/* * Copyright (C) 2008-2022, Juick * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as * published by the Free Software Foundation, either version 3 of the * License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ package com.juick.service; import com.juick.KeystoreManager; import com.juick.www.api.activity.model.objects.Actor; import org.apache.commons.lang3.StringUtils; import org.tomitribe.auth.signatures.*; import java.io.IOException; import java.util.*; public class SignatureService { private KeystoreManager keystoreManager; public SignatureService(KeystoreManager keystoreManager) { this.keystoreManager = keystoreManager; } public String addSignature(Actor from, String host, String method, String path, String dateString, String digestHeader) throws IOException { return addSignature(from, host, method, path, dateString, digestHeader, keystoreManager); } public String addSignature(Actor from, String host, String method, String path, String dateString, String digestHeader, KeystoreManager keystoreManager) throws IOException { List<String> requiredHeaders = StringUtils.isEmpty(digestHeader) ? Arrays.asList("(request-target)", "host", "date") : Arrays.asList("(request-target)", "host", "date", "digest"); Signature templateSignature = new Signature(from.getPublicKey().getId(), "rsa-sha256", null, requiredHeaders); Map<String, String> headers = new HashMap<>(); headers.put("host", host); headers.put("date", dateString); if (StringUtils.isNotEmpty(digestHeader)) { headers.put("digest", digestHeader); } Signer signer = new Signer(keystoreManager.getPrivateKey(), templateSignature); Signature signature = signer.sign(method.toLowerCase(), path, headers); // remove "Signature: " from result return signature.toString().substring(10); } }