1 files changed, 18 insertions, 13 deletions

diff --git a/src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java b/src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java
index 8332fc8c..346a2f32 100644
--- a/src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java
+++ b/src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java
@@ -3,7 +3,7 @@ package com.juick.service.security;
 import com.juick.User;
 import com.juick.server.SignatureManager;
 import com.juick.service.UserService;
-import com.juick.service.security.entities.JuickUser;
+import org.apache.commons.io.IOUtils;
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
@@ -17,7 +17,7 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
-import java.net.URI;
+import java.nio.charset.StandardCharsets;
 import java.util.Collections;
 import java.util.Map;
 import java.util.stream.Collectors;
@@ -40,18 +40,23 @@ public class HTTPSignatureAuthenticationFilter extends OncePerRequestFilter {
             Map<String, String> headers = Collections.list(request.getHeaderNames())
                     .stream()
                     .collect(Collectors.toMap(String::toLowerCase, request::getHeader));
-            User user = signatureManager.verifySignature(request.getMethod(), request.getRequestURI(), headers);
-            if (!user.isAnonymous()) {
-                String userUri = user.getUri().toString();
-                if (userUri.length() == 0) {
-                    User userWithPassword = userService.getUserByName(user.getName());
-                    userWithPassword.setAuthHash(userService.getHashByUID(userWithPassword.getUid()));
-                    Authentication authentication = new UsernamePasswordAuthenticationToken(userWithPassword.getName(), userWithPassword.getCredentials());
-                    SecurityContextHolder.getContext().setAuthentication(authentication);
-                } else {
-                    Authentication authentication = new AnonymousAuthenticationToken(userUri, user, Collections.singletonList(new SimpleGrantedAuthority("ROLE_ANONYMOUS")));
-                    SecurityContextHolder.getContext().setAuthentication(authentication);
+            try {
+                User user = signatureManager.verifySignature(request.getMethod(), request.getRequestURI(), headers);
+                if (!user.isAnonymous()) {
+                    String userUri = user.getUri().toString();
+                    if (userUri.length() == 0) {
+                        User userWithPassword = userService.getUserByName(user.getName());
+                        userWithPassword.setAuthHash(userService.getHashByUID(userWithPassword.getUid()));
+                        Authentication authentication = new UsernamePasswordAuthenticationToken(userWithPassword.getName(), userWithPassword.getCredentials());
+                        SecurityContextHolder.getContext().setAuthentication(authentication);
+                    } else {
+                        Authentication authentication = new AnonymousAuthenticationToken(userUri, user, Collections.singletonList(new SimpleGrantedAuthority("ROLE_ANONYMOUS")));
+                        SecurityContextHolder.getContext().setAuthentication(authentication);
+                    }
                 }
+            } catch (IOException e) {
+                logger.warn(String.format("Signature %s is not verified, context: %s", headers.get("Signature"),
+                        IOUtils.toString(request.getInputStream(), StandardCharsets.UTF_8)));
             }
         }