diff options
Diffstat (limited to 'src/main/java/com/juick/SignatureManager.java')
-rw-r--r-- | src/main/java/com/juick/SignatureManager.java | 46 |
1 files changed, 16 insertions, 30 deletions
diff --git a/src/main/java/com/juick/SignatureManager.java b/src/main/java/com/juick/SignatureManager.java index 9d6b68f7..92cb7fd9 100644 --- a/src/main/java/com/juick/SignatureManager.java +++ b/src/main/java/com/juick/SignatureManager.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008-2020, Juick + * Copyright (C) 2008-2022, Juick * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -23,7 +23,6 @@ import com.juick.model.User; import com.juick.service.UserService; import com.juick.service.activities.DeleteUserEvent; import com.juick.util.DateFormattersHolder; -import com.juick.www.api.activity.model.Activity; import com.juick.www.api.activity.model.Context; import com.juick.www.api.activity.model.objects.Actor; import com.juick.www.api.webfinger.model.Account; @@ -33,19 +32,12 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.cache.annotation.Cacheable; import org.springframework.context.ApplicationEventPublisher; -import org.springframework.http.HttpEntity; -import org.springframework.http.HttpHeaders; -import org.springframework.http.HttpMethod; -import org.springframework.http.MediaType; -import org.springframework.http.ResponseEntity; +import org.springframework.http.*; import org.springframework.web.client.RestClientException; import org.springframework.web.client.RestTemplate; import org.springframework.web.util.UriComponentsBuilder; import org.tomitribe.auth.signatures.Base64; -import org.tomitribe.auth.signatures.MissingRequiredHeaderException; -import org.tomitribe.auth.signatures.Signature; -import org.tomitribe.auth.signatures.Signer; -import org.tomitribe.auth.signatures.Verifier; +import org.tomitribe.auth.signatures.*; import rocks.xmpp.addr.Jid; import javax.inject.Inject; @@ -56,12 +48,7 @@ import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.SignatureException; import java.time.Instant; -import java.util.Arrays; -import java.util.Collections; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Optional; +import java.util.*; import static com.juick.www.api.activity.model.Context.ACTIVITY_MEDIA_TYPE; @@ -97,18 +84,18 @@ public class SignatureManager { requestHeaders.add("Digest", digestHeader); requestHeaders.add("Signature", signatureString); HttpEntity<String> request = new HttpEntity<>(payload, requestHeaders); - logger.info("Sending context to {}: {}", to.getId(), payload); + logger.debug("Sending context to {}: {}", to.getId(), payload); ResponseEntity<Void> response = apClient.postForEntity(inbox, request, Void.class); - logger.info("Remote response: {}", response.getStatusCodeValue()); + logger.debug("Remote response: {}", response.getStatusCode()); } public String addSignature(Actor from, String host, String method, String path, String dateString, - String digestHeader) throws IOException { + String digestHeader) throws IOException { return addSignature(from, host, method, path, dateString, digestHeader, keystoreManager); } public String addSignature(Actor from, String host, String method, String path, String dateString, - String digestHeader, KeystoreManager keystoreManager) throws IOException { + String digestHeader, KeystoreManager keystoreManager) throws IOException { List<String> requiredHeaders = StringUtils.isEmpty(digestHeader) ? Arrays.asList("(request-target)", "host", "date") : Arrays.asList("(request-target)", "host", "date", "digest"); @@ -128,10 +115,9 @@ public class SignatureManager { public User verifySignature(String method, String path, Map<String, String> headers) { String signatureString = headers.get("signature"); Signature signature = Signature.fromString(signatureString); - Optional<Context> context = getContext( - UriComponentsBuilder.fromUriString(signature.getKeyId()).fragment(null).build().toUri()); - if (context.isPresent() && context.get() instanceof Actor) { - Actor actor = (Actor) context.get(); + var keyId = UriComponentsBuilder.fromUriString(signature.getKeyId()).fragment(null).build().toUri(); + var context = getContext(keyId); + if (context.isPresent() && context.get() instanceof Actor actor) { Key key = KeystoreManager.publicKeyOf(actor); if (key != null) { Verifier verifier = new Verifier(key, signature); @@ -152,14 +138,14 @@ public class SignatureManager { return AnonymousUser.INSTANCE; } } catch (NoSuchAlgorithmException | SignatureException | MissingRequiredHeaderException - | IOException e) { - logger.warn("Invalid signature {}: {}", signatureString, e.getMessage()); + | IOException e) { + logger.warn("Verification error for {}: {}", signature.getKeyId(), e.getMessage()); } } else { - logger.warn("Unknown actor"); + logger.warn("Public key missing for {}", actor.getId()); } } else { - logger.warn("Unknown keyId"); + logger.warn("Public key error for {}", signature.getKeyId()); } return AnonymousUser.INSTANCE; } @@ -177,7 +163,7 @@ public class SignatureManager { } return Optional.of(context); } catch (Exception e) { - logger.warn("REST Exception on {}: {}", contextUri, e.getMessage()); + logger.warn("{}", e.getMessage()); } return Optional.empty(); } |