diff options
author | Chocobozzz <me@florianbigard.com> | 2018-10-19 11:41:19 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2018-10-19 12:59:52 +0200 |
commit | f7509cbec875ec4ee3201cce08839f2a02676c1c (patch) | |
tree | 5dbfcff41a175aa7d4b7d396ca90fe26049d0164 /server/middlewares/validators | |
parent | 333210d862fdba4bb114b756d4f964789f480196 (diff) | |
download | PeerTube-f7509cbec875ec4ee3201cce08839f2a02676c1c.tar.gz PeerTube-f7509cbec875ec4ee3201cce08839f2a02676c1c.tar.zst PeerTube-f7509cbec875ec4ee3201cce08839f2a02676c1c.zip |
Add HTTP signature check before linked signature
It's faster, and will allow us to use RSA signature 2018 (with upstream
jsonld-signature module) without too much incompatibilities in the
peertube federation
Diffstat (limited to 'server/middlewares/validators')
-rw-r--r-- | server/middlewares/validators/activitypub/signature.ts | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/server/middlewares/validators/activitypub/signature.ts b/server/middlewares/validators/activitypub/signature.ts index 4efe9aafa..be14e92ea 100644 --- a/server/middlewares/validators/activitypub/signature.ts +++ b/server/middlewares/validators/activitypub/signature.ts | |||
@@ -9,10 +9,18 @@ import { logger } from '../../../helpers/logger' | |||
9 | import { areValidationErrors } from '../utils' | 9 | import { areValidationErrors } from '../utils' |
10 | 10 | ||
11 | const signatureValidator = [ | 11 | const signatureValidator = [ |
12 | body('signature.type').custom(isSignatureTypeValid).withMessage('Should have a valid signature type'), | 12 | body('signature.type') |
13 | body('signature.created').custom(isDateValid).withMessage('Should have a valid signature created date'), | 13 | .optional() |
14 | body('signature.creator').custom(isSignatureCreatorValid).withMessage('Should have a valid signature creator'), | 14 | .custom(isSignatureTypeValid).withMessage('Should have a valid signature type'), |
15 | body('signature.signatureValue').custom(isSignatureValueValid).withMessage('Should have a valid signature value'), | 15 | body('signature.created') |
16 | .optional() | ||
17 | .custom(isDateValid).withMessage('Should have a valid signature created date'), | ||
18 | body('signature.creator') | ||
19 | .optional() | ||
20 | .custom(isSignatureCreatorValid).withMessage('Should have a valid signature creator'), | ||
21 | body('signature.signatureValue') | ||
22 | .optional() | ||
23 | .custom(isSignatureValueValid).withMessage('Should have a valid signature value'), | ||
16 | 24 | ||
17 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | 25 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
18 | logger.debug('Checking activitypub signature parameter', { parameters: { signature: req.body.signature } }) | 26 | logger.debug('Checking activitypub signature parameter', { parameters: { signature: req.body.signature } }) |