diff options
| author | Chocobozzz <me@florianbigard.com> | 2018-10-19 11:41:19 +0200 |
|---|---|---|
| committer | Chocobozzz <me@florianbigard.com> | 2018-10-19 12:26:37 +0200 |
| commit | 41f2ebae4f970932fb62d2d8923b1f776f0b1494 (patch) | |
| tree | 9e3f89e6363fc63e77d352f07956d1b6ff0cacda /server/lib/job-queue | |
| parent | d23e6a1c97a6ae3ca8d340a8c9adad268a5be57e (diff) | |
| download | PeerTube-41f2ebae4f970932fb62d2d8923b1f776f0b1494.tar.gz PeerTube-41f2ebae4f970932fb62d2d8923b1f776f0b1494.tar.zst PeerTube-41f2ebae4f970932fb62d2d8923b1f776f0b1494.zip | |
Add HTTP signature check before linked signature
It's faster, and will allow us to use RSA signature 2018 (with upstream
jsonld-signature module) without too much incompatibilities in the
peertube federation
Diffstat (limited to 'server/lib/job-queue')
| -rw-r--r-- | server/lib/job-queue/handlers/utils/activitypub-http-utils.ts | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts b/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts index d71c91a24..fd9c74341 100644 --- a/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts +++ b/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts | |||
| @@ -2,6 +2,7 @@ import { buildSignedActivity } from '../../../../helpers/activitypub' | |||
| 2 | import { getServerActor } from '../../../../helpers/utils' | 2 | import { getServerActor } from '../../../../helpers/utils' |
| 3 | import { ActorModel } from '../../../../models/activitypub/actor' | 3 | import { ActorModel } from '../../../../models/activitypub/actor' |
| 4 | import { sha256 } from '../../../../helpers/core-utils' | 4 | import { sha256 } from '../../../../helpers/core-utils' |
| 5 | import { HTTP_SIGNATURE } from '../../../../initializers' | ||
| 5 | 6 | ||
| 6 | type Payload = { body: any, signatureActorId?: number } | 7 | type Payload = { body: any, signatureActorId?: number } |
| 7 | 8 | ||
| @@ -29,11 +30,11 @@ async function buildSignedRequestOptions (payload: Payload) { | |||
| 29 | 30 | ||
| 30 | const keyId = actor.getWebfingerUrl() | 31 | const keyId = actor.getWebfingerUrl() |
| 31 | return { | 32 | return { |
| 32 | algorithm: 'rsa-sha256', | 33 | algorithm: HTTP_SIGNATURE.ALGORITHM, |
| 33 | authorizationHeaderName: 'Signature', | 34 | authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME, |
| 34 | keyId, | 35 | keyId, |
| 35 | key: actor.privateKey, | 36 | key: actor.privateKey, |
| 36 | headers: [ 'date', 'host', 'digest', '(request-target)' ] | 37 | headers: HTTP_SIGNATURE.HEADERS_TO_SIGN |
| 37 | } | 38 | } |
| 38 | } | 39 | } |
| 39 | 40 | ||