Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
Philipp Wolfer
funkwhale
Commits
f7b5214f
Commit
f7b5214f
authored
Feb 28, 2021
by
Georg Krause
Browse files
Revert "Merge branch '876-http-signature' into 'develop'"
This reverts merge request !1120
parent
648abfd9
Changes
3
Hide whitespace changes
Inline
Side-by-side
api/funkwhale_api/federation/factories.py
View file @
f7b5214f
...
...
@@ -20,10 +20,11 @@ class SignatureAuthFactory(factory.Factory):
algorithm
=
"rsa-sha256"
key
=
factory
.
LazyFunction
(
lambda
:
keys
.
get_key_pair
()[
0
])
key_id
=
factory
.
Faker
(
"url"
)
use_auth_header
=
False
headers
=
[
"(request-target)"
,
"user-agent"
,
"host"
,
"date"
,
"accept"
]
class
Meta
:
model
=
requests_http_signature
.
HTTPSignature
Header
Auth
model
=
requests_http_signature
.
HTTPSignatureAuth
@
registry
.
register
(
name
=
"federation.SignedRequest"
)
...
...
api/funkwhale_api/federation/signing.py
View file @
f7b5214f
...
...
@@ -46,7 +46,7 @@ def verify(request, public_key):
verify_date
(
date
)
try
:
return
requests_http_signature
.
HTTPSignatureAuth
.
verify
(
request
,
key_resolver
=
lambda
**
kwargs
:
public_key
,
scheme
=
"Signature"
request
,
key_resolver
=
lambda
**
kwargs
:
public_key
,
use_auth_header
=
False
)
except
cryptography
.
exceptions
.
InvalidSignature
:
logger
.
warning
(
...
...
@@ -98,7 +98,8 @@ def verify_django(django_request, public_key):
def
get_auth
(
private_key
,
private_key_id
):
return
requests_http_signature
.
HTTPSignatureHeaderAuth
(
return
requests_http_signature
.
HTTPSignatureAuth
(
use_auth_header
=
False
,
headers
=
[
"(request-target)"
,
"user-agent"
,
"host"
,
"date"
],
algorithm
=
"rsa-sha256"
,
key
=
private_key
.
encode
(
"utf-8"
),
...
...
api/requirements/base.txt
View file @
f7b5214f
...
...
@@ -45,7 +45,9 @@ uvicorn[standard]~=0.12.0
gunicorn~=20.0.0
cryptography~=2.9.0
requests-http-signature==0.2.0
# requests-http-signature==0.0.3
# clone until the branch is merged and released upstream
git+https://github.com/agateblue/requests-http-signature.git@signature-header-support
django-cleanup~=5.0.0
requests~=2.24.0
pyOpenSSL~=19.1.0
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment