aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/SignatureManager.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/juick/SignatureManager.java')
-rw-r--r--src/main/java/com/juick/SignatureManager.java46
1 files changed, 16 insertions, 30 deletions
diff --git a/src/main/java/com/juick/SignatureManager.java b/src/main/java/com/juick/SignatureManager.java
index 9d6b68f7..92cb7fd9 100644
--- a/src/main/java/com/juick/SignatureManager.java
+++ b/src/main/java/com/juick/SignatureManager.java
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008-2020, Juick
+ * Copyright (C) 2008-2022, Juick
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@@ -23,7 +23,6 @@ import com.juick.model.User;
import com.juick.service.UserService;
import com.juick.service.activities.DeleteUserEvent;
import com.juick.util.DateFormattersHolder;
-import com.juick.www.api.activity.model.Activity;
import com.juick.www.api.activity.model.Context;
import com.juick.www.api.activity.model.objects.Actor;
import com.juick.www.api.webfinger.model.Account;
@@ -33,19 +32,12 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.cache.annotation.Cacheable;
import org.springframework.context.ApplicationEventPublisher;
-import org.springframework.http.HttpEntity;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.HttpMethod;
-import org.springframework.http.MediaType;
-import org.springframework.http.ResponseEntity;
+import org.springframework.http.*;
import org.springframework.web.client.RestClientException;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.util.UriComponentsBuilder;
import org.tomitribe.auth.signatures.Base64;
-import org.tomitribe.auth.signatures.MissingRequiredHeaderException;
-import org.tomitribe.auth.signatures.Signature;
-import org.tomitribe.auth.signatures.Signer;
-import org.tomitribe.auth.signatures.Verifier;
+import org.tomitribe.auth.signatures.*;
import rocks.xmpp.addr.Jid;
import javax.inject.Inject;
@@ -56,12 +48,7 @@ import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.time.Instant;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Optional;
+import java.util.*;
import static com.juick.www.api.activity.model.Context.ACTIVITY_MEDIA_TYPE;
@@ -97,18 +84,18 @@ public class SignatureManager {
requestHeaders.add("Digest", digestHeader);
requestHeaders.add("Signature", signatureString);
HttpEntity<String> request = new HttpEntity<>(payload, requestHeaders);
- logger.info("Sending context to {}: {}", to.getId(), payload);
+ logger.debug("Sending context to {}: {}", to.getId(), payload);
ResponseEntity<Void> response = apClient.postForEntity(inbox, request, Void.class);
- logger.info("Remote response: {}", response.getStatusCodeValue());
+ logger.debug("Remote response: {}", response.getStatusCode());
}
public String addSignature(Actor from, String host, String method, String path, String dateString,
- String digestHeader) throws IOException {
+ String digestHeader) throws IOException {
return addSignature(from, host, method, path, dateString, digestHeader, keystoreManager);
}
public String addSignature(Actor from, String host, String method, String path, String dateString,
- String digestHeader, KeystoreManager keystoreManager) throws IOException {
+ String digestHeader, KeystoreManager keystoreManager) throws IOException {
List<String> requiredHeaders = StringUtils.isEmpty(digestHeader)
? Arrays.asList("(request-target)", "host", "date")
: Arrays.asList("(request-target)", "host", "date", "digest");
@@ -128,10 +115,9 @@ public class SignatureManager {
public User verifySignature(String method, String path, Map<String, String> headers) {
String signatureString = headers.get("signature");
Signature signature = Signature.fromString(signatureString);
- Optional<Context> context = getContext(
- UriComponentsBuilder.fromUriString(signature.getKeyId()).fragment(null).build().toUri());
- if (context.isPresent() && context.get() instanceof Actor) {
- Actor actor = (Actor) context.get();
+ var keyId = UriComponentsBuilder.fromUriString(signature.getKeyId()).fragment(null).build().toUri();
+ var context = getContext(keyId);
+ if (context.isPresent() && context.get() instanceof Actor actor) {
Key key = KeystoreManager.publicKeyOf(actor);
if (key != null) {
Verifier verifier = new Verifier(key, signature);
@@ -152,14 +138,14 @@ public class SignatureManager {
return AnonymousUser.INSTANCE;
}
} catch (NoSuchAlgorithmException | SignatureException | MissingRequiredHeaderException
- | IOException e) {
- logger.warn("Invalid signature {}: {}", signatureString, e.getMessage());
+ | IOException e) {
+ logger.warn("Verification error for {}: {}", signature.getKeyId(), e.getMessage());
}
} else {
- logger.warn("Unknown actor");
+ logger.warn("Public key missing for {}", actor.getId());
}
} else {
- logger.warn("Unknown keyId");
+ logger.warn("Public key error for {}", signature.getKeyId());
}
return AnonymousUser.INSTANCE;
}
@@ -177,7 +163,7 @@ public class SignatureManager {
}
return Optional.of(context);
} catch (Exception e) {
- logger.warn("REST Exception on {}: {}", contextUri, e.getMessage());
+ logger.warn("{}", e.getMessage());
}
return Optional.empty();
}