Skip to content

Commit

Permalink
#32 Fix signing AP requests (#39)
Browse files Browse the repository at this point in the history
  • Loading branch information
@mczachurski
mczachurski authored Apr 12, 2024
1 parent 494fdc6 commit e9d9b9b
Show file tree
Hide file tree
Showing 6 changed files with 24 additions and 24 deletions.
16 changes: 6 additions & 10 deletions Sources/ActivityPubKit/Networking/TargetType.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,24 +106,24 @@ extension [Header: String] {
let signedHeaders = self.getSignedHeaders(headers: selfCopy, body: body, httpMethod: httpMethod, httpPath: httpPath)

// Change string into ASCII data bytes.
let digest = signedHeaders.data(using: .ascii)!
let signedString = signedHeaders.data(using: .ascii)!

// Sign data headers with private actor key.
let privateKey = try? _RSA.Signing.PrivateKey(pemRepresentation: privateKeyPem)
let signature = try? privateKey?.signature(for: digest, padding: .insecurePKCS1v1_5)
let signature = try? privateKey?.signature(for: signedString, padding: .insecurePKCS1v1_5)

// Change data signatures into base64 string.
let singnatureBase64 = signature?.rawRepresentation.base64EncodedString() ?? ""

if body != nil {
selfCopy[.signature] =
"""
keyId="\(actorId)#main-key",headers="(request-target) host date digest content-type user-agent",algorithm="rsa-sha256",signature="\(singnatureBase64)"
keyId="\(actorId)#main-key",headers="(request-target) host date digest",algorithm="rsa-sha256",signature="\(singnatureBase64)"
"""
} else {
selfCopy[.signature] =
"""
keyId="\(actorId)#main-key",headers="(request-target) host date content-type user-agent",algorithm="rsa-sha256",signature="\(singnatureBase64)"
keyId="\(actorId)#main-key",headers="(request-target) host date",algorithm="rsa-sha256",signature="\(singnatureBase64)"
"""
}

Expand All @@ -134,21 +134,17 @@ keyId="\(actorId)#main-key",headers="(request-target) host date content-type use
if body != nil {
return
"""
(request-target): \(httpMethod.rawValue.lowercased()) \(httpPath.lowercased())
(request-target): \(httpMethod.rawValue.lowercased()) \(httpPath)
host: \(headers[.host] ?? "")
date: \(headers[.date] ?? "")
digest: \(headers[.digest] ?? "")
content-type: \(headers[.contentType] ?? "")
user-agent: \(headers[.userAgent] ?? "")
"""
} else {
return
"""
(request-target): \(httpMethod.rawValue.lowercased()) \(httpPath.lowercased())
(request-target): \(httpMethod.rawValue.lowercased()) \(httpPath)
host: \(headers[.host] ?? "")
date: \(headers[.date] ?? "")
content-type: \(headers[.contentType] ?? "")
user-agent: \(headers[.userAgent] ?? "")
"""
}
}
Expand Down
14 changes: 7 additions & 7 deletions Sources/ActivityPubKit/Targets/Notes.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ extension ActivityPub.Notes: TargetType {
privateKeyPem: privateKeyPem,
body: self.httpBody,
httpMethod: self.method,
httpPath: path.lowercased(),
httpPath: path,
userAgent: userAgent,
host: host)
case .create(_, let activityPubProfile, let privateKeyPem, let path, let userAgent, let host):
Expand All @@ -49,7 +49,7 @@ extension ActivityPub.Notes: TargetType {
privateKeyPem: privateKeyPem,
body: self.httpBody,
httpMethod: self.method,
httpPath: path.lowercased(),
httpPath: path,
userAgent: userAgent,
host: host)
case .announce(_, let activityPubProfile, _, _, _, let privateKeyPem, let path, let userAgent, let host):
Expand All @@ -58,7 +58,7 @@ extension ActivityPub.Notes: TargetType {
privateKeyPem: privateKeyPem,
body: self.httpBody,
httpMethod: self.method,
httpPath: path.lowercased(),
httpPath: path,
userAgent: userAgent,
host: host)
case .unannounce(_, let activityPubProfile, _, _, _, let privateKeyPem, let path, let userAgent, let host):
Expand All @@ -67,7 +67,7 @@ extension ActivityPub.Notes: TargetType {
privateKeyPem: privateKeyPem,
body: self.httpBody,
httpMethod: self.method,
httpPath: path.lowercased(),
httpPath: path,
userAgent: userAgent,
host: host)
case .like(_, let actorId, _, let privateKeyPem, let path, let userAgent, let host):
Expand All @@ -76,7 +76,7 @@ extension ActivityPub.Notes: TargetType {
privateKeyPem: privateKeyPem,
body: self.httpBody,
httpMethod: self.method,
httpPath: path.lowercased(),
httpPath: path,
userAgent: userAgent,
host: host)
case .unlike(_, let actorId, _, let privateKeyPem, let path, let userAgent, let host):
Expand All @@ -85,7 +85,7 @@ extension ActivityPub.Notes: TargetType {
privateKeyPem: privateKeyPem,
body: self.httpBody,
httpMethod: self.method,
httpPath: path.lowercased(),
httpPath: path,
userAgent: userAgent,
host: host)
case .delete(let actorId, _, let privateKeyPem, let path, let userAgent, let host):
Expand All @@ -94,7 +94,7 @@ extension ActivityPub.Notes: TargetType {
privateKeyPem: privateKeyPem,
body: self.httpBody,
httpMethod: self.method,
httpPath: path.lowercased(),
httpPath: path,
userAgent: userAgent,
host: host)
}
Expand Down
2 changes: 1 addition & 1 deletion Sources/ActivityPubKit/Targets/Person.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ extension ActivityPub.Person: TargetType {
privateKeyPem: privateKeyPem,
body: self.httpBody,
httpMethod: self.method,
httpPath: path.lowercased(),
httpPath: path,
userAgent: userAgent,
host: host)
}
Expand Down
10 changes: 5 additions & 5 deletions Sources/ActivityPubKit/Targets/Users.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ extension ActivityPub.Users: TargetType {
privateKeyPem: privateKeyPem,
body: self.httpBody,
httpMethod: self.method,
httpPath: path.lowercased(),
httpPath: path,
userAgent: userAgent,
host: host)
case .unfollow(let sourceActorId, _, let privateKeyPem, let path, let userAgent, let host, _):
Expand All @@ -49,7 +49,7 @@ extension ActivityPub.Users: TargetType {
privateKeyPem: privateKeyPem,
body: self.httpBody,
httpMethod: self.method,
httpPath: path.lowercased(),
httpPath: path,
userAgent: userAgent,
host: host)
case .accept(_, let targetActorId, let privateKeyPem, let path, let userAgent, let host, _, _):
Expand All @@ -58,7 +58,7 @@ extension ActivityPub.Users: TargetType {
privateKeyPem: privateKeyPem,
body: self.httpBody,
httpMethod: self.method,
httpPath: path.lowercased(),
httpPath: path,
userAgent: userAgent,
host: host)
case .reject(_, let targetActorId, let privateKeyPem, let path, let userAgent, let host, _, _):
Expand All @@ -67,7 +67,7 @@ extension ActivityPub.Users: TargetType {
privateKeyPem: privateKeyPem,
body: self.httpBody,
httpMethod: self.method,
httpPath: path.lowercased(),
httpPath: path,
userAgent: userAgent,
host: host)
case .delete(let actorId, let privateKeyPem, let path, let userAgent, let host):
Expand All @@ -76,7 +76,7 @@ extension ActivityPub.Users: TargetType {
privateKeyPem: privateKeyPem,
body: self.httpBody,
httpMethod: self.method,
httpPath: path.lowercased(),
httpPath: path,
userAgent: userAgent,
host: host)
}
Expand Down
2 changes: 1 addition & 1 deletion Sources/VernissageServer/Constants.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ public final class Constants {
public static let name = "Vernissage"
public static let version = "1.0.0-alpha1"
public static let applicationName = "\(Constants.name) \(Constants.version)"
public static let userAgent = "(\(Constants.name)/\(Constants.version)"
public static let userAgent = "(\(Constants.name)/\(Constants.version))"
public static let requestMetadata = "Request body"
public static let twoFactorTokenHeader = "X-Auth-2FA"
}
4 changes: 4 additions & 0 deletions Sources/VernissageServer/DataTransferObjects/ActivityPubRequestMethod.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,10 @@ import ActivityPubKit

public enum ActivityPubRequestMethod: String {
case post = "post"
case get = "get"
case delete = "delete"
case put = "put"
case patch = "patch"
}

extension ActivityPubRequestMethod: Content { }

0 comments on commit e9d9b9b

Please sign in to comment.