diff options
author | Chocobozzz <me@florianbigard.com> | 2018-10-19 11:41:19 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2018-10-19 12:26:37 +0200 |
commit | 41f2ebae4f970932fb62d2d8923b1f776f0b1494 (patch) | |
tree | 9e3f89e6363fc63e77d352f07956d1b6ff0cacda /server/lib/job-queue/handlers/utils | |
parent | d23e6a1c97a6ae3ca8d340a8c9adad268a5be57e (diff) | |
download | PeerTube-41f2ebae4f970932fb62d2d8923b1f776f0b1494.tar.gz PeerTube-41f2ebae4f970932fb62d2d8923b1f776f0b1494.tar.zst PeerTube-41f2ebae4f970932fb62d2d8923b1f776f0b1494.zip |
Add HTTP signature check before linked signature
It's faster, and will allow us to use RSA signature 2018 (with upstream
jsonld-signature module) without too much incompatibilities in the
peertube federation
Diffstat (limited to 'server/lib/job-queue/handlers/utils')
-rw-r--r-- | server/lib/job-queue/handlers/utils/activitypub-http-utils.ts | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts b/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts index d71c91a24..fd9c74341 100644 --- a/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts +++ b/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts | |||
@@ -2,6 +2,7 @@ import { buildSignedActivity } from '../../../../helpers/activitypub' | |||
2 | import { getServerActor } from '../../../../helpers/utils' | 2 | import { getServerActor } from '../../../../helpers/utils' |
3 | import { ActorModel } from '../../../../models/activitypub/actor' | 3 | import { ActorModel } from '../../../../models/activitypub/actor' |
4 | import { sha256 } from '../../../../helpers/core-utils' | 4 | import { sha256 } from '../../../../helpers/core-utils' |
5 | import { HTTP_SIGNATURE } from '../../../../initializers' | ||
5 | 6 | ||
6 | type Payload = { body: any, signatureActorId?: number } | 7 | type Payload = { body: any, signatureActorId?: number } |
7 | 8 | ||
@@ -29,11 +30,11 @@ async function buildSignedRequestOptions (payload: Payload) { | |||
29 | 30 | ||
30 | const keyId = actor.getWebfingerUrl() | 31 | const keyId = actor.getWebfingerUrl() |
31 | return { | 32 | return { |
32 | algorithm: 'rsa-sha256', | 33 | algorithm: HTTP_SIGNATURE.ALGORITHM, |
33 | authorizationHeaderName: 'Signature', | 34 | authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME, |
34 | keyId, | 35 | keyId, |
35 | key: actor.privateKey, | 36 | key: actor.privateKey, |
36 | headers: [ 'date', 'host', 'digest', '(request-target)' ] | 37 | headers: HTTP_SIGNATURE.HEADERS_TO_SIGN |
37 | } | 38 | } |
38 | } | 39 | } |
39 | 40 | ||