[feat] check inbox signature
Some checks failed
ci/woodpecker/push/lint Pipeline failed
ci/woodpecker/push/test Pipeline was successful

This commit is contained in:
SouthFox 2023-06-19 14:34:03 +08:00
parent 7027a4a07a
commit 0f9761ff5c
3 changed files with 44 additions and 4 deletions

11
demo/actor.py Normal file
View file

@ -0,0 +1,11 @@
#!/usr/bin/env python3
"""ActivityPub Actor"""
import demo.activitypub as ap
def fetch_actor(
actor_url: str,
) -> dict:
"""Fetch actor"""
ap_object = ap.fetch(actor_url)
return ap_object

View file

@ -8,7 +8,7 @@ from dataclasses import dataclass
from Crypto.Hash import SHA256
from Crypto.Signature import PKCS1_v1_5
from Crypto.PublicKey import RSA
from httpx import Headers
from werkzeug.datastructures import Headers
@dataclass

View file

@ -1,19 +1,48 @@
"""Request checker"""
import json
from flask import Request, abort
from demo.httpsig import HttpSignature
from demo.httpsig import HttpSignature, SignedData
from demo.actor import fetch_actor
def inbox_prechecker(
request: Request,
) -> bool:
"""Inbox request prechecker"""
payload = request.headers
ap_body = request.data
try:
payload = request.headers
parsec_signature = HttpSignature.parse_signature(
payload["signature"]
)
print(parsec_signature)
except KeyError:
abort(401, "Missing signature key!")
actor_id = request.get_json()["actor"]
actor = fetch_actor(actor_id)
try:
pub_key = actor["publicKey"]["publicKeyPem"]
except json.JSONDecodeError:
raise ValueError
except KeyError:
print("actore gone?")
raise KeyError
sigdate = SignedData(
method = request.method,
path = request.path,
signed_list = parsec_signature["headers"],
body_digest = HttpSignature.calculation_digest(ap_body),
headers = request.headers,
)
is_verify = HttpSignature.verify_signature(
HttpSignature.build_signature_string(sigdate),
parsec_signature["signature"],
pub_key,
)
print(is_verify)
return True