mirror of
https://git.asonix.dog/asonix/http-signature-normalization.git
synced 2024-11-25 10:51:01 +00:00
Initial commit
This commit is contained in:
commit
5daf0a78d1
7 changed files with 881 additions and 0 deletions
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
/target
|
||||||
|
**/*.rs.bk
|
||||||
|
Cargo.lock
|
15
Cargo.toml
Normal file
15
Cargo.toml
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
[package]
|
||||||
|
name = "http-signature-normalization"
|
||||||
|
description = "An HTTP Signatures library that leaves the signing to you"
|
||||||
|
version = "0.1.0"
|
||||||
|
authors = ["asonix <asonix@asonix.dog>"]
|
||||||
|
license-file = "./LICENSE"
|
||||||
|
readme = "./README.md"
|
||||||
|
edition = "2018"
|
||||||
|
|
||||||
|
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||||
|
|
||||||
|
[dependencies]
|
||||||
|
base64 = "0.10"
|
||||||
|
chrono = "0.4"
|
||||||
|
http = "0.1.18"
|
417
LICENSE
Normal file
417
LICENSE
Normal file
|
@ -0,0 +1,417 @@
|
||||||
|
Http Signature Normalization
|
||||||
|
Copyright Riley Trautman 2019
|
||||||
|
|
||||||
|
COOPERATIVE SOFTWARE LICENSE
|
||||||
|
|
||||||
|
THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS
|
||||||
|
COPYFARLEFT PUBLIC LICENSE ("LICENSE"). THE WORK IS PROTECTED BY
|
||||||
|
COPYRIGHT AND ALL OTHER APPLICABLE LAWS. ANY USE OF THE WORK OTHER THAN
|
||||||
|
AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY
|
||||||
|
EXERCISING ANY RIGHTS TO THE WORK PROVIDED IN THIS LICENSE, YOU AGREE
|
||||||
|
TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE
|
||||||
|
MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS
|
||||||
|
CONTAINED HERE IN AS CONSIDERATION FOR ACCEPTING THE TERMS AND
|
||||||
|
CONDITIONS OF THIS LICENSE AND FOR AGREEING TO BE BOUND BY THE TERMS
|
||||||
|
AND CONDITIONS OF THIS LICENSE.
|
||||||
|
|
||||||
|
1. DEFINITIONS
|
||||||
|
|
||||||
|
a. "Adaptation" means a work based upon the Work, or upon the
|
||||||
|
Work and other pre-existing works, such as a translation,
|
||||||
|
adaptation, derivative work, arrangement of music or other
|
||||||
|
alterations of a literary or artistic work, or phonogram or
|
||||||
|
performance and includes cinematographic adaptations or any
|
||||||
|
other form in which the Work may be recast, transformed, or
|
||||||
|
adapted including in any form recognizably derived from the
|
||||||
|
original, except that a work that constitutes a Collection will
|
||||||
|
not be considered an Adaptation for the purpose of this License.
|
||||||
|
For the avoidance of doubt, where the Work is a musical work,
|
||||||
|
performance or phonogram, the synchronization of the Work in
|
||||||
|
timed-relation with a moving image ("synching") will be
|
||||||
|
considered an Adaptation for the purpose of this License.
|
||||||
|
|
||||||
|
b. "Collection" means a collection of literary or artistic
|
||||||
|
works, such as encyclopedias and anthologies, or performances,
|
||||||
|
phonograms or broadcasts, or other works or subject matter other
|
||||||
|
than works listed in Section 1(f) below, which, by reason of the
|
||||||
|
selection and arrangement of their contents, constitute
|
||||||
|
intellectual creations, in which the Work is included in its
|
||||||
|
entirety in unmodified form along with one or more other
|
||||||
|
contributions, each constituting separate and independent works
|
||||||
|
in themselves, which together are assembled into a collective
|
||||||
|
whole. A work that constitutes a Collection will not be
|
||||||
|
considered an Adaptation (as defined above) for the purposes of
|
||||||
|
this License.
|
||||||
|
|
||||||
|
c. "Distribute" means to make available to the public the
|
||||||
|
original and copies of the Work or Adaptation, as appropriate,
|
||||||
|
through sale, gift or any other transfer of possession or
|
||||||
|
ownership.
|
||||||
|
|
||||||
|
d. "Licensor" means the individual, individuals, entity or
|
||||||
|
entities that offer(s) the Work under the terms of this License.
|
||||||
|
|
||||||
|
e. "Original Author" means, in the case of a literary or
|
||||||
|
artistic work, the individual, individuals, entity or entities
|
||||||
|
who created the Work or if no individual or entity can be
|
||||||
|
identified, the publisher; and in addition (i) in the case of a
|
||||||
|
performance the actors, singers, musicians, dancers, and other
|
||||||
|
persons who act, sing, deliver, declaim, play in, interpret or
|
||||||
|
otherwise perform literary or artistic works or expressions of
|
||||||
|
folklore; (ii) in the case of a phonogram the producer being the
|
||||||
|
person or legal entity who first fixes the sounds of a
|
||||||
|
performance or other sounds; and, (iii) in the case of
|
||||||
|
broadcasts, the organization that transmits the broadcast.
