diff options
author | Chocobozzz <me@florianbigard.com> | 2018-10-19 11:41:19 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2018-10-19 12:59:52 +0200 |
commit | f7509cbec875ec4ee3201cce08839f2a02676c1c (patch) | |
tree | 5dbfcff41a175aa7d4b7d396ca90fe26049d0164 /server/lib | |
parent | 333210d862fdba4bb114b756d4f964789f480196 (diff) | |
download | PeerTube-f7509cbec875ec4ee3201cce08839f2a02676c1c.tar.gz PeerTube-f7509cbec875ec4ee3201cce08839f2a02676c1c.tar.zst PeerTube-f7509cbec875ec4ee3201cce08839f2a02676c1c.zip |
Add HTTP signature check before linked signature
It's faster, and will allow us to use RSA signature 2018 (with upstream
jsonld-signature module) without too much incompatibilities in the
peertube federation
Diffstat (limited to 'server/lib')
-rw-r--r-- | server/lib/job-queue/handlers/utils/activitypub-http-utils.ts | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts b/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts index d71c91a24..fd9c74341 100644 --- a/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts +++ b/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts | |||
@@ -2,6 +2,7 @@ import { buildSignedActivity } from '../../../../helpers/activitypub' | |||
2 | import { getServerActor } from '../../../../helpers/utils' | 2 | import { getServerActor } from '../../../../helpers/utils' |
3 | import { ActorModel } from '../../../../models/activitypub/actor' | 3 | import { ActorModel } from '../../../../models/activitypub/actor' |
4 | import { sha256 } from '../../../../helpers/core-utils' | 4 | import { sha256 } from '../../../../helpers/core-utils' |
5 | import { HTTP_SIGNATURE } from '../../../../initializers' | ||
5 | 6 | ||
6 | type Payload = { body: any, signatureActorId?: number } | 7 | type Payload = { body: any, signatureActorId?: number } |
7 | 8 | ||
@@ -29,11 +30,11 @@ async function buildSignedRequestOptions (payload: Payload) { | |||
29 | 30 | ||
30 | const keyId = actor.getWebfingerUrl() | 31 | const keyId = actor.getWebfingerUrl() |
31 | return { | 32 | return { |
32 | algorithm: 'rsa-sha256', | 33 | algorithm: HTTP_SIGNATURE.ALGORITHM, |
33 | authorizationHeaderName: 'Signature', | 34 | authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME, |
34 | keyId, | 35 | keyId, |
35 | key: actor.privateKey, | 36 | key: actor.privateKey, |
36 | headers: [ 'date', 'host', 'digest', '(request-target)' ] | 37 | headers: HTTP_SIGNATURE.HEADERS_TO_SIGN |
37 | } | 38 | } |
38 | } | 39 | } |
39 | 40 | ||