kopia lustrzana https://github.com/snarfed/bridgy-fed
incoming AP: allow missing HTTP Sig when DEBUG is on
rodzic
45d1468825
commit
44fee79838
|
@ -11,7 +11,7 @@ from granary import as1, as2
|
||||||
from httpsig import HeaderVerifier
|
from httpsig import HeaderVerifier
|
||||||
from httpsig.requests_auth import HTTPSignatureAuth
|
from httpsig.requests_auth import HTTPSignatureAuth
|
||||||
from httpsig.utils import parse_signature_header
|
from httpsig.utils import parse_signature_header
|
||||||
from oauth_dropins.webutil import flask_util, util
|
from oauth_dropins.webutil import appengine_info, flask_util, util
|
||||||
from oauth_dropins.webutil.util import fragmentless, json_dumps, json_loads
|
from oauth_dropins.webutil.util import fragmentless, json_dumps, json_loads
|
||||||
import requests
|
import requests
|
||||||
from werkzeug.exceptions import BadGateway
|
from werkzeug.exceptions import BadGateway
|
||||||
|
@ -267,6 +267,9 @@ class ActivityPub(User, Protocol):
|
||||||
headers = dict(request.headers) # copy so we can modify below
|
headers = dict(request.headers) # copy so we can modify below
|
||||||
sig = headers.get('Signature')
|
sig = headers.get('Signature')
|
||||||
if not sig:
|
if not sig:
|
||||||
|
if appengine_info.DEBUG:
|
||||||
|
logging.info('No HTTP Signature, allowing due to DEBUG=true')
|
||||||
|
return
|
||||||
error('No HTTP Signature', status=401)
|
error('No HTTP Signature', status=401)
|
||||||
|
|
||||||
logger.info('Verifying HTTP Signature')
|
logger.info('Verifying HTTP Signature')
|
||||||
|
|
|
@ -1017,6 +1017,7 @@ class ActivityPubTest(TestCase):
|
||||||
|
|
||||||
@patch('activitypub.logger.info', side_effect=logging.info)
|
@patch('activitypub.logger.info', side_effect=logging.info)
|
||||||
@patch('common.logger.info', side_effect=logging.info)
|
@patch('common.logger.info', side_effect=logging.info)
|
||||||
|
@patch('oauth_dropins.webutil.appengine_info.DEBUG', False)
|
||||||
def test_inbox_verify_http_signature(self, mock_common_log, mock_activitypub_log,
|
def test_inbox_verify_http_signature(self, mock_common_log, mock_activitypub_log,
|
||||||
_, mock_get, ___):
|
_, mock_get, ___):
|
||||||
# actor with a public key
|
# actor with a public key
|
||||||
|
|
Ładowanie…
Reference in New Issue