changeset 3883:6da749bbf320

component AP gateway: fix headers case in signature: headers where not lower-cased in `headers` field of signature data, resulting in signature being rejected by Pleroma (but it was working with Mastodon). Also add `Content-Type` header. rel 371
author Goffi <goffi@goffi.org>
date Wed, 31 Aug 2022 17:07:03 +0200
parents 1bd44367337d
children cea52400623d
files sat/plugins/plugin_comp_ap_gateway/__init__.py
diffstat 1 files changed, 11 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/sat/plugins/plugin_comp_ap_gateway/__init__.py	Wed Aug 31 17:07:03 2022 +0200
+++ b/sat/plugins/plugin_comp_ap_gateway/__init__.py	Wed Aug 31 17:07:03 2022 +0200
@@ -933,7 +933,9 @@
                 hashes.SHA256()  # type: ignore
             )
         except InvalidSignature:
-            raise exceptions.EncryptionError("Invalid signature (using PKC0S1 v1.5 and SHA-256)")
+            raise exceptions.EncryptionError(
+                "Invalid signature (using PKC0S1 v1.5 and SHA-256)"
+            )
 
         return actor_id
 
@@ -955,7 +957,9 @@
             ``headers`` is an updated copy of ``headers`` arguments, with pseudo-headers
             removed, and ``Signature`` added.
         """
-        to_sign = "\n".join(f"{k.lower()}: {v}" for k,v in headers.items())
+        # headers must be lower case
+        l_headers: Dict[str, str] = {k.lower(): v for k, v in headers.items()}
+        to_sign = "\n".join(f"{k}: {v}" for k,v in l_headers.items())
         signature = base64.b64encode(self.private_key.sign(
             to_sign.encode(),
             # we have to use PKCS1v15 padding to be compatible with Mastodon
@@ -965,7 +969,7 @@
         sign_data = {
             "keyId": key_id,
             "Algorithm": "rsa-sha256",
-            "headers": " ".join(headers.keys()),
+            "headers": " ".join(l_headers.keys()),
             "signature": signature
         }
         new_headers = {k: v for k,v in headers.items() if not k.startswith("(")}
@@ -1026,7 +1030,7 @@
                 )
             else:
                 raise exceptions.InternalError(f"unexpected element: {item.toXml()}")
-            resp = await self.signAndPost(inbox, url_actor, ap_item)
+            await self.signAndPost(inbox, url_actor, ap_item)
 
     async def convertAndPostAttachments(
         self,
@@ -1182,6 +1186,9 @@
             "Date": http.datetimeToString().decode(),
             "Digest": digest
         }
+        headers["Content-Type"] = (
+            'application/activity+json'
+        )
         headers, __ = self.getSignatureData(self.getKeyId(actor_id), headers)
 
         if self.verbose: