115 lines
2.9 KiB
Markdown
115 lines
2.9 KiB
Markdown
|
+++
|
||
|
date = "2016-06-14"
|
||
|
tags = ["pc"]
|
||
|
title = "base64"
|
||
|
slug = "base64"
|
||
|
+++
|
||
|
|
||
|
`base64`を扱う場合、`base64`コマンドによってエンコード、デコードできます。
|
||
|
|
||
|
```bash
|
||
|
$ echo test | base64
|
||
|
$ echo test | base64 | pbcopy
|
||
|
# 以下のコマンドはコピーしないように
|
||
|
$ pbpaste | base64 -d
|
||
|
```
|
||
|
|
||
|
jsonと組み合わせると以下のように感じで使えます。
|
||
|
|
||
|
<pre><code class="bash">
|
||
|
$ echo "eyJ0aXRsZSI6IiIsImJvZHkiOiIifQo=" | base64 -d | jq .
|
||
|
{
|
||
|
"title": "",
|
||
|
"body": ""
|
||
|
}
|
||
|
</code></pre>
|
||
|
|
||
|
|
||
|
また、secret base64を使うことで暗号化データを扱えます。これについては後述する`jwt`を使います。
|
||
|
|
||
|
例えば、[jwt](https://jwt.io/)というものがあります。これを使うと、jsonに暗号化及び署名を行えます。
|
||
|
|
||
|
<pre><code class="bash">
|
||
|
$ echo "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ" | base64 -d
|
||
|
</code></pre>
|
||
|
|
||
|
|
||
|
OAuthなどのAccess Tokenを扱う場合、非常に便利です。
|
||
|
|
||
|
以下の記事が参考になります。
|
||
|
|
||
|
https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/
|
||
|
|
||
|
http://trustedanalytics.org/how-to-secure-tap-applications-using-oauth2/
|
||
|
|
||
|
基本的には以下の様な感じで使います。
|
||
|
|
||
|
<pre><code class="bash">
|
||
|
$ mkdir koa-test && cd koa-test
|
||
|
$ npm install koa koa-jwt co-body --save
|
||
|
$ openssl genrsa -out demo.rsa 1024
|
||
|
$ openssl rsa -in demo.rsa -pubout > demo.rsa.pub
|
||
|
$ vim app.js
|
||
|
</code></pre>
|
||
|
|
||
|
<pre><code class="node">
|
||
|
var koa = require('koa');
|
||
|
var parse = require('co-body');
|
||
|
var jwt = require('koa-jwt');
|
||
|
var fs = require('fs');
|
||
|
|
||
|
var app = koa();
|
||
|
var publicKey = fs.readFileSync('demo.rsa.pub');
|
||
|
var privateKey = fs.readFileSync('demo.rsa');
|
||
|
|
||
|
// JWT Error Catcher
|
||
|
app.use(function *(next) {
|
||
|
try {
|
||
|
yield next; //Attempt to go through the JWT Validator
|
||
|
} catch(e) {
|
||
|
if (e.status == 401 ) {
|
||
|
// Prepare response to user.
|
||
|
this.status = e.status;
|
||
|
this.body = 'You don\'t have a signed token dude :('
|
||
|
} else {
|
||
|
throw e; // Pass the error to the next handler since it wasn't a JWT error.
|
||
|
}
|
||
|
}
|
||
|
});
|
||
|
|
||
|
// Public endpoint to login.
|
||
|
app.use(function *(next) {
|
||
|
if (this.url.match(/^\/login/)) {
|
||
|
var claims = yield parse(this);
|
||
|
var token = jwt.sign(claims, privateKey, {algorithm: 'RS256'});
|
||
|
this.status = 200;
|
||
|
this.body = {token: token};
|
||
|
} else {
|
||
|
yield next;
|
||
|
}
|
||
|
});
|
||
|
|
||
|
// Everything behind this will be protected.
|
||
|
app.use(jwt({
|
||
|
secret: publicKey,
|
||
|
algorithm: 'RS256'
|
||
|
}));
|
||
|
|
||
|
app.use(function *() {
|
||
|
this.status = 200;
|
||
|
this.body = 'You are logged in dude! Welcome!';
|
||
|
});
|
||
|
|
||
|
app.listen(3000);
|
||
|
</code></pre>
|
||
|
|
||
|
|
||
|
<pre><code class="bash">
|
||
|
$ node app.js
|
||
|
----------------
|
||
|
$ curl -X POST -H "Content-Type: application/json" localhost:3000/login -d '{"username": "elbuo8"}'
|
||
|
</code></pre>
|
||
|
|
||
|
|
||
|
https://sendgrid.com/blog/json-web-tokens-koa-js/
|