From 842f8ac96402d89a6adb66c9667c2121fbb721c7 Mon Sep 17 00:00:00 2001
From: Ryan Barrett <git@ryanb.org>
Date: Sun, 16 Apr 2023 16:35:31 -0700
Subject: [PATCH] temporary: assume HTTP Signature algorithm=hs2019 means
 rsa-sha256

still trying to figure this out. see https://github.com/snarfed/bridgy-fed/issues/430#issuecomment-1510462267, https://arewehs2019yet.vpzom.click/ , etc.
---
 activitypub.py | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/activitypub.py b/activitypub.py
index 546bfec..1a8250a 100644
--- a/activitypub.py
+++ b/activitypub.py
@@ -151,10 +151,17 @@ class ActivityPub(Protocol):
         logger.info(f'Headers: {json_dumps(dict(request.headers), indent=2)}')
 
         # parse_signature_header lower-cases all keys
-        keyId = fragmentless(parse_signature_header(sig).get('keyid'))
+        sig_fields = parse_signature_header(sig)
+        keyId = fragmentless(sig_fields.get('keyid'))
         if not keyId:
             error('HTTP Signature missing keyId', status=401)
 
+        # TODO: right now, assume hs2019 is rsa-sha256 🤷
+        # https://github.com/snarfed/bridgy-fed/issues/430#issuecomment-1510462267
+        # https://arewehs2019yet.vpzom.click/
+        if sig_fields.get('algorithm') == 'hs2019':
+            sig_fields['algorithm'] = 'rsa-sha256'
+
         digest = request.headers.get('Digest') or ''
         if not digest:
             error('Missing Digest header, required for HTTP Signature', status=401)