|
||||||
|
|
||||||
|
f. "Work" means the literary and/or artistic work offered under
|
||||||
|
the terms of this License including without limitation any
|
||||||
|
production in the literary, scientific and artistic domain,
|
||||||
|
whatever may be the mode or form of its expression including
|
||||||
|
digital form, such as a book, pamphlet and other writing; a
|
||||||
|
lecture, address, sermon or other work of the same nature; a
|
||||||
|
dramatic or dramatico-musical work; a choreographic work or
|
||||||
|
entertainment in dumb show; a musical composition with or
|
||||||
|
without words; a cinematographic work to which are assimilated
|
||||||
|
works expressed by a process analogous to cinematography; a work
|
||||||
|
of drawing, painting, architecture, sculpture, engraving or
|
||||||
|
lithography; a photographic work to which are assimilated works
|
||||||
|
expressed by a process analogous to photography; a work of
|
||||||
|
applied art; an illustration, map, plan, sketch or
|
||||||
|
three-dimensional work relative to geography, topography,
|
||||||
|
architecture or science; a performance; a broadcast; a
|
||||||
|
phonogram; a compilation of data to the extent it is protected
|
||||||
|
as a copyrightable work; or a work performed by a variety or
|
||||||
|
circus performer to the extent it is not otherwise considered a
|
||||||
|
literary or artistic work.
|
||||||
|
|
||||||
|
g. "You" means an individual or entity exercising rights under
|
||||||
|
this License who has not previously violated the terms of this
|
||||||
|
License with respect to the Work, or who has received express
|
||||||
|
permission from the Licensor to exercise rights under this
|
||||||
|
License despite a previous violation.
|
||||||
|
|
||||||
|
h. "Publicly Perform" means to perform public recitations of the
|
||||||
|
Work and to communicate to the public those public recitations,
|
||||||
|
by any means or process, including by wire or wireless means or
|
||||||
|
public digital performances; to make available to the public
|
||||||
|
Works in such a way that members of the public may access these
|
||||||
|
Works from a place and at a place individually chosen by them;
|
||||||
|
to perform the Work to the public by any means or process and
|
||||||
|
the communication to the public of the performances of the Work,
|
||||||
|
including by public digital performance; to broadcast and
|
||||||
|
rebroadcast the Work by any means including signs, sounds or
|
||||||
|
images.
|
||||||
|
|
||||||
|
i. "Reproduce" means to make copies of the Work by any means
|
||||||
|
including without limitation by sound or visual recordings and
|
||||||
|
the right of fixation and reproducing fixations of the Work,
|
||||||
|
including storage of a protected performance or phonogram in
|
||||||
|
digital form or other electronic medium.
|
||||||
|
|
||||||
|
j. "Software" means any digital Work which, through use of a
|
||||||
|
third-party piece of Software or through the direct usage of
|
||||||
|
itself on a computer system, the memory of the computer is
|
||||||
|
modified dynamically or semi-dynamically. "Software",
|
||||||
|
secondly, processes or interprets information.
|
||||||
|
|
||||||
|
k. "Source Code" means the human-readable form of Software
|
||||||
|
through which the Original Author and/or Distributor originally
|
||||||
|
created, derived, and/or modified it.
|
||||||
|
|
||||||
|
l. "Web Service" means the use of a piece of Software to
|
||||||
|
interpret or modify information that is subsequently and directly
|
||||||
|
served to users over the Internet.
|
||||||
|
|
||||||
|
2. FAIR DEALING RIGHTS
|
||||||
|
|
||||||
|
Nothing in this License is intended to reduce, limit, or restrict any
|
||||||
|
uses free from copyright or rights arising from limitations or
|
||||||
|
exceptions that are provided for in connection with the copyright
|
||||||
|
protection under copyright law or other applicable laws.
|
||||||
|
|
||||||
|
3. LICENSE GRANT
|
||||||
|
|
||||||
|
Subject to the terms and conditions of this License, Licensor hereby
|
||||||
|
grants You a worldwide, royalty-free, non-exclusive, perpetual (for the
|
||||||
|
duration of the applicable copyright) license to exercise the rights in
|
||||||
|
the Work as stated below:
|
||||||
|
|
||||||
|
a. to Reproduce the Work, to incorporate the Work into one or
|
||||||
|
more Collections, and to Reproduce the Work as incorporated in
|
||||||
|
the Collections;
|
||||||
|
|
||||||
|
b. to create and Reproduce Adaptations provided that any such
|
||||||
|
Adaptation, including any translation in any medium, takes
|
||||||
|
reasonable steps to clearly label, demarcate or otherwise
|
||||||
|
identify that changes were made to the original Work. For
|
||||||
|
example, a translation could be marked "The original work was
|
||||||
|
translated from English to Spanish," or a modification could
|
||||||
|
indicate "The original work has been modified.";
|
||||||
|
|
||||||
|
c. to Distribute and Publicly Perform the Work including as
|
||||||
|
incorporated in Collections; and,
|
||||||
|
|
||||||
|
d. to Distribute and Publicly Perform Adaptations. The above
|
||||||
|
rights may be exercised in all media and formats whether now
|
||||||
|
known or hereafter devised. The above rights include the right
|
||||||
|
to make such modifications as are technically necessary to
|
||||||
|
exercise the rights in other media and formats. Subject to
|
||||||
|
Section 8(g), all rights not expressly granted by Licensor are
|
||||||
|
hereby reserved, including but not limited to the rights set
|
||||||
|
forth in Section 4(h).
|
||||||
|
|
||||||
|
4. RESTRICTIONS
|
||||||
|
|
||||||
|
The license granted in Section 3 above is expressly made subject to and
|
||||||
|
limited by the following restrictions:
|
||||||
|
|
||||||
|
a. You may Distribute or Publicly Perform the Work only under
|
||||||
|
the terms of this License. You must include a copy of, or the
|
||||||
|
Uniform Resource Identifier (URI) for, this License with every
|
||||||
|
copy of the Work You Distribute or Publicly Perform. You may not
|
||||||
|
offer or impose any terms on the Work that restrict the terms of
|
||||||
|
this License or the ability of the recipient of the Work to
|
||||||
|
exercise the rights granted to that recipient under the terms of
|
||||||
|
the License. You may not sublicense the Work. You must keep
|
||||||
|
intact all notices that refer to this License and to the
|
||||||
|
disclaimer of warranties with every copy of the Work You
|
||||||
|
Distribute or Publicly Perform. When You Distribute or Publicly
|
||||||
|
Perform the Work, You may not impose any effective technological
|
||||||
|
measures on the Work that restrict the ability of a recipient of
|
||||||
|
the Work from You to exercise the rights granted to that
|
||||||
|
recipient under the terms of the License. This Section 4(a)
|
||||||
|
applies to the Work as incorporated in a Collection, but this
|
||||||
|
does not require the Collection apart from the Work itself to be
|
||||||
|
made subject to the terms of this License. If You create a
|
||||||
|
Collection, upon notice from any Licensor You must, to the
|
||||||
|
extent practicable, remove from the Collection any credit as
|
||||||
|
required by Section 4(f), as requested. If You create an
|
||||||
|
Adaptation, upon notice from any Licensor You must, to the
|
||||||
|
extent practicable, remove from the Adaptation any credit as
|
||||||
|
required by Section 4(f), as requested.
|
||||||
|
|
||||||
|
b. Subject to the exception in Section 4(e), you may not
|
||||||
|
exercise any of the rights granted to You in Section 3 above in
|
||||||
|
any manner that is primarily intended for or directed toward
|
||||||
|
commercial advantage or private monetary compensation. The
|
||||||
|
exchange of the Work for other copyrighted works by means of
|
||||||
|
digital file-sharing or otherwise shall not be considered to be
|
||||||
|
intended for or directed toward commercial advantage or private
|
||||||
|
monetary compensation, provided there is no payment of any
|
||||||
|
monetary compensation in connection with the exchange of
|
||||||
|
copyrighted works.
|
||||||
|
|
||||||
|
c. If the Work meets the definition of Software, You may exercise
|
||||||
|
the rights granted in Section 3 only if You provide a copy of the
|
||||||
|
corresponding Source Code from which the Work was derived in digital
|
||||||
|
form, or You provide a URI for the corresponding Source Code of
|
||||||
|
the Work, to any recipients upon request.
|
||||||
|
|
||||||
|
d. If the Work is used as or for a Web Service, You may exercise
|
||||||
|
the rights granted in Section 3 only if You provide a copy of the
|
||||||
|
corresponding Source Code from which the Work was derived in digital
|
||||||
|
form, or You provide a URI for the corresponding Source Code to the
|
||||||
|
Work, to any recipients of the data served or modified by the Web
|
||||||
|
Service.
|
||||||
|
|
||||||
|
e. You may exercise the rights granted in Section 3 for
|
||||||
|
commercial purposes only if you satisfy any of the following:
|
||||||
|
|
||||||
|
i. You are a worker-owned business or worker-owned
|
||||||
|
collective; and
|
||||||
|
ii. after tax, all financial gain, surplus, profits and
|
||||||
|
benefits produced by the business or collective are
|
||||||
|
distributed among the worker-owners
|
||||||
|
iii. You are not using such rights on behalf of a business
|
||||||
|
other than those specified in 4(e.i) and elaborated upon in
|
||||||
|
4(e.ii), nor are using such rights as a proxy on behalf of a
|
||||||
|
business with the intent to circumvent the aforementioned
|
||||||
|
restrictions on such a business.
|
||||||
|
|
||||||
|
f. Any use by a business that is privately owned and managed,
|
||||||
|
and that seeks to generate profit from the labor of employees
|
||||||
|
paid by salary or other wages, is not permitted under this
|
||||||
|
license.
|
||||||
|
|
||||||
|
g. If You Distribute, or Publicly Perform the Work or any
|
||||||
|
Adaptations or Collections, You must, unless a request has been
|
||||||
|
made pursuant to Section 4(a), keep intact all copyright notices
|
||||||
|
for the Work and provide, reasonable to the medium or means You
|
||||||
|
are utilizing: (i) the name of the Original Author (or
|
||||||
|
pseudonym, if applicable) if supplied, and/or if the Original
|
||||||
|
Author and/or Licensor designate another party or parties (e.g.,
|
||||||
|
a sponsor institute, publishing entity, journal) for attribution
|
||||||
|
("Attribution Parties") in Licensor!s copyright notice, terms of
|
||||||
|
service or by other reasonable means, the name of such party or
|
||||||
|
parties; (ii) the title of the Work if supplied; (iii) to the
|
||||||
|
extent reasonably practicable, the URI, if any, that Licensor
|
||||||
|
specifies to be associated with the Work, unless such URI does
|
||||||
|
not refer to the copyright notice or licensing information for
|
||||||
|
the Work; and, (iv) consistent with Section 3(b), in the case of
|
||||||
|
an Adaptation, a credit identifying the use of the Work in the
|
||||||
|
Adaptation (e.g., "French translation of the Work by Original
|
||||||
|
Author," or "Screenplay based on original Work by Original
|
||||||
|
Author"). The credit required by this Section 4(f) may be
|
||||||
|
implemented in any reasonable manner; provided, however, that in
|
||||||
|
the case of a Adaptation or Collection, at a minimum such credit
|
||||||
|
will appear, if a credit for all contributing authors of the
|
||||||
|
Adaptation or Collection appears, then as part of these credits
|
||||||
|
and in a manner at least as prominent as the credits for the
|
||||||
|
other contributing authors. For the avoidance of doubt, You may
|
||||||
|
only use the credit required by this Section for the purpose of
|
||||||
|
attribution in the manner set out above and, by exercising Your
|
||||||
|
rights under this License, You may not implicitly or explicitly
|
||||||
|
assert or imply any connection with, sponsorship or endorsement
|
||||||
|
by the Original Author, Licensor and/or Attribution Parties, as
|
||||||
|
appropriate, of You or Your use of the Work, without the
|
||||||
|
separate, express prior written permission of the Original
|
||||||
|
Author, Licensor and/or Attribution Parties.
