git.squeep.com Git - akkoma/blob - lib/pleroma/plugs/http_signature.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do
   6   import Plug.Conn
   7   require Logger
   8
   9   def init(options) do
  10     options
  11   end
  12
  13   def call(%{assigns: %{valid_signature: true}} = conn, _opts) do
  14     conn
  15   end
  16
  17   def call(conn, _opts) do
  18     headers = get_req_header(conn, "signature")
  19     signature = Enum.at(headers, 0)
  20
  21     if signature do
  22       # set (request-target) header to the appropriate value
  23       # we also replace the digest header with the one we computed
  24       conn =
  25         conn
  26         |> put_req_header(
  27           "(request-target)",
  28           String.downcase("#{conn.method}") <> " #{conn.request_path}"
  29         )
  30
  31       conn =
  32         if conn.assigns[:digest] do
  33           conn
  34           |> put_req_header("digest", conn.assigns[:digest])
  35         else
  36           conn
  37         end
  38
  39       assign(conn, :valid_signature, HTTPSignatures.validate_conn(conn))
  40     else
  41       Logger.debug("No signature header!")
  42       conn
  43     end
  44   end
  45 end