make 2fa UI less awful

[akkoma] / lib / pleroma / web / plugs / digest_plug.ex

diff --git a/lib/pleroma/web/plugs/digest_plug.ex b/lib/pleroma/web/plugs/digest_plug.ex
index b521b30732460910a7c8f24dfe29291293b451fb..d72f8073c3223000e0e23d8a4dd590d64d6c4492 100644 (file)
--- a/lib/pleroma/web/plugs/digest_plug.ex
+++ b/lib/pleroma/web/plugs/digest_plug.ex
@@ -1,5 +1,5 @@
 # Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.Plugs.DigestPlug do
@@ -7,8 +7,22 @@ defmodule Pleroma.Web.Plugs.DigestPlug do
   require Logger
 
   def read_body(conn, opts) do
+    digest_algorithm =
+      with [digest_header] <- Conn.get_req_header(conn, "digest") do
+        digest_header
+        |> String.split("=", parts: 2)
+        |> List.first()
+      else
+        _ -> "SHA-256"
+      end
+
+    unless String.downcase(digest_algorithm) == "sha-256" do
+      raise ArgumentError,
+        message: "invalid value for digest algorithm, got: #{digest_algorithm}"
+    end
+
     {:ok, body, conn} = Conn.read_body(conn, opts)
-    digest = "SHA-256=" <> (:crypto.hash(:sha256, body) |> Base.encode64())
-    {:ok, body, Conn.assign(conn, :digest, digest)}
+    encoded_digest = :crypto.hash(:sha256, body) |> Base.encode64()
+    {:ok, body, Conn.assign(conn, :digest, "#{digest_algorithm}=#{encoded_digest}")}
   end
 end