|
||||||
|
|
||||||
|
h. For the avoidance of doubt:
|
||||||
|
|
||||||
|
i. Non-waivable Compulsory License Schemes. In those
|
||||||
|
jurisdictions in which the right to collect royalties
|
||||||
|
through any statutory or compulsory licensing scheme
|
||||||
|
cannot be waived, the Licensor reserves the exclusive
|
||||||
|
right to collect such royalties for any exercise by You of
|
||||||
|
the rights granted under this License;
|
||||||
|
|
||||||
|
ii. Waivable Compulsory License Schemes. In those
|
||||||
|
jurisdictions in which the right to collect royalties
|
||||||
|
through any statutory or compulsory licensing scheme can
|
||||||
|
be waived, the Licensor reserves the exclusive right to
|
||||||
|
collect such royalties for any exercise by You of the
|
||||||
|
rights granted under this License if Your exercise of such
|
||||||
|
rights is for a purpose or use which is otherwise than
|
||||||
|
noncommercial as permitted under Section 4(b) and
|
||||||
|
otherwise waives the right to collect royalties through
|
||||||
|
any statutory or compulsory licensing scheme; and,
|
||||||
|
iii.Voluntary License Schemes. The Licensor reserves the
|
||||||
|
right to collect royalties, whether individually or, in
|
||||||
|
the event that the Licensor is a member of a collecting
|
||||||
|
society that administers voluntary licensing schemes, via
|
||||||
|
that society, from any exercise by You of the rights
|
||||||
|
granted under this License that is for a purpose or use
|
||||||
|
which is otherwise than noncommercial as permitted under
|
||||||
|
Section 4(b).
|
||||||
|
|
||||||
|
i. Except as otherwise agreed in writing by the Licensor or as
|
||||||
|
may be otherwise permitted by applicable law, if You Reproduce,
|
||||||
|
Distribute or Publicly Perform the Work either by itself or as
|
||||||
|
part of any Adaptations or Collections, You must not distort,
|
||||||
|
mutilate, modify or take other derogatory action in relation to
|
||||||
|
the Work which would be prejudicial to the Original Author's
|
||||||
|
honor or reputation. Licensor agrees that in those jurisdictions
|
||||||
|
(e.g. Japan), in which any exercise of the right granted in
|
||||||
|
Section 3(b) of this License (the right to make Adaptations)
|
||||||
|
would be deemed to be a distortion, mutilation, modification or
|
||||||
|
other derogatory action prejudicial to the Original Author's
|
||||||
|
honor and reputation, the Licensor will waive or not assert, as
|
||||||
|
appropriate, this Section, to the fullest extent permitted by
|
||||||
|
the applicable national law, to enable You to reasonably
|
||||||
|
exercise Your right under Section 3(b) of this License (right to
|
||||||
|
make Adaptations) but not otherwise.
|
||||||
|
|
||||||
|
5. REPRESENTATIONS, WARRANTIES AND DISCLAIMER
|
||||||
|
|
||||||
|
UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR
|
||||||
|
OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY
|
||||||
|
KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE,
|
||||||
|
INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY,
|
||||||
|
FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF
|
||||||
|
LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF
|
||||||
|
ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW
|
||||||
|
THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO
|
||||||
|
YOU.
|
||||||
|
|
||||||
|
6. LIMITATION ON LIABILITY
|
||||||
|
|
||||||
|
EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL
|
||||||
|
LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL,
|
||||||
|
INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF
|
||||||
|
THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED
|
||||||
|
OF THE POSSIBILITY OF SUCH DAMAGES.
|
||||||
|
|
||||||
|
7. TERMINATION
|
||||||
|
|
||||||
|
a. This License and the rights granted hereunder will terminate
|
||||||
|
automatically upon any breach by You of the terms of this
|
||||||
|
License. Individuals or entities who have received Adaptations
|
||||||
|
or Collections from You under this License, however, will not
|
||||||
|
have their licenses terminated provided such individuals or
|
||||||
|
entities remain in full compliance with those licenses. Sections
|
||||||
|
1, 2, 5, 6, 7, and 8 will survive any termination of this
|
||||||
|
License.
|
||||||
|
|
||||||
|
b. Subject to the above terms and conditions, the license
|
||||||
|
granted here is perpetual (for the duration of the applicable
|
||||||
|
copyright in the Work). Notwithstanding the above, Licensor
|
||||||
|
reserves the right to release the Work under different license
|
||||||
|
terms or to stop distributing the Work at any time; provided,
|
||||||
|
however that any such election will not serve to withdraw this
|
||||||
|
License (or any other license that has been, or is required to
|
||||||
|
be, granted under the terms of this License), and this License
|
||||||
|
will continue in full force and effect unless terminated as
|
||||||
|
stated above.
|
||||||
|
|
||||||
|
8. MISCELLANEOUS
|
||||||
|
|
||||||
|
a. Each time You Distribute or Publicly Perform the Work or a
|
||||||
|
Collection, the Licensor offers to the recipient a license to
|
||||||
|
the Work on the same terms and conditions as the license granted
|
||||||
|
to You under this License.
|
||||||
|
|
||||||
|
b. Each time You Distribute or Publicly Perform an Adaptation,
|
||||||
|
Licensor offers to the recipient a license to the original Work
|
||||||
|
on the same terms and conditions as the license granted to You
|
||||||
|
under this License.
