aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/server/api
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2018-12-20 09:41:32 +0300
committerGravatar Vitaly Takmazov2019-01-16 16:39:21 +0300
commit809ef60e18bb8ab7c95db93b7777f3c0ffb30872 (patch)
treee3d1529ff1c1a2026118a2b856c6366b6b6ea2ef /src/main/java/com/juick/server/api
parent1aea2345966f5026d064a44baaa82bb2d958eb8f (diff)
HTTPSignatureAuthenticationFilter
Diffstat (limited to 'src/main/java/com/juick/server/api')
-rw-r--r--src/main/java/com/juick/server/api/activity/Profile.java26
1 files changed, 4 insertions, 22 deletions
diff --git a/src/main/java/com/juick/server/api/activity/Profile.java b/src/main/java/com/juick/server/api/activity/Profile.java
index 2614cded..404f0f84 100644
--- a/src/main/java/com/juick/server/api/activity/Profile.java
+++ b/src/main/java/com/juick/server/api/activity/Profile.java
@@ -44,6 +44,7 @@ import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.client.RestTemplate;
import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
import org.springframework.web.util.UriComponents;
import org.springframework.web.util.UriComponentsBuilder;
@@ -252,30 +253,11 @@ public class Profile {
}
@PostMapping(value = "/api/inbox", consumes = {Context.LD_JSON_MEDIA_TYPE, Context.ACTIVITYSTREAMS_PROFILE_MEDIA_TYPE})
- public ResponseEntity<Void> processInbox(@RequestBody Activity activity,
- @RequestHeader(name = "Host") String host,
- @RequestHeader(name = "Date") String date,
- @RequestHeader(name = "Digest", required = false) String digest,
- @RequestHeader(name = "Content-Type") String contentType,
- @RequestHeader(name = "User-Agent", required = false) String userAgent,
- @RequestHeader(name = "Accept-Encoding", required = false) String acceptEncoding,
- @RequestHeader(name = "Signature", required = false) String signature) throws Exception {
- UriComponents componentsBuilder = ServletUriComponentsBuilder.fromCurrentRequestUri().build();
- Map<String, String> headers = new HashMap<>();
- headers.put("host", host.split(":", 2)[0]);
- headers.put("date", date);
- headers.put("digest", digest);
- headers.put("content-type", contentType);
- headers.put("user-agent", userAgent);
- headers.put("accept-encoding", acceptEncoding);
- headers.put("signature", signature);
- User signedUser = signatureManager.verifySignature( "POST",
- componentsBuilder.getPath(), headers);
- if ((StringUtils.isNotEmpty(signedUser.getUri().toString()) && signedUser.getUri().equals(URI.create(activity.getActor()))) || !signedUser.isAnonymous()) {
+ public ResponseEntity<Void> processInbox(@RequestBody Activity activity) throws Exception {
+ User visitor = UserUtils.getCurrentUser();
+ if ((StringUtils.isNotEmpty(visitor.getUri().toString()) && visitor.getUri().equals(URI.create(activity.getActor()))) || !visitor.isAnonymous()) {
if (activity instanceof Follow) {
Follow followRequest = (Follow) activity;
- String actor = followRequest.getActor();
- Person follower = (Person) signatureManager.getContext(URI.create(actor)).orElseThrow(HttpBadRequestException::new);
applicationEventPublisher.publishEvent(
new FollowEvent(this, followRequest));
return new ResponseEntity<>(HttpStatus.ACCEPTED);