Add more headers to broadcast/unicast

2018-10-10 08:51:58 +02:00 · 2018-10-10 08:51:58 +02:00 · 729bb18481
commit 729bb18481
parent 6321cbc3e7
4 changed files with 25 additions and 10 deletions
--- a/server/helpers/core-utils.ts
+++ b/server/helpers/core-utils.ts
@ -5,7 +5,7 @@
 import * as bcrypt from 'bcrypt'
 import * as createTorrent from 'create-torrent'
-import { createHash, pseudoRandomBytes } from 'crypto'
+import { createHash, HexBase64Latin1Encoding, pseudoRandomBytes } from 'crypto'
 import { isAbsolute, join } from 'path'
 import * as pem from 'pem'
 import { URL } from 'url'
@ -126,8 +126,8 @@ function peertubeTruncate (str: string, maxLength: number) {
  return truncate(str, options)
 }
-function sha256 (str: string) {
+function sha256 (str: string, encoding: HexBase64Latin1Encoding = 'hex') {
-  return createHash('sha256').update(str).digest('hex')
+  return createHash('sha256').update(str).digest(encoding)
 }
 function promisify0<A> (func: (cb: (err: any, result: A) => void) => void): () => Promise<A> {
--- a/server/lib/job-queue/handlers/activitypub-http-broadcast.ts
+++ b/server/lib/job-queue/handlers/activitypub-http-broadcast.ts
@ -3,7 +3,7 @@ import * as Bluebird from 'bluebird'
 import { logger } from '../../../helpers/logger'
 import { doRequest } from '../../../helpers/requests'
 import { ActorFollowModel } from '../../../models/activitypub/actor-follow'
-import { buildSignedRequestOptions, computeBody } from './utils/activitypub-http-utils'
+import { buildGlobalHeaders, buildSignedRequestOptions, computeBody } from './utils/activitypub-http-utils'
 import { BROADCAST_CONCURRENCY, JOB_REQUEST_TIMEOUT } from '../../../initializers'
 export type ActivitypubHttpBroadcastPayload = {
@ -25,7 +25,8 @@ async function processActivityPubHttpBroadcast (job: Bull.Job) {
    uri: '',
    json: body,
    httpSignature: httpSignatureOptions,
-    timeout: JOB_REQUEST_TIMEOUT
+    timeout: JOB_REQUEST_TIMEOUT,
    headers: buildGlobalHeaders(body)
  }
  const badUrls: string[] = []
--- a/server/lib/job-queue/handlers/activitypub-http-unicast.ts
+++ b/server/lib/job-queue/handlers/activitypub-http-unicast.ts
@ -2,7 +2,7 @@ import * as Bull from 'bull'
 import { logger } from '../../../helpers/logger'
 import { doRequest } from '../../../helpers/requests'
 import { ActorFollowModel } from '../../../models/activitypub/actor-follow'
-import { buildSignedRequestOptions, computeBody } from './utils/activitypub-http-utils'
+import { buildGlobalHeaders, buildSignedRequestOptions, computeBody } from './utils/activitypub-http-utils'
 import { JOB_REQUEST_TIMEOUT } from '../../../initializers'
 export type ActivitypubHttpUnicastPayload = {
@ -25,7 +25,8 @@ async function processActivityPubHttpUnicast (job: Bull.Job) {
    uri,
    json: body,
    httpSignature: httpSignatureOptions,
-    timeout: JOB_REQUEST_TIMEOUT
+    timeout: JOB_REQUEST_TIMEOUT,
    headers: buildGlobalHeaders(body)
  }
  try {
--- a/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts
+++ b/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts
@ -1,8 +1,11 @@
 import { buildSignedActivity } from '../../../../helpers/activitypub'
 import { getServerActor } from '../../../../helpers/utils'
 import { ActorModel } from '../../../../models/activitypub/actor'
 import { sha256 } from '../../../../helpers/core-utils'
-async function computeBody (payload: { body: any, signatureActorId?: number }) {
+type Payload = { body: any, signatureActorId?: number }
 async function computeBody (payload: Payload) {
  let body = payload.body
  if (payload.signatureActorId) {
@ -14,7 +17,7 @@ async function computeBody (payload: { body: any, signatureActorId?: number }) {
  return body
 }
-async function buildSignedRequestOptions (payload: { signatureActorId?: number }) {
+async function buildSignedRequestOptions (payload: Payload) {
  let actor: ActorModel | null
  if (payload.signatureActorId) {
    actor = await ActorModel.load(payload.signatureActorId)
@ -29,11 +32,21 @@ async function buildSignedRequestOptions (payload: { signatureActorId?: number }
    algorithm: 'rsa-sha256',
    authorizationHeaderName: 'Signature',
    keyId,
-    key: actor.privateKey
+    key: actor.privateKey,
    headers: [ 'date', 'host', 'digest', '(request-target)' ]
  }
 }
 function buildGlobalHeaders (body: object) {
  const digest = 'SHA-256=' + sha256(JSON.stringify(body), 'base64')
  return {
    'Digest': digest
  }
 }
 export {
  buildGlobalHeaders,
  computeBody,
  buildSignedRequestOptions
 }