usbharu
/
Hideout
mirror of https://github.com/usbharu/Hideout.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Apply suggestions from code review 

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This commit is contained in:
usbharu 2023-10-21 15:18:53 +09:00 committed by GitHub
parent 59c6fc06c8
commit 915bf69f06
6 changed files with 11 additions and 14 deletions

15
src/main/kotlin/dev/usbharu/hideout/config/SecurityConfig.kt
View File

@ -59,7 +59,6 @@ import java.security.interfaces.RSAPrivateKey
import java.security.interfaces.RSAPublicKey import java.security.interfaces.RSAPublicKey
import java.util.* import java.util.*
@EnableWebSecurity(debug = false) @EnableWebSecurity(debug = false)
@Configuration @Configuration
@Suppress("FunctionMaxLength", "TooManyFunctions") @Suppress("FunctionMaxLength", "TooManyFunctions")
@ -76,7 +75,6 @@ class SecurityConfig {
@Order(1) @Order(1)
fun httpSignatureFilterChain(http: HttpSecurity, httpSignatureFilter: HttpSignatureFilter): SecurityFilterChain { fun httpSignatureFilterChain(http: HttpSecurity, httpSignatureFilter: HttpSignatureFilter): SecurityFilterChain {
http http
.securityMatcher("/inbox", "/outbox", "/users/*/inbox", "/users/*/outbox", "/users/*/posts/*") .securityMatcher("/inbox", "/outbox", "/users/*/inbox", "/users/*/outbox", "/users/*/posts/*")
.addFilter(httpSignatureFilter) .addFilter(httpSignatureFilter)
.addFilterBefore( .addFilterBefore(
@ -121,13 +119,16 @@ class SecurityConfig {
val provider = PreAuthenticatedAuthenticationProvider() val provider = PreAuthenticatedAuthenticationProvider()
provider.setPreAuthenticatedUserDetailsService( provider.setPreAuthenticatedUserDetailsService(
HttpSignatureUserDetailsService( HttpSignatureUserDetailsService(
userQueryService, HttpSignatureVerifierComposite( userQueryService,
HttpSignatureVerifierComposite(
mapOf( mapOf(
"rsa-sha256" to RsaSha256HttpSignatureVerifier( "rsa-sha256" to RsaSha256HttpSignatureVerifier(
DefaultSignatureHeaderParser(), RsaSha256HttpSignatureSigner() DefaultSignatureHeaderParser(), RsaSha256HttpSignatureSigner()
) )
), DefaultSignatureHeaderParser() ),
), transaction DefaultSignatureHeaderParser()
),
transaction
) )
) )
provider.setUserDetailsChecker(AccountStatusUserDetailsChecker()) provider.setUserDetailsChecker(AccountStatusUserDetailsChecker())
@ -252,5 +253,7 @@ class SecurityConfig {
@ConfigurationProperties("hideout.security.jwt") @ConfigurationProperties("hideout.security.jwt")
@ConditionalOnProperty(name = ["hideout.security.jwt.generate"], havingValue = "") @ConditionalOnProperty(name = ["hideout.security.jwt.generate"], havingValue = "")
data class JwkConfig( data class JwkConfig(
val keyId: String, val publicKey: String, val privateKey: String val keyId: String,
val publicKey: String,
val privateKey: String
) )

4
src/main/kotlin/dev/usbharu/hideout/controller/NoteApControllerImpl.kt
View File

@ -13,9 +13,9 @@ import org.springframework.web.bind.annotation.RestController
@RestController @RestController
class NoteApControllerImpl(private val noteApApiService: NoteApApiService) : NoteApController { class NoteApControllerImpl(private val noteApApiService: NoteApApiService) : NoteApController {
override suspend fun postsAp( override suspend fun postsAp(
@PathVariable(value = "postId") postId: Long, @CurrentSecurityContext context: SecurityContext @PathVariable(value = "postId") postId: Long,
@CurrentSecurityContext context: SecurityContext
): ResponseEntity<Note> { ): ResponseEntity<Note> {
val userId = val userId =
if (context.authentication is PreAuthenticatedAuthenticationToken && context.authentication.details is HttpSignatureUser) { if (context.authentication is PreAuthenticatedAuthenticationToken && context.authentication.details is HttpSignatureUser) {
(context.authentication.details as HttpSignatureUser).id (context.authentication.details as HttpSignatureUser).id

1
src/main/kotlin/dev/usbharu/hideout/query/activitypub/NoteQueryServiceImpl.kt
View File

@ -20,7 +20,6 @@ class NoteQueryServiceImpl : NoteQueryService {
.select { Posts.id eq id } .select { Posts.id eq id }
.singleOr { FailedToGetResourcesException("id $id is duplicate or does not exist.") } .singleOr { FailedToGetResourcesException("id $id is duplicate or does not exist.") }
.let { it.toNote() to it.toPost() } .let { it.toNote() to it.toPost() }
} }
private fun ResultRow.toNote(): Note { private fun ResultRow.toNote(): Note {

1
src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureFilter.kt
View File

@ -21,7 +21,6 @@ class HttpSignatureFilter(private val httpSignatureHeaderParser: SignatureHeader
} catch (e: IllegalArgumentException) { } catch (e: IllegalArgumentException) {
return null return null
} catch (e: RuntimeException) { } catch (e: RuntimeException) {
return "" return ""
} }
return signature.keyId return signature.keyId

1
src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUser.kt
View File

@ -21,7 +21,6 @@ class HttpSignatureUser(
authorities authorities
) { ) {
override fun equals(other: Any?): Boolean { override fun equals(other: Any?): Boolean {
if (this === other) return true if (this === other) return true
if (other !is HttpSignatureUser) return false if (other !is HttpSignatureUser) return false

3
src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUserDetailsService.kt
View File

@ -24,7 +24,6 @@ class HttpSignatureUserDetailsService(
) : ) :
AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> { AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> {
override fun loadUserDetails(token: PreAuthenticatedAuthenticationToken): UserDetails = runBlocking { override fun loadUserDetails(token: PreAuthenticatedAuthenticationToken): UserDetails = runBlocking {
if (token.principal !is String) { if (token.principal !is String) {
throw IllegalStateException("Token is not String") throw IllegalStateException("Token is not String")
} }
@ -41,7 +40,6 @@ class HttpSignatureUserDetailsService(
} }
} }
val verify = try { val verify = try {
httpSignatureVerifier.verify( httpSignatureVerifier.verify(
token.credentials as HttpRequest, token.credentials as HttpRequest,
@ -64,7 +62,6 @@ class HttpSignatureUserDetailsService(
accountNonLocked = true, accountNonLocked = true,
authorities = mutableListOf() authorities = mutableListOf()
) )
} }
companion object { companion object {