akkoma/lib/pleroma/plugs/http_signature.ex

# Pleroma: A lightweight social networking server
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only

defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do
  import Plug.Conn
  import Phoenix.Controller, only: [get_format: 1, text: 2]
  require Logger

  def init(options) do
    options
  end

  def call(%{assigns: %{valid_signature: true}} = conn, _opts) do
    conn
  end

  def call(conn, _opts) do
    if get_format(conn) == "activity+json" do
      conn
      |> maybe_assign_valid_signature()
      |> maybe_require_signature()
    else
      conn
    end
  end

  defp maybe_assign_valid_signature(conn) do
    if has_signature_header?(conn) do
      # set (request-target) header to the appropriate value
      # we also replace the digest header with the one we computed
      request_target = String.downcase("#{conn.method}") <> " #{conn.request_path}"

      conn =
        conn
        |> put_req_header("(request-target)", request_target)
        |> case do
          %{assigns: %{digest: digest}} = conn -> put_req_header(conn, "digest", digest)
          conn -> conn
        end

      assign(conn, :valid_signature, HTTPSignatures.validate_conn(conn))
    else
      Logger.debug("No signature header!")
      conn
    end
  end

  defp has_signature_header?(conn) do
    conn |> get_req_header("signature") |> Enum.at(0, false)
  end

  defp maybe_require_signature(%{assigns: %{valid_signature: true}} = conn), do: conn

  defp maybe_require_signature(conn) do
    if Pleroma.Config.get([:activitypub, :authorized_fetch_mode], false) do
      conn
      |> put_status(:unauthorized)
      |> text("Request not signed")
      |> halt()
    else
      conn
    end
  end
end
add license boilerplate to pleroma core 2018-12-23 20:04:54 +00:00			`# Pleroma: A lightweight social networking server`
Bump copyright years of files changed after 2020-01-07 Done via the following command: git diff fcd5dd259a1700a045be902b43391b0d1bd58a5b --stat --name-only \| xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>' 2020-03-02 05:08:45 +00:00			`# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>`
add license boilerplate to pleroma core 2018-12-23 20:04:54 +00:00			`# SPDX-License-Identifier: AGPL-3.0-only`

Add plug to validate signed http requests. 2017-12-12 09:17:21 +00:00			`defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do`
			`import Plug.Conn`
Verify HTTP signatures only when request accepts "activity+json" type 2019-12-19 13:17:18 +00:00			`import Phoenix.Controller, only: [get_format: 1, text: 2]`
More logging. 2018-02-22 13:57:35 +00:00			`require Logger`
Add plug to validate signed http requests. 2017-12-12 09:17:21 +00:00
			`def init(options) do`
			`options`
			`end`

Fix a bunch of unused variable warnings 2018-05-04 20:59:01 +00:00			`def call(%{assigns: %{valid_signature: true}} = conn, _opts) do`
HttpSignature Plug: Skip if already valid. 2018-02-15 18:58:26 +00:00			`conn`
			`end`

Fix a bunch of unused variable warnings 2018-05-04 20:59:01 +00:00			`def call(conn, _opts) do`
Verify HTTP signatures only when request accepts "activity+json" type 2019-12-19 13:17:18 +00:00			`if get_format(conn) == "activity+json" do`
			`conn`
			`\|> maybe_assign_valid_signature()`
			`\|> maybe_require_signature()`
			`else`
			`conn`
			`end`
Add an option to require fetches to be signed 2019-12-16 15:24:03 +00:00			`end`
More signature debugging. 2018-03-11 13:37:23 +00:00
Add an option to require fetches to be signed 2019-12-16 15:24:03 +00:00			`defp maybe_assign_valid_signature(conn) do`
			`if has_signature_header?(conn) do`
http signature plug: remove redundant checks handled by HTTPSignatures library the redundant checks assumed a POST request, which will not work for signed GETs. this check was originally needed because the HTTPSignatures adapter assumed that the requests were also POST requests. but now, the adapter has been corrected. 2019-07-18 15:06:58 +00:00			`# set (request-target) header to the appropriate value`
			`# we also replace the digest header with the one we computed`
Add an option to require fetches to be signed 2019-12-16 15:24:03 +00:00			`request_target = String.downcase("#{conn.method}") <> " #{conn.request_path}"`
Add plug to validate signed http requests. 2017-12-12 09:17:21 +00:00
http signature plug: remove redundant checks handled by HTTPSignatures library the redundant checks assumed a POST request, which will not work for signed GETs. this check was originally needed because the HTTPSignatures adapter assumed that the requests were also POST requests. but now, the adapter has been corrected. 2019-07-18 15:06:58 +00:00			`conn =`
Add an option to require fetches to be signed 2019-12-16 15:24:03 +00:00			`conn`
			`\|> put_req_header("(request-target)", request_target)`
			`\|> case do`
			`%{assigns: %{digest: digest}} = conn -> put_req_header(conn, "digest", digest)`
			`conn -> conn`
http signature plug: remove redundant checks handled by HTTPSignatures library the redundant checks assumed a POST request, which will not work for signed GETs. this check was originally needed because the HTTPSignatures adapter assumed that the requests were also POST requests. but now, the adapter has been corrected. 2019-07-18 15:06:58 +00:00			`end`
Fail faster. 2018-04-02 11:13:14 +00:00
http signature plug: remove redundant checks handled by HTTPSignatures library the redundant checks assumed a POST request, which will not work for signed GETs. this check was originally needed because the HTTPSignatures adapter assumed that the requests were also POST requests. but now, the adapter has been corrected. 2019-07-18 15:06:58 +00:00			`assign(conn, :valid_signature, HTTPSignatures.validate_conn(conn))`
			`else`
			`Logger.debug("No signature header!")`
			`conn`
Add plug to validate signed http requests. 2017-12-12 09:17:21 +00:00			`end`
			`end`
Add an option to require fetches to be signed 2019-12-16 15:24:03 +00:00
			`defp has_signature_header?(conn) do`
			`conn \|> get_req_header("signature") \|> Enum.at(0, false)`
			`end`

			`defp maybe_require_signature(%{assigns: %{valid_signature: true}} = conn), do: conn`

			`defp maybe_require_signature(conn) do`
			`if Pleroma.Config.get([:activitypub, :authorized_fetch_mode], false) do`
			`conn`
			`\|> put_status(:unauthorized)`
Verify HTTP signatures only when request accepts "activity+json" type 2019-12-19 13:17:18 +00:00			`\|> text("Request not signed")`
Add an option to require fetches to be signed 2019-12-16 15:24:03 +00:00			`\|> halt()`
			`else`
			`conn`
			`end`
			`end`
Add plug to validate signed http requests. 2017-12-12 09:17:21 +00:00			`end`