1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do
7 import Phoenix.Controller, only: [get_format: 1, text: 2]
9 alias Pleroma.Web.Router
16 def call(%{assigns: %{valid_signature: true}} = conn, _opts) do
20 def call(conn, _opts) do
21 if get_format(conn) == "activity+json" do
23 |> maybe_assign_valid_signature()
24 |> maybe_require_signature()
30 def route_aliases(%{path_info: ["objects", id]} = conn) do
31 ap_id = Router.Helpers.o_status_url(Pleroma.Web.Endpoint, :object, id)
33 with %Activity{} = activity <- Activity.get_by_object_ap_id_with_object(ap_id) do
34 ["/notice/#{activity.id}"]
40 def route_aliases(_), do: []
42 defp assign_valid_signature_on_route_aliases(conn, []), do: conn
44 defp assign_valid_signature_on_route_aliases(%{assigns: %{valid_signature: true}} = conn, _),
47 defp assign_valid_signature_on_route_aliases(conn, [path | rest]) do
48 request_target = String.downcase("#{conn.method}") <> " #{path}"
52 |> put_req_header("(request-target)", request_target)
54 %{assigns: %{digest: digest}} = conn -> put_req_header(conn, "digest", digest)
59 |> assign(:valid_signature, HTTPSignatures.validate_conn(conn))
60 |> assign_valid_signature_on_route_aliases(rest)
63 defp maybe_assign_valid_signature(conn) do
64 if has_signature_header?(conn) do
65 # set (request-target) header to the appropriate value
66 # we also replace the digest header with the one we computed
67 possible_paths = route_aliases(conn) ++ [conn.request_path]
68 assign_valid_signature_on_route_aliases(conn, possible_paths)
70 Logger.debug("No signature header!")
75 defp has_signature_header?(conn) do
76 conn |> get_req_header("signature") |> Enum.at(0, false)
79 defp maybe_require_signature(%{assigns: %{valid_signature: true}} = conn), do: conn
81 defp maybe_require_signature(conn) do
82 if Pleroma.Config.get([:activitypub, :authorized_fetch_mode], false) do
84 |> put_status(:unauthorized)
85 |> text("Request not signed")