fix: move location of GenerateSignature

internal/api/hooks.go

@@ -4,7 +4,6 @@ import (
 	"bytes"
 	"context"
 	"encoding/json"
-	"errors"
 	"fmt"
 	"io"
 	"net"
@@ -15,8 +14,8 @@ import (
 	"time"
 
 	"github.com/gofrs/uuid"
-	standardwebhooks "github.com/standard-webhooks/standard-webhooks/libraries/go"
 	"github.com/supabase/auth/internal/conf"
+	"github.com/supabase/auth/internal/crypto"
 
 	"github.com/sirupsen/logrus"
 	"github.com/supabase/auth/internal/hooks"
@@ -25,9 +24,8 @@ import (
 )
 
 const (
-	SymmetricSignaturePrefix = "v1,"
-	DefaultHTTPHookTimeout   = 5 * time.Second
-	DefaultHTTPHookRetries   = 3
+	DefaultHTTPHookTimeout = 5 * time.Second
+	DefaultHTTPHookRetries = 3
 )
 
 func (a *API) runPostgresHook(ctx context.Context, tx *storage.Connection, name string, input, output any) ([]byte, error) {
@@ -90,16 +88,13 @@ func (a *API) runHTTPHook(hookConfig conf.ExtensibilityPointConfiguration, input
 		return nil, err
 	}
 
-	if isOverSizeLimit(inputPayload) {
-		return nil, internalServerError("Over size limit")
-	}
 	startTime := time.Now()
 
 	for i := 0; i < DefaultHTTPHookRetries; i++ {
 		hookLog.Infof("invocation attempt: %d", i)
 		msgID := uuid.Must(uuid.NewV4())
 		currentTime := time.Now()
-		signatureList, err := generateSignatures(hookConfig.HTTPHookSecrets, msgID, currentTime, inputPayload)
+		signatureList, err := crypto.GenerateSignatures(hookConfig.HTTPHookSecrets, msgID, currentTime, inputPayload)
 		if err != nil {
 			return nil, err
 		}
@@ -169,28 +164,6 @@ func (a *API) runHTTPHook(hookConfig conf.ExtensibilityPointConfiguration, input
 	return nil, internalServerError("error executing hook")
 }
 
-func generateSignatures(secrets []string, msgID uuid.UUID, currentTime time.Time, inputPayload []byte) ([]string, error) {
-	// TODO(joel): Handle asymmetric case once library has been upgraded
-	var signatureList []string
-	for _, secret := range secrets {
-		if strings.HasPrefix(secret, SymmetricSignaturePrefix) {
-			trimmedSecret := strings.TrimPrefix(secret, SymmetricSignaturePrefix)
-			wh, err := standardwebhooks.NewWebhook(trimmedSecret)
-			if err != nil {
-				return nil, err
-			}
-			signature, err := wh.Sign(msgID.String(), currentTime, inputPayload)
-			if err != nil {
-				return nil, err
-			}
-			signatureList = append(signatureList, signature)
-		} else {
-			return nil, errors.New("invalid signature format")
-		}
-	}
-	return signatureList, nil
-}
-
 func watchForConnection(req *http.Request) (*connectionWatcher, *http.Request) {
 	w := new(connectionWatcher)
 	t := &httptrace.ClientTrace{

internal/crypto/crypto.go

@@ -9,6 +9,11 @@ import (
 	"math"
 	"math/big"
 	"strconv"
+	"strings"
+	"time"
+
+	"github.com/gofrs/uuid"
+	standardwebhooks "github.com/standard-webhooks/standard-webhooks/libraries/go"
 
 	"github.com/pkg/errors"
 )
@@ -41,3 +46,26 @@ func GenerateOtp(digits int) (string, error) {
 func GenerateTokenHash(emailOrPhone, otp string) string {
 	return fmt.Sprintf("%x", sha256.Sum224([]byte(emailOrPhone+otp)))
 }
+
+func GenerateSignatures(secrets []string, msgID uuid.UUID, currentTime time.Time, inputPayload []byte) ([]string, error) {
+	SymmetricSignaturePrefix := "v1,"
+	// TODO(joel): Handle asymmetric case once library has been upgraded
+	var signatureList []string
+	for _, secret := range secrets {
+		if strings.HasPrefix(secret, SymmetricSignaturePrefix) {
+			trimmedSecret := strings.TrimPrefix(secret, SymmetricSignaturePrefix)
+			wh, err := standardwebhooks.NewWebhook(trimmedSecret)
+			if err != nil {
+				return nil, err
+			}
+			signature, err := wh.Sign(msgID.String(), currentTime, inputPayload)
+			if err != nil {
+				return nil, err
+			}
+			signatureList = append(signatureList, signature)
+		} else {
+			return nil, errors.New("invalid signature format")
+		}
+	}
+	return signatureList, nil
+}