
-	return diff < ValidityWindow && diff > 0
-}
+// ValidSignature is a method that takes care of the signature validation of
+// incoming requests.
+func (v *Validator) ValidSignature(signature, url string, payload []byte) error {
+	parser := jwt.Parser{ValidMethods: allowedMethods}
+	keyFn := func(*jwt.Token) (interface{}, error) { return v.SigningKey, nil }
 
-// calculateSignature calculates the MessageBird-Signature using HMAC_SHA_256
-// encoding and the timestamp, query params and body from the request:
-// signature = HMAC_SHA_256(
-//	TIMESTAMP + \n + QUERY_PARAMS + \n + SHA_256_SUM(BODY),
-//	signing_key)
-func (v *Validator) calculateSignature(ts, qp string, b []byte) ([]byte, error) {
-	var m bytes.Buffer
-	bh := sha256.Sum256(b)
-	fmt.Fprintf(&m, "%s\n%s\n%s", ts, qp, bh[:])
-	mac := hmac.New(sha256.New, []byte(v.SigningKey))
-	if _, err := mac.Write(m.Bytes()); err != nil {
-		return nil, err
+	claims := Claims{
+		receivedTime:   TimeFunc(),
+		correctURLHash: sha256Hash([]byte(url)),
 	}
-	return mac.Sum(nil), nil
-}
-
-// validSignature takes the timestamp, query params and body from the request,
-// calculates the expected signature and compares it to the one sent by MessageBird.
-func (v *Validator) validSignature(ts, rqp string, b []byte, rs string) bool {
-	uqp, err := url.Parse("?" + rqp)
-	if err != nil {
-		return false
+	if payload != nil && len(payload) != 0 {
+		claims.correctPayloadHash = sha256Hash(payload)
 	}
-	es, err := v.calculateSignature(ts, uqp.Query().Encode(), b)
-	if err != nil {
-		return false
-	}
-	drs, err := base64.StdEncoding.DecodeString(rs)
-	if err != nil {
-		return false
+
+	if _, err := parser.ParseWithClaims(signature, &claims, keyFn); err != nil {
+		return fmt.Errorf("invalid jwt: %w", err)
 	}
-	return hmac.Equal(drs, es)
+
+	return nil
 }
 
 // ValidRequest is a method that takes care of the signature validation of
 // incoming requests.
-func (v *Validator) ValidRequest(r *http.Request) error {
-	ts := r.Header.Get(tsHeader)
-	rs := r.Header.Get(sHeader)
-	if ts == "" || rs == "" {
-		return fmt.Errorf("Unknown host: %s", r.Host)
+func (v *Validator) ValidRequest(r *http.Request, baseUrl string) error {
+	base, err := url.Parse(baseUrl)
+	if err != nil {
+		return fmt.Errorf("error parsing base url: %v", err)
+	}
+	signature := r.Header.Get(signatureHeader)
+	if signature == "" {
+		return fmt.Errorf("signature not found")
 	}
 	b, _ := ioutil.ReadAll(r.Body)
-	if !v.validTimestamp(ts) || !v.validSignature(ts, r.URL.RawQuery, b, rs) {
-		return fmt.Errorf("Unknown host: %s", r.Host)
+	if err := v.ValidSignature(signature, base.ResolveReference(r.URL).String(), b); err != nil {
+		return fmt.Errorf("invalid signature: %s", err.Error())
 	}
 	r.Body = ioutil.NopCloser(bytes.NewBuffer(b))
 	return nil
@@ -127,12 +101,21 @@ func (v *Validator) ValidRequest(r *http.Request) error {
 // Validate is a handler wrapper that takes care of the signature validation of
 // incoming requests and rejects them if invalid or pass them on to your handler
 // otherwise.
-func (v *Validator) Validate(h http.Handler) http.Handler {
+func (v *Validator) Validate(h http.Handler, baseUrl string) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if err := v.ValidRequest(r); err != nil {
+		if err := v.ValidRequest(r, baseUrl); err != nil {
 			http.Error(w, "", http.StatusUnauthorized)
 			return
 		}
 		h.ServeHTTP(w, r)
 	})
 }
+
+func sha256Hash(data []byte) string {
+	if data == nil {
+		return ""
+	}
+
+	h := sha256.Sum256(data)
+	return hex.EncodeToString(h[:])
+}