signedurls.go

package signed

import (
	"crypto/hmac"
	"crypto/sha256"
	"crypto/sha512"
	"encoding/base64"
	"fmt"
	"hash"
	"net/http"
	"strconv"
	"time"

	"github.com/caddyserver/caddy/v2"
	"github.com/caddyserver/caddy/v2/caddyconfig/caddyfile"
	"github.com/caddyserver/caddy/v2/modules/caddyhttp"
	"go.uber.org/zap"
)

func init() {
	caddy.RegisterModule(SignedUrl{})
}

// SignedUrl is a Caddy request matcher that validates signed URLs using HMAC signatures.
//
// The signature is expected to be provided as a query parameter named "signature"
// or as an "X-Signature" header. The URL is considered valid if the signature
// matches the expected value computed using the secret key and the canonical
// URL (path + query string without the signature).
//
// Optionally, an "expires" query parameter can be included to specify a Unix
// timestamp after which the URL is no longer valid.
//
// The signature should be encoded using base64 URL encoding without padding.
//
// Example Caddyfile usage:
// ```
// 	    handle /static/thumbnails/* {
// 		@signed {
// 			signed_url {$SIGNED_URL_SECRET}
// 		}

//	 		handle @signed {
// 			root /data/files/thumbnails
// 			uri strip_prefix /static/thumbnails
// 			file_server
// 		}

//	 	handle {
//			respond "Unauthorized" 401
//		}
//	}
//
// ```
type SignedUrl struct {
	// The secret key used to sign URLs. This should be a strong, random string.
	Secret string `json:"secret,omitempty"`

	// The hash algorithm to use for signing. Supported values: "sha256" (default), "sha384", "sha512".
	Algorithm string `json:"algorithm,omitempty"`

	hashFunc func() hash.Hash
	logger   *zap.Logger
}

// CaddyModule returns the Caddy module information.
func (SignedUrl) CaddyModule() caddy.ModuleInfo {
	return caddy.ModuleInfo{
		ID:  "http.matchers.signed_url",
		New: func() caddy.Module { return new(SignedUrl) },
	}
}

func (s *SignedUrl) Provision(ctx caddy.Context) error {
	s.logger = ctx.Logger()

	// Set hash function
	switch s.Algorithm {
	case "", "sha256":
		s.hashFunc = sha256.New
	case "sha384":
		s.hashFunc = sha512.New384
	case "sha512":
		s.hashFunc = sha512.New
	default:
		return fmt.Errorf("unsupported algorithm: %s", s.Algorithm)
	}

	return nil
}

func (s *SignedUrl) Validate() error {
	if s.Secret == "" {
		return fmt.Errorf("secret is required")
	}

	s.logger.Debug("settings", zap.String("secret", s.Secret), zap.String("alg", s.Algorithm))
	return nil
}

func (s *SignedUrl) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
	d.Next() // consume directive name

	// --- handle single-line shorthand: signed_url "secret" ---
	args := d.RemainingArgs()
	if len(args) == 1 {
		s.Secret = args[0]
	} else if len(args) > 1 {
		return d.ArgErr()
	}

	// --- handle block options ---
	for nesting := d.Nesting(); d.NextBlock(nesting); {
		switch d.Val() {
		case "secret":
			if !d.NextArg() {
				return d.ArgErr()
			}
			if s.Secret != "" {
				return d.Err("secret already configured")
			}
			s.Secret = d.Val()

		case "algorithm":
			if !d.NextArg() {
				return d.ArgErr()
			}
			s.Algorithm = d.Val()

		default:
			return d.Errf("unknown subdirective '%s'", d.Val())
		}
	}

	return nil
}

func (s *SignedUrl) Match(r *http.Request) bool {
	match, err := s.MatchWithError(r)
	if err != nil {
		s.logger.Error("failed to validate signed URL", zap.Error(err))
	}

	return match
}

func (s *SignedUrl) MatchWithError(r *http.Request) (bool, error) {
	query := r.URL.Query()

	s.logger.Info("MatchWithError called",
		zap.String("path", r.URL.Path),
		zap.Any("query", query),
	)

	sigStr := r.URL.Query().Get("signature")
	if sigStr == "" {
		sigStr = r.Header.Get("X-Signature")
	}
	if sigStr == "" {
		s.logger.Warn("Missing signature", zap.String("path", r.URL.Path))
		return false, caddyhttp.Error(http.StatusBadRequest, fmt.Errorf("missing signature"))
	}

	s.logger.Debug("Signature", zap.String("sigStr", sigStr))

	sig, err := base64.RawURLEncoding.DecodeString(sigStr)
	if err != nil {
		s.logger.Debug("signature decode failed", zap.Error(err))
		return false, caddyhttp.Error(http.StatusBadRequest, fmt.Errorf("invalid signature encoding"))
	}

	// Construct canonical URL for signing
	// Build canonical path+query string
	q := r.URL.Query()
	q.Del("signature")

	canonical := r.URL.Path
	encoded := q.Encode()

	// Check expiration
	now := time.Now().Unix()
	expStr := r.URL.Query().Get("expires")
	if expStr != "" {
		exp, err := strconv.ParseInt(expStr, 10, 64)
		if err != nil {
			return false, caddyhttp.Error(http.StatusBadRequest, fmt.Errorf("invalid expires param"))
		}
		if now > exp {
			s.logger.Warn("URL expired", zap.String("url", canonical), zap.Int64("expires", exp))
			return false, caddyhttp.Error(http.StatusBadRequest, fmt.Errorf("URL expired"))
		}
	}

	if encoded != "" {
		canonical += "?" + encoded
	}

	if !s.verifySignature(canonical, sig) {
		s.logger.Debug("signature mismatch", zap.String("url", canonical))
		return false, caddyhttp.Error(http.StatusForbidden, fmt.Errorf("signature"))
	}

	return true, nil
}

func (s *SignedUrl) verifySignature(input string, sig []byte) bool {
	h := hmac.New(s.hashFunc, []byte(s.Secret))
	h.Write([]byte(input))
	expectedSig := h.Sum(nil)

	s.logger.Debug("verifying sig on input expected signature",
		zap.String("input", input),
		zap.String("signature", base64.RawURLEncoding.EncodeToString(expectedSig)),
	)

	return hmac.Equal(sig, expectedSig)
}

var (
	_ caddy.Provisioner                 = (*SignedUrl)(nil)
	_ caddy.Module                      = (*SignedUrl)(nil)
	_ caddyhttp.RequestMatcher          = (*SignedUrl)(nil)
	_ caddyhttp.RequestMatcherWithError = (*SignedUrl)(nil)
	_ caddyfile.Unmarshaler             = (*SignedUrl)(nil)
)