func()

in internal/command/lfstransfer/gitlab_backend.go [155:213]

• 57 lines of code
• 9 McCabe index (conditional complexity)

func (b *GitlabBackend) parseAndCheckBatchArgs(op, oid, id, token string) (href string, headers map[string]string, err error) {
	if id == "" {
		return "", nil, &errCustom{
			err:     transfer.ErrParseError,
			message: "missing id",
		}
	}
	if token == "" {
		return "", nil, &errCustom{
			err:     transfer.ErrUnauthorized,
			message: "missing token",
		}
	}
	idBinary, err := base64.StdEncoding.DecodeString(id)
	if err != nil {
		return "", nil, &errCustom{
			err:     transfer.ErrParseError,
			message: "invalid id",
		}
	}
	tokenBinary, err := base64.StdEncoding.DecodeString(token)
	if err != nil {
		return "", nil, &errCustom{
			err:     transfer.ErrParseError,
			message: "invalid token",
		}
	}
	h := hmac.New(sha256.New, []byte(b.config.Secret))
	h.Write(idBinary)
	if !hmac.Equal(tokenBinary, h.Sum(nil)) {
		return "", nil, &errCustom{
			err:     transfer.ErrForbidden,
			message: "token hash mismatch",
		}
	}

	idData := &idData{}
	err = json.Unmarshal(idBinary, idData)
	if err != nil {
		return "", nil, &errCustom{
			err:     transfer.ErrParseError,
			message: "invalid id",
		}
	}
	if idData.Operation != op {
		return "", nil, &errCustom{
			err:     transfer.ErrForbidden,
			message: "invalid operation",
		}
	}
	if idData.Oid != oid {
		return "", nil, &errCustom{
			err:     transfer.ErrForbidden,
			message: "invalid oid",
		}
	}

	return idData.Href, idData.Headers, nil
}