diff --git a/src/main/kotlin/dev/usbharu/hideout/config/SecurityConfig.kt b/src/main/kotlin/dev/usbharu/hideout/config/SecurityConfig.kt index 6e5ef8b0..9d6196d8 100644 --- a/src/main/kotlin/dev/usbharu/hideout/config/SecurityConfig.kt +++ b/src/main/kotlin/dev/usbharu/hideout/config/SecurityConfig.kt @@ -84,7 +84,6 @@ class SecurityConfig { return http.build() } - @Bean fun getHttpSignatureFilter(authenticationManager: AuthenticationManager): HttpSignatureFilter { val httpSignatureFilter = HttpSignatureFilter(DefaultSignatureHeaderParser()) @@ -97,14 +96,17 @@ class SecurityConfig { val provider = PreAuthenticatedAuthenticationProvider() provider.setPreAuthenticatedUserDetailsService( HttpSignatureUserDetailsService( - userQueryService, HttpSignatureVerifierComposite( + userQueryService, + HttpSignatureVerifierComposite( mapOf( "rsa-sha256" to RsaSha256HttpSignatureVerifier( DefaultSignatureHeaderParser(), RsaSha256HttpSignatureSigner() ) - ), DefaultSignatureHeaderParser() - ), transaction + ), + DefaultSignatureHeaderParser() + ), + transaction ) ) provider.setUserDetailsChecker(AccountStatusUserDetailsChecker()) diff --git a/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureFilter.kt b/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureFilter.kt index 0094e812..2a7e15b8 100644 --- a/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureFilter.kt +++ b/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureFilter.kt @@ -11,13 +11,11 @@ import java.net.URL class HttpSignatureFilter(private val httpSignatureHeaderParser: SignatureHeaderParser) : AbstractPreAuthenticatedProcessingFilter() { override fun getPreAuthenticatedPrincipal(request: HttpServletRequest?): Any { - val headersList = request?.headerNames?.toList().orEmpty() val headers = headersList.associateWith { header -> request?.getHeaders(header)?.toList().orEmpty() } - val signature = httpSignatureHeaderParser.parse(HttpHeaders(headers)) return signature.keyId } @@ -45,5 +43,4 @@ class HttpSignatureFilter(private val httpSignatureHeaderParser: SignatureHeader method ) } - } diff --git a/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUser.kt b/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUser.kt index c710854f..d9c55816 100644 --- a/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUser.kt +++ b/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUser.kt @@ -23,5 +23,4 @@ class HttpSignatureUser( @Serial private const val serialVersionUID: Long = -3330552099960982997L } - } diff --git a/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUserDetailsService.kt b/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUserDetailsService.kt index 591cd26d..f86d7bfb 100644 --- a/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUserDetailsService.kt +++ b/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUserDetailsService.kt @@ -23,8 +23,6 @@ class HttpSignatureUserDetailsService( AuthenticationUserDetailsService { override fun loadUserDetails(token: PreAuthenticatedAuthenticationToken): UserDetails = runBlocking { transaction.transaction { - - if (token.principal !is String) { throw IllegalStateException("Token is not String") }