|
||||||
|
|
||||||
|
c. If the Work is classified as Software, each time You Distribute
|
||||||
|
or Publicly Perform an Adaptation, Licensor offers to the recipient
|
||||||
|
a copy and/or URI of the corresponding Source Code on the same
|
||||||
|
terms and conditions as the license granted to You under this License.
|
||||||
|
|
||||||
|
d. If the Work is used as a Web Service, each time You Distribute
|
||||||
|
or Publicly Perform an Adaptation, or serve data derived from the
|
||||||
|
Software, the Licensor offers to any recipients of the data a copy
|
||||||
|
and/or URI of the corresponding Source Code on the same terms and
|
||||||
|
conditions as the license granted to You under this License.
|
||||||
|
|
||||||
|
e. If any provision of this License is invalid or unenforceable
|
||||||
|
under applicable law, it shall not affect the validity or
|
||||||
|
enforceability of the remainder of the terms of this License,
|
||||||
|
and without further action by the parties to this agreement,
|
||||||
|
such provision shall be reformed to the minimum extent necessary
|
||||||
|
to make such provision valid and enforceable.
|
||||||
|
|
||||||
|
f. No term or provision of this License shall be deemed waived
|
||||||
|
and no breach consented to unless such waiver or consent shall
|
||||||
|
be in writing and signed by the party to be charged with such
|
||||||
|
waiver or consent.
|
||||||
|
|
||||||
|
g. This License constitutes the entire agreement between the
|
||||||
|
parties with respect to the Work licensed here. There are no
|
||||||
|
understandings, agreements or representations with respect to
|
||||||
|
the Work not specified here. Licensor shall not be bound by any
|
||||||
|
additional provisions that may appear in any communication from
|
||||||
|
You. This License may not be modified without the mutual written
|
||||||
|
agreement of the Licensor and You.
|
||||||
|
|
||||||
|
h. The rights granted under, and the subject matter referenced,
|
||||||
|
in this License were drafted utilizing the terminology of the
|
||||||
|
Berne Convention for the Protection of Literary and Artistic
|
||||||
|
Works (as amended on September 28, 1979), the Rome Convention of
|
||||||
|
1961, the WIPO Copyright Treaty of 1996, the WIPO Performances
|
||||||
|
and Phonograms Treaty of 1996 and the Universal Copyright
|
||||||
|
Convention (as revised on July 24, 1971). These rights and
|
||||||
|
subject matter take effect in the relevant jurisdiction in which
|
||||||
|
the License terms are sought to be enforced according to the
|
||||||
|
corresponding provisions of the implementation of those treaty
|
||||||
|
provisions in the applicable national law. If the standard suite
|
||||||
|
of rights granted under applicable copyright law includes
|
||||||
|
additional rights not granted under this License, such
|
||||||
|
additional rights are deemed to be included in the License; this
|
||||||
|
License is not intended to restrict the license of any rights
|
||||||
|
under applicable law.
|
||||||
|
|
||||||
|
|
2
README.md
Normal file
2
README.md
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
HTTP Signature Normaliztion
|
||||||
|
_An HTTP Signatures library that leaves the signing to you_
|
74
src/create.rs
Normal file
74
src/create.rs
Normal file
|
@ -0,0 +1,74 @@
|
||||||
|
use chrono::{DateTime, Utc};
|
||||||
|
use http::header::{HeaderMap, HeaderName, HeaderValue, InvalidHeaderValue, AUTHORIZATION};
|
||||||
|
|
||||||
|
use crate::{
|
||||||
|
ALGORITHM_FIELD, ALGORITHM_VALUE, CREATED_FIELD, EXPIRES_FIELD, HEADERS_FIELD, KEY_ID_FIELD,
|
||||||
|
SIGNATURE_FIELD,
|
||||||
|
};
|
||||||
|
|
||||||
|
const SIGNATURE_HEADER: &'static str = "Signature";
|
||||||
|
|
||||||
|
pub struct Signed {
|
||||||
|
signature: String,
|
||||||
|
sig_headers: Vec<String>,
|
||||||
|
created: DateTime<Utc>,
|
||||||
|
expires: DateTime<Utc>,
|
||||||
|
key_id: String,
|
||||||
|
}
|
||||||
|
|
||||||
|
pub struct Unsigned {
|
||||||
|
pub(crate) signing_string: String,
|
||||||
|
pub(crate) sig_headers: Vec<String>,
|
||||||
|
pub(crate) created: DateTime<Utc>,
|
||||||
|
pub(crate) expires: DateTime<Utc>,
|
||||||
|
}
|
||||||
|
|
||||||
|
impl Signed {
|
||||||
|
pub fn signature_header(self, hm: &mut HeaderMap) -> Result<(), InvalidHeaderValue> {
|
||||||
|
hm.insert(
|
||||||
|
AUTHORIZATION,
|
||||||
|
HeaderValue::from_str(&format!("Signature {}", self.into_header()))?,
|
||||||
|
);
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn authorization_header(self, hm: &mut HeaderMap) -> Result<(), InvalidHeaderValue> {
|
||||||
|
hm.insert(
|
||||||
|
HeaderName::from_static(SIGNATURE_HEADER),
|
||||||
|
HeaderValue::from_str(&self.into_header())?,
|
||||||
|
);
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
||||||
|
fn into_header(self) -> String {
|
||||||
|
let header_parts = [
|
||||||
|
(KEY_ID_FIELD, self.key_id),
|
||||||
|
(ALGORITHM_FIELD, ALGORITHM_VALUE.to_owned()),
|
||||||
|
(CREATED_FIELD, self.created.timestamp().to_string()),
|
||||||
|
(EXPIRES_FIELD, self.expires.timestamp().to_string()),
|
||||||
|
(HEADERS_FIELD, self.sig_headers.join(" ")),
|
||||||
|
(SIGNATURE_FIELD, self.signature),
|
||||||
|
];
|
||||||
|
|
||||||
|
header_parts
|
||||||
|
.iter()
|
||||||
|
.map(|(k, v)| format!("{}=\"{}\"", k, v))
|
||||||
|
.collect::<Vec<_>>()
|
||||||
|
.join(",")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl Unsigned {
|
||||||
|
pub fn sign<F, E>(self, key_id: String, f: F) -> Result<Signed, E>
|
||||||
|
where
|
||||||
|
F: FnOnce(&str) -> Result<Vec<u8>, E>,
|
||||||
|
{
|
||||||
|
(f)(&self.signing_string).map(|v| Signed {
|
||||||
|
signature: base64::encode(&v),
|
||||||
|
sig_headers: self.sig_headers,
|
||||||
|
created: self.created,
|
||||||
|
expires: self.expires,
|
||||||
|
key_id,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
149
src/lib.rs
Normal file
149
src/lib.rs
Normal file
|
@ -0,0 +1,149 @@
|
||||||
|
use chrono::{DateTime, Duration, Utc};
|
||||||
|
use http::{
|
||||||
|
header::{HeaderMap, ToStrError},
|
||||||
|
method::Method,
|
||||||
|
uri::PathAndQuery,
|
||||||
|
};
|
||||||
|
use std::collections::BTreeMap;
|
||||||
|
|
||||||
|
pub mod create;
|
||||||
|
pub mod verify;
|
||||||
|
|
||||||
|
use self::{
|
||||||
|
create::Unsigned,
|
||||||
|
verify::{Unvalidated, ValidateError},
|
||||||
|
};
|
||||||
|
|
||||||
|
const REQUEST_TARGET: &'static str = "(request-target)";
|
||||||
|
const CREATED: &'static str = "(crated)";
|
||||||
|
const EXPIRES: &'static str = "(expires)";
|
||||||
|
|
||||||
|
const KEY_ID_FIELD: &'static str = "keyId";
|
||||||
|
const ALGORITHM_FIELD: &'static str = "algorithm";
|
||||||
|
const ALGORITHM_VALUE: &'static str = "hs2019";
|
||||||
|
const CREATED_FIELD: &'static str = "created";
|
||||||
|
const EXPIRES_FIELD: &'static str = "expires";
|
||||||
|
const HEADERS_FIELD: &'static str = "headers";
|
||||||
|
const SIGNATURE_FIELD: &'static str = "signature";
|
||||||
|
|
||||||
|
#[derive(Clone)]
|
||||||
|
pub struct Config {
|
||||||
|
pub expires: Duration,
|
||||||
|
}
|
||||||
|
|
||||||
|
impl Config {
|
||||||
|
pub fn normalize(
|
||||||
|
&self,
|
||||||
|
method: Method,
|
||||||
|
path_and_query: &PathAndQuery,
|
||||||
|
headers: &HeaderMap,
|
||||||
|
) -> Result<Unsigned, ToStrError> {
|
||||||
|
let (sig_headers, mut btm) = build_headers_list(headers)?;
|
||||||
|
|
||||||
|
let created = Utc::now();
|
||||||
|
let expires = created + self.expires;
|
||||||
|
|
||||||
|
let signing_string = build_signing_string(
|
||||||
|
method,
|
||||||
|
path_and_query,
|
||||||
|
Some(created),
|
||||||
|
Some(expires),
|
||||||
|
&sig_headers,
|
||||||
|
&mut btm,
|
||||||
|
);
|
||||||
|
|
||||||
|
Ok(Unsigned {
|
||||||
|
signing_string,
|
||||||
|
sig_headers,
|
||||||
|
created,
|
||||||
|
expires,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn validate<F, T>(&self, unvalidated: Unvalidated, f: F) -> Result<T, ValidateError>
|
||||||
|
where
|
||||||
|
F: FnOnce(&[u8], &str) -> T,
|
||||||
|
{
|
||||||
|
if let Some(expires) = unvalidated.expires {
|
||||||
|
if expires < unvalidated.parsed_at {
|
||||||
|
return Err(ValidateError::Expired);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if let Some(created) = unvalidated.created {
|
||||||
|
if created + self.expires < unvalidated.parsed_at {
|
||||||
|
return Err(ValidateError::Expired);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
let v = base64::decode(&unvalidated.signature).map_err(|_| ValidateError::Decode)?;
|
||||||
|
|
||||||
|
Ok((f)(&v, &unvalidated.signing_string))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
fn build_headers_list(
|
||||||
|
headers: &HeaderMap,
|
||||||
|
) -> Result<(Vec<String>, BTreeMap<String, String>), ToStrError> {
|
||||||
|
let btm: BTreeMap<String, String> = headers
|
||||||
|
.iter()
|
||||||
|
.map(|(k, v)| {
|
||||||
|
v.to_str()
|
||||||
|
.map(|v| (k.as_str().to_lowercase().to_owned(), v.to_owned()))
|
||||||
|
})
|
||||||
|
.collect::<Result<BTreeMap<String, String>, _>>()?;
|
||||||
|
|
||||||
|
let http_header_keys: Vec<String> = btm.keys().cloned().collect();
|
||||||
|
|
||||||
|
let mut sig_headers = vec![
|
||||||
|
REQUEST_TARGET.to_owned(),
|
||||||
|
CREATED.to_owned(),
|
||||||
|
EXPIRES.to_owned(),
|
||||||
|
];
|
||||||
|
|
||||||
|
sig_headers.extend(http_header_keys);
|
||||||
|
|
||||||
|
Ok((sig_headers, btm))
|
||||||
|
}
|
||||||
|
|
||||||
|
fn build_signing_string(
|
||||||
|
method: Method,
|
||||||
|
path_and_query: &PathAndQuery,
|
||||||
|
created: Option<DateTime<Utc>>,
|
||||||
|
expires: Option<DateTime<Utc>>,
|
||||||
|
sig_headers: &[String],
|
||||||
|
btm: &mut BTreeMap<String, String>,
|
||||||
|
) -> String {
|
||||||
|
let request_target = format!("{} {}", method.to_string().to_lowercase(), path_and_query);
|
||||||
|
|
||||||
|
btm.insert(REQUEST_TARGET.to_owned(), request_target.clone());
|
||||||
|
if let Some(created) = created {
|
||||||
|
btm.insert(CREATED.to_owned(), created.timestamp().to_string());
|
||||||
|
}
|
||||||
|
if let Some(expires) = expires {
|
||||||
|
btm.insert(EXPIRES.to_owned(), expires.timestamp().to_string());
|
||||||
|
}
|
||||||
|
|
||||||
|
let signing_string = sig_headers
|
||||||
|
.iter()
|
||||||
|
.filter_map(|h| btm.remove(h).map(|v| format!("{}: {}", h, v)))
|
||||||
|
.collect::<Vec<_>>()
|
||||||
|
.join("\n");
|
||||||
|
|
||||||
|
signing_string
|
||||||
|
}
|
||||||
|
|
||||||
|
impl Default for Config {
|
||||||
|
fn default() -> Self {
|
||||||
|
Config {
|
||||||
|
expires: Duration::seconds(10),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#[cfg(test)]
|
||||||
|
mod tests {
|
||||||
|
#[test]
|
||||||
|
fn it_works() {
|
||||||
|
assert_eq!(2 + 2, 4);
|
||||||
|
}
|
||||||
|
}
|
221
src/verify.rs
Normal file
221
src/verify.rs
Normal file
|
@ -0,0 +1,221 @@
|
||||||
|
use chrono::{DateTime, TimeZone, Utc};
|
||||||
|
use http::{
|
||||||
|
header::{HeaderMap, ToStrError},
|
||||||
|
method::Method,
|
||||||
|
uri::PathAndQuery,
|
||||||
|
};
|
||||||
|
use std::{collections::HashMap, error::Error, fmt, str::FromStr};
|
||||||
|
|
||||||
|
use crate::{
|
||||||
|
build_headers_list, build_signing_string, ALGORITHM_FIELD, CREATED, CREATED_FIELD,
|
||||||
|
EXPIRES_FIELD, HEADERS_FIELD, KEY_ID_FIELD, SIGNATURE_FIELD,
|
||||||
|
};
|
||||||
|
|
||||||
|
pub struct Unvalidated {
|
||||||
|
pub(crate) key_id: String,
|
||||||
|
pub(crate) signature: String,
|
||||||
|
pub(crate) algorithm: Option<Algorithm>,
|
||||||
|
pub(crate) created: Option<DateTime<Utc>>,
|
||||||
|
pub(crate) expires: Option<DateTime<Utc>>,
|
||||||
|
pub(crate) parsed_at: DateTime<Utc>,
|
||||||
|
pub(crate) signing_string: String,
|
||||||
|
}
|
||||||
|
|
||||||
|
pub struct ParsedHeader {
|
||||||
|
signature: String,
|
||||||
|
key_id: String,
|
||||||
|
headers: Vec<String>,
|
||||||
|
algorithm: Option<Algorithm>,
|
||||||
|
created: Option<DateTime<Utc>>,
|
||||||
|
expires: Option<DateTime<Utc>>,
|
||||||
|
parsed_at: DateTime<Utc>,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(Clone, Copy, Debug)]
|
||||||
|
pub enum DeprecatedAlgorithm {
|
||||||
|
HmacSha1,
|
||||||
|
HmacSha256,
|
||||||
|
HmacSha384,
|
||||||
|
HmacSha512,
|
||||||
|
RsaSha1,
|
||||||
|
RsaSha256,
|
||||||
|
RsaSha384,
|
||||||
|
RsaSha512,
|
||||||
|
EcdsaSha1,
|
||||||
|
EcdsaSha256,
|
||||||
|
EcdsaSha384,
|
||||||
|
EcdsaSha512,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(Clone, Debug)]
|
||||||
|
pub enum Algorithm {
|
||||||
|
Hs2019,
|
||||||
|
Deprecated(DeprecatedAlgorithm),
|
||||||
|
Unknown(String),
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(Clone, Debug)]
|
||||||
|
pub enum ValidateError {
|
||||||
|
Expired,
|
||||||
|
Decode,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(Clone, Debug)]
|
||||||
|
pub struct ParseSignatureError(&'static str);
|
||||||
|
|
||||||
|
impl Unvalidated {
|
||||||
|
pub fn key_id(&self) -> &str {
|
||||||
|
&self.key_id
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn algorithm(&self) -> Option<&Algorithm> {
|
||||||
|
self.algorithm.as_ref()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl ParsedHeader {
|
||||||
|
pub fn to_unvalidated(
|
||||||
|
self,
|
||||||
|
method: Method,
|
||||||
|
path_and_query: &PathAndQuery,
|
||||||
|
headers: &HeaderMap,
|
||||||
|
) -> Result<Unvalidated, ToStrError> {
|
||||||
|
let (_, mut btm) = build_headers_list(headers)?;
|
||||||
|
|
||||||
|
let signing_string = build_signing_string(
|
||||||
|
method,
|
||||||
|
path_and_query,
|
||||||
|
self.created,
|
||||||
|
self.expires,
|
||||||
|
&self.headers,
|
||||||
|
&mut btm,
|
||||||
|
);
|
||||||
|
|
||||||
|
Ok(Unvalidated {
|
