mirror
/
federation
kopia lustrzana https://gitlab.com/jaywink/federation
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Fix a regression that broke GET requests signature verification.

ap-processing-improvements
Alain St-Denis 2023-07-10 08:24:33 -04:00
rodzic 6d885a5c40
commit 1f8d4ac93f
2 zmienionych plików z 12 dodań i 4 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

8
federation/entities/activitypub/django/views.py
Wyświetl plik

@ -2,7 +2,7 @@ from cryptography.exceptions import InvalidSignature
from django.http import JsonResponse, HttpResponse, HttpResponseNotFound from django.http import JsonResponse, HttpResponse, HttpResponseNotFound
from federation.entities.activitypub.mappers import get_outbound_entity from federation.entities.activitypub.mappers import get_outbound_entity
from federation.protocols.activitypub.signing import verify_request_signature from federation.protocols.activitypub.protocol import Protocol
from federation.types import RequestType from federation.types import RequestType
from federation.utils.django import get_function_from_config from federation.utils.django import get_function_from_config
@ -23,9 +23,11 @@ def get_and_verify_signer(request):
body=request.body, body=request.body,
method=request.method, method=request.method,
headers=request.headers) headers=request.headers)
protocol = Protocol(request=req, get_contact_key=get_public_key)
try: try:
return verify_request_signature(req) protocol.verify()
except ValueError: return protocol.sender
except (ValueError, KeyError, InvalidSignature) as exc:
return None return None

8
federation/protocols/activitypub/protocol.py
Wyświetl plik

@ -49,6 +49,11 @@ class Protocol:
sender = None sender = None
user = None user = None
def __init__(self, request=None, get_contact_key=None):
# this is required for calls to verify on GET requests
self.request = request
self.get_contact_key = get_contact_key
def build_send(self, entity: BaseEntity, from_user: UserType, to_user_key: RsaKey = None) -> Union[str, Dict]: def build_send(self, entity: BaseEntity, from_user: UserType, to_user_key: RsaKey = None) -> Union[str, Dict]:
""" """
Build POST data for sending out to remotes. Build POST data for sending out to remotes.
@ -109,10 +114,11 @@ class Protocol:
signer = get_profile(key_id=sig.get('keyId')) signer = get_profile(key_id=sig.get('keyId'))
if not signer: if not signer:
signer = retrieve_and_parse_document(sig.get('keyId')) signer = retrieve_and_parse_document(sig.get('keyId'))
print(sig, signer)
self.sender = signer.id if signer else self.actor self.sender = signer.id if signer else self.actor
key = getattr(signer, 'public_key', None) key = getattr(signer, 'public_key', None)
if not key: if not key:
key = self.get_contact_key(self.actor) if self.get_contact_key else '' key = self.get_contact_key(self.actor) if self.get_contact_key and self.actor else ''
if key: if key:
# fallback to the author's key the client app may have provided # fallback to the author's key the client app may have provided
logger.warning("Failed to retrieve keyId for %s, trying the actor's key", sig.get('keyId')) logger.warning("Failed to retrieve keyId for %s, trying the actor's key", sig.get('keyId'))