From 0c614e828fee016814d1e31f963aa23fba3d8dc6 Mon Sep 17 00:00:00 2001 From: Hugh Rundle Date: Fri, 20 Jan 2023 08:24:46 +1100 Subject: [PATCH] deal with missing digests in signatures If no digest value is passed to make_signature and Exception was thrown. Since digest is added to the signature headers if it is not None anyway, there is no need to assign the digest value before that check. When signing a request _as the server_ for Mastodon's AUTHORIZED_FETCH there is no need to include a digest. --- bookwyrm/signatures.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/bookwyrm/signatures.py b/bookwyrm/signatures.py index dc094d988..ff634232d 100644 --- a/bookwyrm/signatures.py +++ b/bookwyrm/signatures.py @@ -22,14 +22,13 @@ def create_key_pair(): return private_key, public_key -def make_signature(method, sender, destination, date, digest): +def make_signature(method, sender, destination, date, digest=None): """uses a private key to sign an outgoing message""" inbox_parts = urlparse(destination) signature_headers = [ f"(request-target): {method} {inbox_parts.path}", f"host: {inbox_parts.netloc}", - f"date: {date}", - f"digest: {digest}", + f"date: {date}" ] headers = "(request-target) host date" if digest is not None: