lib/pleroma/web/plugs/http_signature_plug.ex

@@ -54,6 +54,16 @@ def maybe_put_created_psudoheader(conn) do
     end
   end
 
+  def maybe_put_expires_psudoheader(conn) do
+    case HTTPSignatures.signature_for_conn(conn) do
+      %{"expires" => expires} ->
+        put_req_header(conn, "(expires)", expires)
+
+      _ ->
+        conn
+    end
+  end
+
   defp assign_valid_signature_on_route_aliases(conn, []), do: conn
 
   defp assign_valid_signature_on_route_aliases(%{assigns: %{valid_signature: true}} = conn, _),
@@ -66,6 +76,7 @@ defp assign_valid_signature_on_route_aliases(conn, [path | rest]) do
       conn
       |> put_req_header("(request-target)", request_target)
       |> maybe_put_created_psudoheader()
+      |> maybe_put_expires_psudoheader()
       |> case do
         %{assigns: %{digest: digest}} = conn -> put_req_header(conn, "digest", digest)
         conn -> conn

test/pleroma/web/plugs/http_signature_plug_test.exs

@@ -19,9 +19,10 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlugTest do
      [
        signature_for_conn: fn _ ->
          %{
-            "keyId" => "http://mastodon.example.org/users/admin#main-key",
+           "keyId" => "http://mastodon.example.org/users/admin#main-key",
-            "created" => "1234567890",
+           "created" => "1234567890",
-          }
+           "expires" => "1234567890"
+         }
        end,
        validate_conn: fn conn ->
          Map.get(conn.assigns, :valid_signature, true)
@@ -151,4 +152,11 @@ test "(created) psudoheader", _ do
     created_header = List.keyfind(conn.req_headers, "(created)", 0)
     assert {_, "1234567890"} = created_header
   end
+
+  test "(expires) psudoheader", _ do
+    conn = build_conn(:get, "/doesntmattter")
+    conn = HTTPSignaturePlug.maybe_put_expires_psudoheader(conn)
+    expires_header = List.keyfind(conn.req_headers, "(expires)", 0)
+    assert {_, "1234567890"} = expires_header
+  end
 end