From 0709d8deb9145f65540c530d884c17b6114ade9b Mon Sep 17 00:00:00 2001 From: Izalia Mae Date: Wed, 27 Mar 2024 12:52:58 -0400 Subject: [PATCH] remove unnecessary ActorView.validate_signature method --- relay/application.py | 4 ++-- relay/views/activitypub.py | 35 +++-------------------------------- 2 files changed, 5 insertions(+), 34 deletions(-) diff --git a/relay/application.py b/relay/application.py index e312692..cd8f89a 100644 --- a/relay/application.py +++ b/relay/application.py @@ -65,7 +65,7 @@ class Application(web.Application): Application.DEFAULT = self - self['running'] = None + self['running'] = False self['signer'] = None self['start_time'] = None self['cleanup_thread'] = None @@ -142,7 +142,7 @@ class Application(web.Application): return timedelta(seconds=uptime.seconds) - def push_message(self, inbox: str, message: Message, instance: Row) -> None: + def push_message(self, inbox: str, message: Message | bytes, instance: Row) -> None: self['push_queue'].put((inbox, message, instance)) diff --git a/relay/views/activitypub.py b/relay/views/activitypub.py index 9f8afb0..fe87181 100644 --- a/relay/views/activitypub.py +++ b/relay/views/activitypub.py @@ -3,6 +3,7 @@ from __future__ import annotations import aputils import traceback import typing +import json from .base import View, register_route @@ -71,7 +72,7 @@ class ActorView(View): async def get_post_data(self) -> Response | None: try: - self.signature = aputils.Signature.new_from_signature(self.request.headers['signature']) + self.signature = aputils.Signature.parse(self.request.headers['signature']) except KeyError: logging.verbose('Missing signature header') @@ -116,7 +117,7 @@ class ActorView(View): return Response.new_error(400, 'actor missing public key', 'json') try: - self.validate_signature(await self.request.read()) + await self.signer.validate_aiohttp_request(self.request) except aputils.SignatureFailureError as e: logging.verbose('signature validation failed for "%s": %s', self.actor.id, e) @@ -125,36 +126,6 @@ class ActorView(View): return None - def validate_signature(self, body: bytes) -> None: - headers = {key.lower(): value for key, value in self.request.headers.items()} - headers["(request-target)"] = " ".join([self.request.method.lower(), self.request.path]) - - if (digest := aputils.Digest.new_from_digest(headers.get("digest"))): - if not body: - raise aputils.SignatureFailureError("Missing body for digest verification") - - if not digest.validate(body): - raise aputils.SignatureFailureError("Body digest does not match") - - if self.signature.algorithm_type == aputils.AlgorithmType.HS2019: - if self.signature.created is None or self.signature.expires is None: - raise aputils.SignatureFailureError("Missing 'created' or 'expireds' parameter") - - current_timestamp = aputils.HttpDate.new_utc().timestamp() - - if self.signature.created > current_timestamp: - raise aputils.SignatureFailureError("Creation date after current date") - - if self.signature.expires < current_timestamp: - raise aputils.SignatureFailureError("Signature has expired") - - headers["(created)"] = str(self.signature.created) - headers["(expires)"] = str(self.signature.expires) - - if not self.signer._validate_signature(headers, self.signature): - raise aputils.SignatureFailureError("Signature does not match") - - @register_route('/.well-known/webfinger') class WebfingerView(View): async def get(self, request: Request) -> Response: