git.squeep.com Git - akkoma/blob - lib/pleroma/plugs/http_signature.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do
   6   alias Pleroma.Web.ActivityPub.Utils
   7   import Plug.Conn
   8   require Logger
   9
  10   def init(options) do
  11     options
  12   end
  13
  14   def call(%{assigns: %{valid_signature: true}} = conn, _opts) do
  15     conn
  16   end
  17
  18   def call(conn, _opts) do
  19     user = Utils.get_ap_id(conn.params["actor"])
  20     Logger.debug("Checking sig for #{user}")
  21     [signature | _] = get_req_header(conn, "signature")
  22
  23     cond do
  24       signature && String.contains?(signature, user) ->
  25         # set (request-target) header to the appropriate value
  26         # we also replace the digest header with the one we computed
  27         conn =
  28           conn
  29           |> put_req_header(
  30             "(request-target)",
  31             String.downcase("#{conn.method}") <> " #{conn.request_path}"
  32           )
  33
  34         conn =
  35           if conn.assigns[:digest] do
  36             conn
  37             |> put_req_header("digest", conn.assigns[:digest])
  38           else
  39             conn
  40           end
  41
  42         assign(conn, :valid_signature, HTTPSignatures.validate_conn(conn))
  43
  44       signature ->
  45         Logger.debug("Signature not from actor")
  46         assign(conn, :valid_signature, false)
  47
  48       true ->
  49         Logger.debug("No signature header!")
  50         conn
  51     end
  52   end
  53 end