MirrorMirror
/
funkwhale
mirror of https://dev.funkwhale.audio/funkwhale/funkwhale.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Replace requests-http-signature with requests-http-message-signatures

This commit is contained in:
Georg Krause 2022-04-01 15:00:54 +02:00
parent ffd1ae0c44
commit 09b1e7a007
No known key found for this signature in database
GPG Key ID: 2970D504B2183D22
3 changed files with 8 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
api/funkwhale_api/federation/factories.py
View File

@ -2,7 +2,7 @@ import uuid
import factory import factory
import requests import requests
import requests_http_signature import requests_http_message_signatures
from django.conf import settings from django.conf import settings
from django.utils import timezone from django.utils import timezone
from django.utils.http import http_date from django.utils.http import http_date
@ -20,11 +20,10 @@ class SignatureAuthFactory(factory.Factory):
algorithm = "rsa-sha256" algorithm = "rsa-sha256"
key = factory.LazyFunction(lambda: keys.get_key_pair()[0]) key = factory.LazyFunction(lambda: keys.get_key_pair()[0])
key_id = factory.Faker("url") key_id = factory.Faker("url")
use_auth_header = False
headers = ["(request-target)", "user-agent", "host", "date", "accept"] headers = ["(request-target)", "user-agent", "host", "date", "accept"]
class Meta: class Meta:
model = requests_http_signature.HTTPSignatureAuth model = requests_http_message_signatures.HTTPSignatureHeaderAuth
@registry.register(name="federation.SignedRequest") @registry.register(name="federation.SignedRequest")

11
api/funkwhale_api/federation/signing.py
View File

@ -8,7 +8,7 @@ from django.utils import timezone
from django.utils.http import parse_http_date from django.utils.http import parse_http_date
import requests import requests
import requests_http_signature import requests_http_message_signatures
from . import exceptions, utils from . import exceptions, utils
@ -45,8 +45,8 @@ def verify(request, public_key):
) )
verify_date(date) verify_date(date)
try: try:
return requests_http_signature.HTTPSignatureAuth.verify( return requests_http_message_signatures.HTTPSignatureHeaderAuth.verify(
request, key_resolver=lambda **kwargs: public_key, use_auth_header=False request, key_resolver=lambda **kwargs: public_key
) )
except cryptography.exceptions.InvalidSignature: except cryptography.exceptions.InvalidSignature:
logger.warning( logger.warning(
@ -65,7 +65,7 @@ def verify_django(django_request, public_key):
headers = utils.clean_wsgi_headers(django_request.META) headers = utils.clean_wsgi_headers(django_request.META)
for h, v in list(headers.items()): for h, v in list(headers.items()):
# we include lower-cased version of the headers for compatibility # we include lower-cased version of the headers for compatibility
# with requests_http_signature # with requests_http_message_signatures
headers[h.lower()] = v headers[h.lower()] = v
try: try:
signature = headers["Signature"] signature = headers["Signature"]
@ -98,8 +98,7 @@ def verify_django(django_request, public_key):
def get_auth(private_key, private_key_id): def get_auth(private_key, private_key_id):
return requests_http_signature.HTTPSignatureAuth( return requests_http_message_signatures.HTTPSignatureHeaderAuth(
use_auth_header=False,
headers=["(request-target)", "user-agent", "host", "date"], headers=["(request-target)", "user-agent", "host", "date"],
algorithm="rsa-sha256", algorithm="rsa-sha256",
key=private_key.encode("utf-8"), key=private_key.encode("utf-8"),

4
api/requirements/base.txt
View File

@ -41,9 +41,7 @@ uvicorn[standard]~=0.14.0
gunicorn~=20.1.0 gunicorn~=20.1.0
cryptography>=3.3.2 cryptography>=3.3.2
# requests-http-signature==0.0.3 requests-http-message-signature==0.3.1
# clone until the branch is merged and released upstream
git+https://github.com/agateblue/requests-http-signature.git@signature-header-support
django-cleanup~=5.2.0 django-cleanup~=5.2.0
requests~=2.26.0 requests~=2.26.0
pyOpenSSL~=20.0.1 pyOpenSSL~=20.0.1