fixes some of the signing test issues

2020-11-30 19:53:42 -08:00 · 2020-11-30 19:53:42 -08:00 · 1610d81ce6
parent fee5846aa8
commit 1610d81ce6
3 changed files with 14 additions and 9 deletions
--- a/bookwyrm/incoming.py
+++ b/bookwyrm/incoming.py
@ -96,6 +96,8 @@ def has_valid_signature(request, activity):
            raise ValueError("Wrong actor created signature.")

        remote_user = activitypub.resolve_remote_id(models.User, key_actor)
+        if not remote_user:
+            return False

        try:
            signature.verify(remote_user.key_pair.public_key, request)
--- a/bookwyrm/signatures.py
+++ b/bookwyrm/signatures.py
@ -31,7 +31,7 @@ def make_signature(sender, destination, date, digest):
        'digest: %s' % digest,
    ]
    message_to_sign = '\n'.join(signature_headers)
-    signer = pkcs1_15.new(RSA.import_key(sender.private_key))
+    signer = pkcs1_15.new(RSA.import_key(sender.key_pair.private_key))
    signed_message = signer.sign(SHA256.new(message_to_sign.encode('utf8')))
    signature = {
        'keyId': '%s#main-key' % sender.remote_id,
--- a/bookwyrm/tests/test_signing.py
+++ b/bookwyrm/tests/test_signing.py
@ -25,20 +25,23 @@ def get_follow_data(follower, followee):
    ).serialize()
    return json.dumps(follow_activity)

-Sender = namedtuple('Sender', ('remote_id', 'private_key', 'public_key'))
+KeyPair = namedtuple('KeyPair', ('private_key', 'public_key'))
+Sender = namedtuple('Sender', ('remote_id', 'key_pair'))

 class Signature(TestCase):
    def setUp(self):
-        self.mouse = User.objects.create_user('mouse', 'mouse@example.com', '')
-        self.rat = User.objects.create_user('rat', 'rat@example.com', '')
-        self.cat = User.objects.create_user('cat', 'cat@example.com', '')
+        self.mouse = User.objects.create_user(
+            'mouse', 'mouse@example.com', '', local=True)
+        self.rat = User.objects.create_user(
+            'rat', 'rat@example.com', '', local=True)
+        self.cat = User.objects.create_user(
+            'cat', 'cat@example.com', '', local=True)

        private_key, public_key = create_key_pair()

        self.fake_remote = Sender(
            'http://localhost/user/remote',
-            private_key,
-            public_key,
+            KeyPair(private_key, public_key)
        )

    def send(self, signature, now, data, digest):
@ -89,7 +92,7 @@ class Signature(TestCase):
        datafile = pathlib.Path(__file__).parent.joinpath('data/ap_user.json')
        data = json.loads(datafile.read_bytes())
        data['id'] = self.fake_remote.remote_id
-        data['publicKey']['publicKeyPem'] = self.fake_remote.public_key
+        data['publicKey']['publicKeyPem'] = self.fake_remote.key_pair.public_key
        del data['icon'] # Avoid having to return an avatar.
        responses.add(
            responses.GET,
@ -116,7 +119,7 @@ class Signature(TestCase):
        datafile = pathlib.Path(__file__).parent.joinpath('data/ap_user.json')
        data = json.loads(datafile.read_bytes())
        data['id'] = self.fake_remote.remote_id
-        data['publicKey']['publicKeyPem'] = self.fake_remote.public_key
+        data['publicKey']['publicKeyPem'] = self.fake_remote.key_pair.public_key
        del data['icon'] # Avoid having to return an avatar.
        responses.add(
            responses.GET,