2018-12-23 21:04:54 +01:00
|
|
|
# Pleroma: A lightweight social networking server
|
2018-12-31 16:41:47 +01:00
|
|
|
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
2018-12-23 21:04:54 +01:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
2017-12-12 10:17:21 +01:00
|
|
|
defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do
|
|
|
|
import Plug.Conn
|
2018-02-22 14:57:35 +01:00
|
|
|
require Logger
|
2017-12-12 10:17:21 +01:00
|
|
|
|
|
|
|
def init(options) do
|
|
|
|
options
|
|
|
|
end
|
|
|
|
|
2018-05-04 22:59:01 +02:00
|
|
|
def call(%{assigns: %{valid_signature: true}} = conn, _opts) do
|
2018-02-15 19:58:26 +01:00
|
|
|
conn
|
|
|
|
end
|
|
|
|
|
2018-05-04 22:59:01 +02:00
|
|
|
def call(conn, _opts) do
|
2019-09-12 21:40:53 +02:00
|
|
|
headers = get_req_header(conn, "signature")
|
|
|
|
signature = Enum.at(headers, 0)
|
2018-03-11 14:37:23 +01:00
|
|
|
|
2019-07-18 17:06:58 +02:00
|
|
|
if signature do
|
|
|
|
# set (request-target) header to the appropriate value
|
|
|
|
# we also replace the digest header with the one we computed
|
|
|
|
conn =
|
|
|
|
conn
|
|
|
|
|> put_req_header(
|
|
|
|
"(request-target)",
|
|
|
|
String.downcase("#{conn.method}") <> " #{conn.request_path}"
|
|
|
|
)
|
2017-12-12 10:17:21 +01:00
|
|
|
|
2019-07-18 17:06:58 +02:00
|
|
|
conn =
|
|
|
|
if conn.assigns[:digest] do
|
|
|
|
conn
|
|
|
|
|> put_req_header("digest", conn.assigns[:digest])
|
|
|
|
else
|
|
|
|
conn
|
|
|
|
end
|
2018-04-02 13:13:14 +02:00
|
|
|
|
2019-07-18 17:06:58 +02:00
|
|
|
assign(conn, :valid_signature, HTTPSignatures.validate_conn(conn))
|
|
|
|
else
|
|
|
|
Logger.debug("No signature header!")
|
|
|
|
conn
|
2017-12-12 10:17:21 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|