From f941a292f7211d2712d94983226662446b74f8bb Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Thu, 4 Oct 2018 18:35:13 +0300
Subject: Add User-Agent header to http signature verification headers list

---
 juick-server/src/main/java/com/juick/server/api/activity/Profile.java | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'juick-server/src/main/java/com/juick')

diff --git a/juick-server/src/main/java/com/juick/server/api/activity/Profile.java b/juick-server/src/main/java/com/juick/server/api/activity/Profile.java
index 76b82d79..a46db7fe 100644
--- a/juick-server/src/main/java/com/juick/server/api/activity/Profile.java
+++ b/juick-server/src/main/java/com/juick/server/api/activity/Profile.java
@@ -233,6 +233,7 @@ public class Profile {
                                              @RequestHeader(name = "Date") String date,
                                              @RequestHeader(name = "Digest") String digest,
                                              @RequestHeader(name = "Content-Type") String contentType,
+                                             @RequestHeader(name = "User-Agent") String userAgent,
                                              @RequestHeader(name = "Signature") String signature) {
         UriComponents componentsBuilder = ServletUriComponentsBuilder.fromCurrentRequestUri().build();
         Map<String, String> headers = new HashMap<>();
@@ -240,6 +241,7 @@ public class Profile {
         headers.put("date", date);
         headers.put("digest", digest);
         headers.put("content-type", contentType);
+        headers.put("user-agent", userAgent);
         boolean valid = signatureManager.verifySignature(signature, URI.create(activity.getActor()), "POST",
                 componentsBuilder.getPath(), headers);
         if (valid) {
-- 
cgit v1.2.3