SplitAPIToken verifies the format of an API key and returns the split ID and secret. APIKeys are formatted: ${ID}-${SECRET}
(token string)
| 976 | // |
| 977 | // APIKeys are formatted: ${ID}-${SECRET} |
| 978 | func SplitAPIToken(token string) (id string, secret string, err error) { |
| 979 | parts := strings.Split(token, "-") |
| 980 | if len(parts) != 2 { |
| 981 | return "", "", xerrors.Errorf("incorrect amount of API key parts, expected 2 got %d", len(parts)) |
| 982 | } |
| 983 | |
| 984 | // Ensure key lengths are valid. |
| 985 | keyID := parts[0] |
| 986 | keySecret := parts[1] |
| 987 | if len(keyID) != 10 { |
| 988 | return "", "", xerrors.Errorf("invalid API key ID length, expected 10 got %d", len(keyID)) |
| 989 | } |
| 990 | if len(keySecret) != 22 { |
| 991 | return "", "", xerrors.Errorf("invalid API key secret length, expected 22 got %d", len(keySecret)) |
| 992 | } |
| 993 | |
| 994 | return keyID, keySecret, nil |
| 995 | } |
| 996 | |
| 997 | // RedirectToLogin redirects the user to the login page with the `message` and |
| 998 | // `redirect` query parameters set. |