kopia lustrzana https://gitlab.com/jaywink/federation
Fix a regression that broke GET requests signature verification.
rodzic
6d885a5c40
commit
1f8d4ac93f
|
@ -2,7 +2,7 @@ from cryptography.exceptions import InvalidSignature
|
|||
from django.http import JsonResponse, HttpResponse, HttpResponseNotFound
|
||||
|
||||
from federation.entities.activitypub.mappers import get_outbound_entity
|
||||
from federation.protocols.activitypub.signing import verify_request_signature
|
||||
from federation.protocols.activitypub.protocol import Protocol
|
||||
from federation.types import RequestType
|
||||
from federation.utils.django import get_function_from_config
|
||||
|
||||
|
@ -23,9 +23,11 @@ def get_and_verify_signer(request):
|
|||
body=request.body,
|
||||
method=request.method,
|
||||
headers=request.headers)
|
||||
protocol = Protocol(request=req, get_contact_key=get_public_key)
|
||||
try:
|
||||
return verify_request_signature(req)
|
||||
except ValueError:
|
||||
protocol.verify()
|
||||
return protocol.sender
|
||||
except (ValueError, KeyError, InvalidSignature) as exc:
|
||||
return None
|
||||
|
||||
|
||||
|
|
|
@ -49,6 +49,11 @@ class Protocol:
|
|||
sender = None
|
||||
user = None
|
||||
|
||||
def __init__(self, request=None, get_contact_key=None):
|
||||
# this is required for calls to verify on GET requests
|
||||
self.request = request
|
||||
self.get_contact_key = get_contact_key
|
||||
|
||||
def build_send(self, entity: BaseEntity, from_user: UserType, to_user_key: RsaKey = None) -> Union[str, Dict]:
|
||||
"""
|
||||
Build POST data for sending out to remotes.
|
||||
|
@ -109,10 +114,11 @@ class Protocol:
|
|||
signer = get_profile(key_id=sig.get('keyId'))
|
||||
if not signer:
|
||||
signer = retrieve_and_parse_document(sig.get('keyId'))
|
||||
print(sig, signer)
|
||||
self.sender = signer.id if signer else self.actor
|
||||
key = getattr(signer, 'public_key', None)
|
||||
if not key:
|
||||
key = self.get_contact_key(self.actor) if self.get_contact_key else ''
|
||||
key = self.get_contact_key(self.actor) if self.get_contact_key and self.actor else ''
|
||||
if key:
|
||||
# fallback to the author's key the client app may have provided
|
||||
logger.warning("Failed to retrieve keyId for %s, trying the actor's key", sig.get('keyId'))
|
||||
|
|
Ładowanie…
Reference in New Issue