||||||
|
key_id: self.key_id,
|
||||||
|
signature: self.signature,
|
||||||
|
parsed_at: self.parsed_at,
|
||||||
|
algorithm: self.algorithm,
|
||||||
|
created: self.created,
|
||||||
|
expires: self.expires,
|
||||||
|
signing_string,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl FromStr for ParsedHeader {
|
||||||
|
type Err = ParseSignatureError;
|
||||||
|
|
||||||
|
fn from_str(s: &str) -> Result<Self, Self::Err> {
|
||||||
|
let s = s.trim_start_matches("Signature").trim();
|
||||||
|
let mut hm: HashMap<String, String> = s
|
||||||
|
.split(',')
|
||||||
|
.filter_map(|part| {
|
||||||
|
let mut i = part.splitn(2, "=");
|
||||||
|
|
||||||
|
if let Some(key) = i.next() {
|
||||||
|
if let Some(value) = i.next() {
|
||||||
|
return Some((key.to_owned(), value.to_owned()));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
None
|
||||||
|
})
|
||||||
|
.collect();
|
||||||
|
|
||||||
|
Ok(ParsedHeader {
|
||||||
|
signature: hm
|
||||||
|
.remove(SIGNATURE_FIELD)
|
||||||
|
.ok_or(ParseSignatureError(SIGNATURE_FIELD))?,
|
||||||
|
key_id: hm
|
||||||
|
.remove(KEY_ID_FIELD)
|
||||||
|
.ok_or(ParseSignatureError(KEY_ID_FIELD))?,
|
||||||
|
headers: hm
|
||||||
|
.remove(HEADERS_FIELD)
|
||||||
|
.map(|h| h.split_whitespace().map(|s| s.to_owned()).collect())
|
||||||
|
.unwrap_or_else(|| vec![CREATED.to_owned()]),
|
||||||
|
algorithm: hm.remove(ALGORITHM_FIELD).map(Algorithm::from),
|
||||||
|
created: parse_time(&mut hm, CREATED_FIELD)?,
|
||||||
|
expires: parse_time(&mut hm, EXPIRES_FIELD)?,
|
||||||
|
parsed_at: Utc::now(),
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
fn parse_time(
|
||||||
|
hm: &mut HashMap<String, String>,
|
||||||
|
key: &'static str,
|
||||||
|
) -> Result<Option<DateTime<Utc>>, ParseSignatureError> {
|
||||||
|
let r = hm.remove(key).map(|s| {
|
||||||
|
Utc.datetime_from_str(&s, "%s")
|
||||||
|
.map_err(|_| ParseSignatureError(key))
|
||||||
|
});
|
||||||
|
|
||||||
|
match r {
|
||||||
|
Some(Ok(t)) => Ok(Some(t)),
|
||||||
|
Some(Err(e)) => Err(e),
|
||||||
|
None => Ok(None),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl From<DeprecatedAlgorithm> for Algorithm {
|
||||||
|
fn from(d: DeprecatedAlgorithm) -> Algorithm {
|
||||||
|
Algorithm::Deprecated(d)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl From<String> for Algorithm {
|
||||||
|
fn from(s: String) -> Self {
|
||||||
|
Algorithm::from(s.as_str())
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl From<&str> for Algorithm {
|
||||||
|
fn from(s: &str) -> Self {
|
||||||
|
match s {
|
||||||
|
"hmac-sha1" => DeprecatedAlgorithm::HmacSha1.into(),
|
||||||
|
"hmac-sha256" => DeprecatedAlgorithm::HmacSha256.into(),
|
||||||
|
"hmac-sha384" => DeprecatedAlgorithm::HmacSha384.into(),
|
||||||
|
"hmac-sha512" => DeprecatedAlgorithm::HmacSha512.into(),
|
||||||
|
"rsa-sha1" => DeprecatedAlgorithm::RsaSha1.into(),
|
||||||
|
"rsa-sha256" => DeprecatedAlgorithm::RsaSha256.into(),
|
||||||
|
"rsa-sha384" => DeprecatedAlgorithm::RsaSha384.into(),
|
||||||
|
"rsa-sha512" => DeprecatedAlgorithm::RsaSha512.into(),
|
||||||
|
"ecdsa-sha1" => DeprecatedAlgorithm::EcdsaSha1.into(),
|
||||||
|
"ecdsa-sha256" => DeprecatedAlgorithm::EcdsaSha256.into(),
|
||||||
|
"ecdsa-sha384" => DeprecatedAlgorithm::EcdsaSha384.into(),
|
||||||
|
"ecdsa-sha512" => DeprecatedAlgorithm::EcdsaSha512.into(),
|
||||||
|
"hs2019" => Algorithm::Hs2019,
|
||||||
|
other => Algorithm::Unknown(other.into()),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl fmt::Display for ValidateError {
|
||||||
|
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
|
||||||
|
match *self {
|
||||||
|
ValidateError::Expired => write!(f, "Http Signature is expired"),
|
||||||
|
ValidateError::Decode => write!(f, "Http Signature could not be decoded"),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl fmt::Display for ParseSignatureError {
|
||||||
|
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
|
||||||
|
write!(f, "Error when parsing {} from Http Signature", self.0)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl Error for ValidateError {
|
||||||
|
fn description(&self) -> &'static str {
|
||||||
|
match *self {
|
||||||
|
ValidateError::Expired => "Http Signature is expired",
|
||||||
|
ValidateError::Decode => "Http Signature could not be decoded",
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl Error for ParseSignatureError {
|
||||||
|
fn description(&self) -> &'static str {
|
||||||
|
"There was an error parsing the Http Signature"
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue