yetangitu/funkwhale
1
0
Fork 0
mirror of https://code.eliotberriot.com/funkwhale/funkwhale.git synced 2025-10-06 02:20:01 +02:00
Code Issues Releases Wiki Activity

Use own requests-http-signing to be compatible with Signature header

Browse source
This commit is contained in:
Eliot Berriot 2018-03-30 21:59:58 +02:00
parent 7191a2a2c0
commit c63b7f929d
No known key found for this signature in database
GPG key ID: DD6965E2476E5C27
4 changed files with 26 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

1
api/funkwhale_api/federation/factories.py
View file

@ -15,6 +15,7 @@ class SignatureAuthFactory(factory.Factory):
algorithm = 'rsa-sha256'
key = factory.LazyFunction(lambda: keys.get_key_pair()[0])
key_id = factory.Faker('url')
use_auth_header = False
class Meta:
model = requests_http_signature.HTTPSignatureAuth

5
api/funkwhale_api/federation/signing.py
View file

@ -5,7 +5,8 @@ import requests_http_signature
def verify(request, public_key):
return requests_http_signature.HTTPSignatureAuth.verify(
request,
key_resolver=lambda **kwargs: public_key
key_resolver=lambda **kwargs: public_key,
use_auth_header=False,
)
@ -20,7 +21,7 @@ def verify_django(django_request, public_key):
# with requests_http_signature
headers[h.lower()] = v
try:
signature = headers['authorization']
signature = headers['signature']
except KeyError:
raise exceptions.MissingSignature