diff options
author | Vitaly Takmazov | 2018-12-20 09:26:12 +0300 |
---|---|---|
committer | Vitaly Takmazov | 2018-12-20 09:26:12 +0300 |
commit | 710aa95363bbd893d44eca39d3f7d5a101cb04b7 (patch) | |
tree | 96e32e6a30ec8c993bf487ecaf7fde594835d9b4 /src/main/java/com/juick/server/SignatureManager.java | |
parent | ecf4b707f74298618d019bb8108c25f8fc5ad4c6 (diff) |
SignatureManager refactoring
Diffstat (limited to 'src/main/java/com/juick/server/SignatureManager.java')
-rw-r--r-- | src/main/java/com/juick/server/SignatureManager.java | 26 |
1 files changed, 17 insertions, 9 deletions
diff --git a/src/main/java/com/juick/server/SignatureManager.java b/src/main/java/com/juick/server/SignatureManager.java index b3b7a301..26e482ad 100644 --- a/src/main/java/com/juick/server/SignatureManager.java +++ b/src/main/java/com/juick/server/SignatureManager.java @@ -1,11 +1,14 @@ package com.juick.server; import com.fasterxml.jackson.databind.ObjectMapper; +import com.juick.User; import com.juick.server.api.activity.model.Context; import com.juick.server.api.activity.model.objects.Person; import com.juick.server.api.webfinger.model.Account; import com.juick.server.api.webfinger.model.Link; +import com.juick.service.UserService; import com.juick.util.DateFormattersHolder; +import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.context.ApplicationEventPublisher; @@ -41,7 +44,7 @@ public class SignatureManager { @Inject private ObjectMapper jsonMapper; @Inject - private ApplicationEventPublisher applicationEventPublisher; + private UserService userService; @Inject private RestTemplate apClient; @@ -70,23 +73,28 @@ public class SignatureManager { logger.info("accepted follower: {}", response.getStatusCodeValue()); } - public boolean verifySignature(String signatureString, URI actor, String method, String path, Map<String, String> headers) { - Optional<Context> context = getContext(actor); + public User verifySignature(String method, String path, Map<String, String> headers) throws IOException { + Signature signature = Signature.fromString(headers.get("signature")); + Optional<Context> context = getContext(URI.create(signature.getKeyId())); if (context.isPresent() && context.get() instanceof Person) { Person person = (Person) context.get(); Key key = KeystoreManager.publicKeyOf(person); - Verifier verifier = new Verifier(key, Signature.fromString(signatureString)); + + Verifier verifier = new Verifier(key, signature); try { boolean result = verifier.verify(method, path, headers); logger.info("signature is valid: {}", result); - return result; + User user = new User(); + user.setUri(URI.create(person.getId())); + if (key.equals(keystoreManager.getPublicKey())) { + return userService.getUserByName(person.getName()); + } + return user; } catch (NoSuchAlgorithmException | SignatureException | IOException e) { - logger.info("signature exception", e); - return false; + throw new IOException("Invalid signature"); } } - logger.info("person not found"); - return false; + throw new IOException("Person not found"); } public Optional<Context> getContext(URI contextUri) { Context context = apClient.getForEntity(contextUri, Context.class).getBody(); |