diff --git a/src/main/kotlin/dev/usbharu/hideout/config/SecurityConfig.kt b/src/main/kotlin/dev/usbharu/hideout/config/SecurityConfig.kt index 8d069735..2f5b4f59 100644 --- a/src/main/kotlin/dev/usbharu/hideout/config/SecurityConfig.kt +++ b/src/main/kotlin/dev/usbharu/hideout/config/SecurityConfig.kt @@ -59,7 +59,6 @@ import java.security.interfaces.RSAPrivateKey import java.security.interfaces.RSAPublicKey import java.util.* - @EnableWebSecurity(debug = false) @Configuration @Suppress("FunctionMaxLength", "TooManyFunctions") @@ -76,7 +75,6 @@ class SecurityConfig { @Order(1) fun httpSignatureFilterChain(http: HttpSecurity, httpSignatureFilter: HttpSignatureFilter): SecurityFilterChain { http - .securityMatcher("/inbox", "/outbox", "/users/*/inbox", "/users/*/outbox", "/users/*/posts/*") .addFilter(httpSignatureFilter) .addFilterBefore( @@ -121,13 +119,16 @@ class SecurityConfig { val provider = PreAuthenticatedAuthenticationProvider() provider.setPreAuthenticatedUserDetailsService( HttpSignatureUserDetailsService( - userQueryService, HttpSignatureVerifierComposite( + userQueryService, + HttpSignatureVerifierComposite( mapOf( "rsa-sha256" to RsaSha256HttpSignatureVerifier( DefaultSignatureHeaderParser(), RsaSha256HttpSignatureSigner() ) - ), DefaultSignatureHeaderParser() - ), transaction + ), + DefaultSignatureHeaderParser() + ), + transaction ) ) provider.setUserDetailsChecker(AccountStatusUserDetailsChecker()) @@ -252,5 +253,7 @@ class SecurityConfig { @ConfigurationProperties("hideout.security.jwt") @ConditionalOnProperty(name = ["hideout.security.jwt.generate"], havingValue = "") data class JwkConfig( - val keyId: String, val publicKey: String, val privateKey: String + val keyId: String, + val publicKey: String, + val privateKey: String ) diff --git a/src/main/kotlin/dev/usbharu/hideout/controller/NoteApControllerImpl.kt b/src/main/kotlin/dev/usbharu/hideout/controller/NoteApControllerImpl.kt index 76bd6d63..36e27859 100644 --- a/src/main/kotlin/dev/usbharu/hideout/controller/NoteApControllerImpl.kt +++ b/src/main/kotlin/dev/usbharu/hideout/controller/NoteApControllerImpl.kt @@ -13,9 +13,9 @@ import org.springframework.web.bind.annotation.RestController @RestController class NoteApControllerImpl(private val noteApApiService: NoteApApiService) : NoteApController { override suspend fun postsAp( - @PathVariable(value = "postId") postId: Long, @CurrentSecurityContext context: SecurityContext + @PathVariable(value = "postId") postId: Long, + @CurrentSecurityContext context: SecurityContext ): ResponseEntity { - val userId = if (context.authentication is PreAuthenticatedAuthenticationToken && context.authentication.details is HttpSignatureUser) { (context.authentication.details as HttpSignatureUser).id diff --git a/src/main/kotlin/dev/usbharu/hideout/query/activitypub/NoteQueryServiceImpl.kt b/src/main/kotlin/dev/usbharu/hideout/query/activitypub/NoteQueryServiceImpl.kt index 1ee6d038..4978b9f4 100644 --- a/src/main/kotlin/dev/usbharu/hideout/query/activitypub/NoteQueryServiceImpl.kt +++ b/src/main/kotlin/dev/usbharu/hideout/query/activitypub/NoteQueryServiceImpl.kt @@ -20,7 +20,6 @@ class NoteQueryServiceImpl : NoteQueryService { .select { Posts.id eq id } .singleOr { FailedToGetResourcesException("id $id is duplicate or does not exist.") } .let { it.toNote() to it.toPost() } - } private fun ResultRow.toNote(): Note { diff --git a/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureFilter.kt b/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureFilter.kt index 8708efe8..07c2b7b1 100644 --- a/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureFilter.kt +++ b/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureFilter.kt @@ -21,7 +21,6 @@ class HttpSignatureFilter(private val httpSignatureHeaderParser: SignatureHeader } catch (e: IllegalArgumentException) { return null } catch (e: RuntimeException) { - return "" } return signature.keyId diff --git a/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUser.kt b/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUser.kt index ad1b1859..cb6160ee 100644 --- a/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUser.kt +++ b/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUser.kt @@ -21,7 +21,6 @@ class HttpSignatureUser( authorities ) { - override fun equals(other: Any?): Boolean { if (this === other) return true if (other !is HttpSignatureUser) return false diff --git a/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUserDetailsService.kt b/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUserDetailsService.kt index a0ccdd36..0f58350c 100644 --- a/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUserDetailsService.kt +++ b/src/main/kotlin/dev/usbharu/hideout/service/signature/HttpSignatureUserDetailsService.kt @@ -24,7 +24,6 @@ class HttpSignatureUserDetailsService( ) : AuthenticationUserDetailsService { override fun loadUserDetails(token: PreAuthenticatedAuthenticationToken): UserDetails = runBlocking { - if (token.principal !is String) { throw IllegalStateException("Token is not String") } @@ -41,7 +40,6 @@ class HttpSignatureUserDetailsService( } } - val verify = try { httpSignatureVerifier.verify( token.credentials as HttpRequest, @@ -64,7 +62,6 @@ class HttpSignatureUserDetailsService( accountNonLocked = true, authorities = mutableListOf() ) - } companion object {