func()

in internal/auth/auth_code.go [66:104]

• 31 lines of code
• 8 McCabe index (conditional complexity)

func (a *Auth) DecryptCode(jwt, domain string) (string, error) {
	claims, err := a.parseJWTClaims(jwt)
	if err != nil {
		return "", err
	}

	// get nonce and encryptedCode from the JWT claims
	encodedNonce, ok := claims["nonce"].(string)
	if !ok {
		return "", errInvalidNonce
	}

	nonce, err := base64.URLEncoding.DecodeString(encodedNonce)
	if err != nil {
		return "", errInvalidNonce
	}

	encryptedCode, ok := claims["code"].(string)
	if !ok {
		return "", errInvalidCode
	}

	cipherText, err := hex.DecodeString(encryptedCode)
	if err != nil {
		return "", err
	}

	aesGcm, err := a.newAesGcmCipher(domain, nonce)
	if err != nil {
		return "", err
	}

	decryptedCode, err := aesGcm.Open(nil, nonce, cipherText, nil)
	if err != nil {
		return "", err
	}

	return string(decryptedCode), nil
}