HTTPSig: Add method to validate conn

author Roger Braun <roger@rogerbraun.net>

Mon, 11 Dec 2017 09:37:40 +0000 (10:37 +0100)

committer Roger Braun <roger@rogerbraun.net>

Mon, 11 Dec 2017 09:37:40 +0000 (10:37 +0100)
author Roger Braun <roger@rogerbraun.net>
Mon, 11 Dec 2017 09:37:40 +0000 (10:37 +0100)
committer Roger Braun <roger@rogerbraun.net>
Mon, 11 Dec 2017 09:37:40 +0000 (10:37 +0100)
diff --git a/lib/pleroma/web/http_signatures/http_signatures.ex b/lib/pleroma/web/http_signatures/http_signatures.ex

index 65a344e0b14b8c7524fb180fbe73ff7a1b7c1af9..8603cb6712ed0d74a747c7732c83d2912108649a 100644 (file)
--- a/lib/pleroma/web/http_signatures/http_signatures.ex
+++ b/lib/pleroma/web/http_signatures/http_signatures.ex
@@ -21,6 +21,12 @@ defmodule Pleroma.Web.HTTPSignatures do
      verify = :public_key.verify(sigstring, :sha256, sig, public_key)
    end
  
+  def validate_conn(conn, public_key) do
+    headers = Enum.into(conn.req_headers, %{})
+    signature = split_signature(headers["signature"])
+    validate(headers, signature, public_key)
+  end
+
    def build_signing_string(headers, used_headers) do
      used_headers
      |> Enum.map(fn (header) -> "#{header}: #{headers[header]}" end)
diff --git a/test/web/http_sigs/http_sig_test.exs b/test/web/http_sigs/http_sig_test.exs

index d684060fc5d068816870064a6bb7d2b32b27c964..bd9e10b656d09e2f47c8fb24a842f7e4b7aaba95 100644 (file)
--- a/test/web/http_sigs/http_sig_test.exs
+++ b/test/web/http_sigs/http_sig_test.exs
@@ -63,4 +63,27 @@ defmodule Pleroma.Web.HTTPSignaturesTest do
      expected = "date: Thu, 05 Jan 2014 21:31:40 GMT\ncontent-length: 18"
      assert expected == HTTPSignatures.build_signing_string(@headers, ["date", "content-length"])
    end
+
+  test "it validates a conn" do
+    public_key_pem = "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGb42rPZIapY4Hfhxrgn\nxKVJczBkfDviCrrYaYjfGxawSw93dWTUlenCVTymJo8meBlFgIQ70ar4rUbzl6GX\nMYvRdku072d1WpglNHXkjKPkXQgngFDrh2sGKtNB/cEtJcAPRO8OiCgPFqRtMiNM\nc8VdPfPdZuHEIZsJ/aUM38EnqHi9YnVDQik2xxDe3wPghOhqjxUM6eLC9jrjI+7i\naIaEygUdyst9qVg8e2FGQlwAeS2Eh8ygCxn+bBlT5OyV59jSzbYfbhtF2qnWHtZy\nkL7KOOwhIfGs7O9SoR2ZVpTEQ4HthNzainIe/6iCR5HGrao/T8dygweXFYRv+k5A\nPQIDAQAB\n-----END PUBLIC KEY-----\n"
+    [public_key] = :public_key.pem_decode(public_key_pem)
+
+    public_key = public_key
+    |> :public_key.pem_entry_decode()
+
+    conn = %{
+      req_headers: [
+        {"host", "localtesting.pleroma.lol"},
+        {"connection", "close"},
+        {"content-length", "2316"},
+        {"user-agent", "http.rb/2.2.2 (Mastodon/2.1.0.rc3; +http://mastodon.example.org/)"},
+        {"date", "Sun, 10 Dec 2017 14:23:49 GMT"},
+        {"digest", "SHA-256=x/bHADMW8qRrq2NdPb5P9fl0lYpKXXpe5h5maCIL0nM="},
+        {"content-type", "application/activity+json"},
+        {"(request-target)", "post /users/demiurge/inbox"},
+        {"signature", "keyId=\"http://mastodon.example.org/users/admin#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) user-agent host date digest content-type\",signature=\"i0FQvr51sj9BoWAKydySUAO1RDxZmNY6g7M62IA7VesbRSdFZZj9/fZapLp6YSuvxUF0h80ZcBEq9GzUDY3Chi9lx6yjpUAS2eKb+Am/hY3aswhnAfYd6FmIdEHzsMrpdKIRqO+rpQ2tR05LwiGEHJPGS0p528NvyVxrxMT5H5yZS5RnxY5X2HmTKEgKYYcvujdv7JWvsfH88xeRS7Jlq5aDZkmXvqoR4wFyfgnwJMPLel8P/BUbn8BcXglH/cunR0LUP7sflTxEz+Rv5qg+9yB8zgBsB4C0233WpcJxjeD6Dkq0EcoJObBR56F8dcb7NQtUDu7x6xxzcgSd7dHm5w==\""}]
+    }
+
+    assert HTTPSignatures.validate_conn(conn, public_key)
+  end
  end
author	Roger Braun <roger@rogerbraun.net>
	Mon, 11 Dec 2017 09:37:40 +0000 (10:37 +0100)
committer	Roger Braun <roger@rogerbraun.net>
	Mon, 11 Dec 2017 09:37:40 +0000 (10:37 +0100)
lib/pleroma/web/http_signatures/http_signatures.ex		patch \| blob \| history
test/web/http_sigs/http_sig_test.exs		patch \| blob \| history