mirrors/bookwyrm
1
0
Fork 1
mirror of https://github.com/bookwyrm-social/bookwyrm.git synced 2024-06-19 13:40:43 +00:00
Code Issues Projects Releases Wiki Activity

deal with missing digests in signatures

Browse source 
If no digest value is passed to make_signature and Exception was thrown.
Since digest is added to the signature headers if it is not None anyway, there is no need to assign the digest value before that check.
When signing a request _as the server_ for Mastodon's AUTHORIZED_FETCH there is no need to include a digest.
This commit is contained in:
Hugh Rundle 2023-01-20 08:24:46 +11:00
parent 9a0f8f9c2a
commit 0c614e828f
1 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
bookwyrm/signatures.py
View file

@ -22,14 +22,13 @@ def create_key_pair():
return private_key, public_key
def make_signature(method, sender, destination, date, digest):
def make_signature(method, sender, destination, date, digest=None):
"""uses a private key to sign an outgoing message"""
inbox_parts = urlparse(destination)
signature_headers = [
f"(request-target): {method} {inbox_parts.path}",
f"host: {inbox_parts.netloc}",
f"date: {date}",
f"digest: {digest}",
f"date: {date}"
]
headers = "(request-target) host date"
if digest is not None: