COSCUP-ap-demo/demo/utils/checker.py

"""Request checker"""
import json

from flask import Request, abort
from demo.httpsig import HttpSignature, SignedData
from demo.actor import fetch_actor
from app import logger
from pprint import pformat


def inbox_prechecker(
        request: Request,
) -> bool:
    """Inbox request prechecker"""
    try:
        json_payload = request.json
    except json.JSONDecodeError:
        abort(401, "no activity+json request!")

    headers = request.headers
    payload = request.data
    logger.info(f"new request \n{pformat(json_payload)}\n{pformat({k: v for k, v in request.headers})}")

    try:
        parsed_signature = HttpSignature.parse_signature(
            headers["signature"]
        )
    except KeyError:
        abort(401, "Missing signature key!")

    actor_id = request.get_json()["actor"]
    actor = fetch_actor(actor_id)

    try:
        pub_key = actor["publicKey"]["publicKeyPem"]
    except json.JSONDecodeError as exc:
        raise ValueError from exc
    except KeyError as exc:
        print("actore gone?")
        raise KeyError from exc

    sigdate = SignedData(
        method = request.method,
        path = request.path,
        signed_list = parsed_signature["headers"],
        body_digest = HttpSignature.calculation_digest(payload),
        headers = request.headers,
    )

    is_verify = HttpSignature.verify_signature(
        HttpSignature.build_signature_string(sigdate),
        parsed_signature["signature"],
        pub_key,
    )

    return is_verify
[lint] miss checker docstring 2023-06-13 08:14:28 +02:00			`"""Request checker"""`
[feat] check inbox signature 2023-06-19 08:34:03 +02:00			`import json`

[feat] process inbox request 2023-06-13 08:11:29 +02:00			`from flask import Request, abort`
[feat] check inbox signature 2023-06-19 08:34:03 +02:00			`from demo.httpsig import HttpSignature, SignedData`
			`from demo.actor import fetch_actor`
[feat] inbox checker add logger 2023-07-27 16:11:43 +02:00			`from app import logger`
[feat] pprint inbox log 2023-07-27 16:25:38 +02:00			`from pprint import pformat`
[feat] process inbox request 2023-06-13 08:11:29 +02:00

			`def inbox_prechecker(`
			`request: Request,`
			`) -> bool:`
[lint] miss checker docstring 2023-06-13 08:14:28 +02:00			`"""Inbox request prechecker"""`
[feat] pprint inbox log 2023-07-27 16:25:38 +02:00			`try:`
			`json_payload = request.json`
			`except json.JSONDecodeError:`
			`abort(401, "no activity+json request!")`

[feat] inbox checker add logger 2023-07-27 16:11:43 +02:00			`headers = request.headers`
			`payload = request.data`
[feat] pprint inbox log 2023-07-27 16:25:38 +02:00			`logger.info(f"new request \n{pformat(json_payload)}\n{pformat({k: v for k, v in request.headers})}")`

[feat] process inbox request 2023-06-13 08:11:29 +02:00			`try:`
[fix] rename function name & fix sign verify 2023-07-11 18:13:28 +02:00			`parsed_signature = HttpSignature.parse_signature(`
[feat] inbox checker add logger 2023-07-27 16:11:43 +02:00			`headers["signature"]`
[feat] process inbox request 2023-06-13 08:11:29 +02:00			`)`
			`except KeyError:`
			`abort(401, "Missing signature key!")`

[feat] check inbox signature 2023-06-19 08:34:03 +02:00			`actor_id = request.get_json()["actor"]`
			`actor = fetch_actor(actor_id)`

			`try:`
			`pub_key = actor["publicKey"]["publicKeyPem"]`
[lint] fix checker:raise-missing-from 2023-06-19 08:55:56 +02:00			`except json.JSONDecodeError as exc:`
			`raise ValueError from exc`
			`except KeyError as exc:`
[feat] check inbox signature 2023-06-19 08:34:03 +02:00			`print("actore gone?")`
[lint] fix checker:raise-missing-from 2023-06-19 08:55:56 +02:00			`raise KeyError from exc`
[feat] check inbox signature 2023-06-19 08:34:03 +02:00
			`sigdate = SignedData(`
			`method = request.method,`
			`path = request.path,`
[fix] rename function name & fix sign verify 2023-07-11 18:13:28 +02:00			`signed_list = parsed_signature["headers"],`
[feat] inbox checker add logger 2023-07-27 16:11:43 +02:00			`body_digest = HttpSignature.calculation_digest(payload),`
[feat] check inbox signature 2023-06-19 08:34:03 +02:00			`headers = request.headers,`
			`)`

			`is_verify = HttpSignature.verify_signature(`
			`HttpSignature.build_signature_string(sigdate),`
[fix] rename function name & fix sign verify 2023-07-11 18:13:28 +02:00			`parsed_signature["signature"],`
[feat] check inbox signature 2023-06-19 08:34:03 +02:00			`pub_key,`
			`)`

[fix] rename function name & fix sign verify 2023-07-11 18:13:28 +02:00			`return is_verify`