Update http signature

pull/2393/head
Chocobozzz 2020-01-07 15:24:27 +01:00
parent 7cde3b9c2e
commit e92269053e
No known key found for this signature in database
GPG Key ID: 583A612D890159BE
6 changed files with 29 additions and 9 deletions

View File

@ -122,7 +122,7 @@
"fluent-ffmpeg": "^2.1.0", "fluent-ffmpeg": "^2.1.0",
"fs-extra": "^8.0.1", "fs-extra": "^8.0.1",
"helmet": "^3.12.1", "helmet": "^3.12.1",
"http-signature": "1.2.0", "http-signature": "1.3.1",
"ip-anonymize": "^0.1.0", "ip-anonymize": "^0.1.0",
"ipaddr.js": "1.9.1", "ipaddr.js": "1.9.1",
"is-cidr": "^3.0.0", "is-cidr": "^3.0.0",

View File

@ -70,12 +70,20 @@ const lru = new AsyncLRU({
}) })
} }
nodeDocumentLoader(url, cb) nodeDocumentLoader(url)
.then(value => cb(null, value))
.catch(err => cb(err))
} }
}) })
jsonld.documentLoader = (url, cb) => { jsonld.documentLoader = (url) => {
lru.get(url, cb) return new Promise((res, rej) => {
lru.get(url, (err, value) => {
if (err) return rej(err)
return res(value)
})
})
} }
export { jsonld } export { jsonld }

View File

@ -51,7 +51,7 @@ function isHTTPSignatureVerified (httpSignatureParsed: any, actor: MActor): bool
} }
function parseHTTPSignature (req: Request, clockSkew?: number) { function parseHTTPSignature (req: Request, clockSkew?: number) {
return httpSignature.parse(req, { authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME, clockSkew }) return httpSignature.parse(req, { clockSkew })
} }
// JSONLD // JSONLD

View File

@ -20,6 +20,8 @@ async function processActivityPubHttpUnicast (job: Bull.Job) {
const body = await computeBody(payload) const body = await computeBody(payload)
const httpSignatureOptions = await buildSignedRequestOptions(payload) const httpSignatureOptions = await buildSignedRequestOptions(payload)
logger.info('hello', { httpSignatureOptions })
const options = { const options = {
method: 'POST', method: 'POST',
uri, uri,

View File

@ -51,10 +51,11 @@ export {
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
async function checkHttpSignature (req: Request, res: Response) { async function checkHttpSignature (req: Request, res: Response) {
// FIXME: mastodon does not include the Signature scheme // FIXME: compatibility with http-signature < v1.3
const sig = req.headers[HTTP_SIGNATURE.HEADER_NAME] as string const sig = req.headers[HTTP_SIGNATURE.HEADER_NAME] as string
if (sig && sig.startsWith('Signature ') === false) req.headers[HTTP_SIGNATURE.HEADER_NAME] = 'Signature ' + sig if (sig && sig.startsWith('Signature ') === true) req.headers[HTTP_SIGNATURE.HEADER_NAME] = sig.replace(/^Signature /, '')
logger.info('coucou', { signature: req.headers[HTTP_SIGNATURE.HEADER_NAME] })
const parsed = parseHTTPSignature(req, HTTP_SIGNATURE.CLOCK_SKEW_SECONDS) const parsed = parseHTTPSignature(req, HTTP_SIGNATURE.CLOCK_SKEW_SECONDS)
const keyId = parsed.keyId const keyId = parsed.keyId

View File

@ -3092,7 +3092,16 @@ http-parser-js@^0.4.3:
resolved "https://registry.yarnpkg.com/http-parser-js/-/http-parser-js-0.4.13.tgz#3bd6d6fde6e3172c9334c3b33b6c193d80fe1137" resolved "https://registry.yarnpkg.com/http-parser-js/-/http-parser-js-0.4.13.tgz#3bd6d6fde6e3172c9334c3b33b6c193d80fe1137"
integrity sha1-O9bW/ebjFyyTNMOzO2wZPYD+ETc= integrity sha1-O9bW/ebjFyyTNMOzO2wZPYD+ETc=
http-signature@1.2.0, http-signature@~1.2.0: http-signature@1.3.1:
version "1.3.1"
resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.3.1.tgz#739fe2f8897ba84798e3e54b699a9008a8724ff9"
integrity sha512-Y29YKEc8MQsjch/VzkUVJ+2MXd9WcR42fK5u36CZf4G8bXw2DXMTWuESiB0R6m59JAWxlPPw5/Fri/t/AyyueA==
dependencies:
assert-plus "^1.0.0"
jsprim "^1.2.2"
sshpk "^1.14.1"
http-signature@~1.2.0:
version "1.2.0" version "1.2.0"
resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.2.0.tgz#9aecd925114772f3d95b65a60abb8f7c18fbace1" resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.2.0.tgz#9aecd925114772f3d95b65a60abb8f7c18fbace1"
integrity sha1-muzZJRFHcvPZW2WmCruPfBj7rOE= integrity sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=
@ -6057,7 +6066,7 @@ srt-to-vtt@^1.1.2:
through2 "^0.6.3" through2 "^0.6.3"
to-utf-8 "^1.2.0" to-utf-8 "^1.2.0"
sshpk@^1.7.0: sshpk@^1.14.1, sshpk@^1.7.0:
version "1.16.1" version "1.16.1"
resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.16.1.tgz#fb661c0bef29b39db40769ee39fa70093d6f6877" resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.16.1.tgz#fb661c0bef29b39db40769ee39fa70093d6f6877"
integrity sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg== integrity sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==