From 3f8ec341a8999d810fec2f9a504b98c20e63ce0e Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Wed, 30 Jan 2019 15:44:23 +0300
Subject: fix http authentication flow

---
 .../java/com/juick/server/SignatureManager.java    | 49 +++++++++++-----------
 1 file changed, 24 insertions(+), 25 deletions(-)

(limited to 'src/main/java/com/juick/server')

diff --git a/src/main/java/com/juick/server/SignatureManager.java b/src/main/java/com/juick/server/SignatureManager.java
index 0f2f1b39..2cbe243e 100644
--- a/src/main/java/com/juick/server/SignatureManager.java
+++ b/src/main/java/com/juick/server/SignatureManager.java
@@ -84,37 +84,36 @@ public class SignatureManager {
         return signature.toString().substring(10);
     }
 
-    public User verifySignature(String method, String path, Map<String, String> headers) throws IOException {
+    public User verifySignature(String method, String path, Map<String, String> headers) {
         String signatureString = headers.get("signature");
-        if (StringUtils.isEmpty(signatureString)) {
-            return AnonymousUser.INSTANCE;
-        }
-        logger.debug("Signature: {}", signatureString);
-        Signature signature = Signature.fromString(signatureString);
-        Optional<Context> context = getContext(URI.create(signature.getKeyId()));
-        if (context.isPresent() && context.get() instanceof Person) {
-            Person person = (Person) context.get();
-            Key key = KeystoreManager.publicKeyOf(person);
+        if (StringUtils.isNotEmpty(signatureString)) {
+            logger.debug("Signature: {}", signatureString);
+            Signature signature = Signature.fromString(signatureString);
+            Optional<Context> context = getContext(URI.create(signature.getKeyId()));
+            if (context.isPresent() && context.get() instanceof Person) {
+                Person person = (Person) context.get();
+                Key key = KeystoreManager.publicKeyOf(person);
 
-            Verifier verifier = new Verifier(key, signature);
-            try {
-                boolean result = verifier.verify(method, path, headers);
-                logger.info("signature of {} is valid: {}", signature.getKeyId(), result);
-                if (result) {
-                    User user = new User();
-                    user.setUri(URI.create(person.getId()));
-                    if (key.equals(keystoreManager.getPublicKey())) {
-                        return userService.getUserByName(person.getName());
+                Verifier verifier = new Verifier(key, signature);
+                try {
+                    boolean result = verifier.verify(method, path, headers);
+                    logger.info("signature of {} is valid: {}", signature.getKeyId(), result);
+                    if (result) {
+                        User user = new User();
+                        user.setUri(URI.create(person.getId()));
+                        if (key.equals(keystoreManager.getPublicKey())) {
+                            return userService.getUserByName(person.getName());
+                        }
+                        return user;
+                    } else {
+                        return AnonymousUser.INSTANCE;
                     }
-                    return user;
-                } else {
-                    return AnonymousUser.INSTANCE;
+                } catch (NoSuchAlgorithmException | SignatureException | IOException e) {
+                    logger.warn("Invalid signature {}", signatureString);
                 }
-            } catch (NoSuchAlgorithmException | SignatureException | IOException e) {
-                throw new IOException("Invalid signature");
             }
         }
-        throw new IOException("Person not found");
+        return AnonymousUser.INSTANCE;
     }
     public Optional<Context> getContext(URI contextUri) {
         try {
-- 
cgit v1.2.3