mirror of https://github.com/usbharu/Hideout.git
fix: keyidを修正
This commit is contained in:
parent
53daf87ecf
commit
aa50e1075e
|
@ -2,7 +2,6 @@ package dev.usbharu.hideout.plugins
|
||||||
|
|
||||||
import dev.usbharu.hideout.ap.JsonLd
|
import dev.usbharu.hideout.ap.JsonLd
|
||||||
import dev.usbharu.hideout.config.Config
|
import dev.usbharu.hideout.config.Config
|
||||||
import dev.usbharu.hideout.repository.IUserAuthRepository
|
|
||||||
import dev.usbharu.hideout.service.IUserAuthService
|
import dev.usbharu.hideout.service.IUserAuthService
|
||||||
import dev.usbharu.hideout.service.UserAuthService
|
import dev.usbharu.hideout.service.UserAuthService
|
||||||
import dev.usbharu.hideout.util.HttpUtil.Activity
|
import dev.usbharu.hideout.util.HttpUtil.Activity
|
||||||
|
@ -14,19 +13,13 @@ import io.ktor.http.*
|
||||||
import io.ktor.server.application.*
|
import io.ktor.server.application.*
|
||||||
import io.ktor.server.response.*
|
import io.ktor.server.response.*
|
||||||
import io.ktor.util.*
|
import io.ktor.util.*
|
||||||
import io.netty.handler.codec.base64.Base64
|
|
||||||
import kotlinx.coroutines.runBlocking
|
import kotlinx.coroutines.runBlocking
|
||||||
import org.koin.java.KoinJavaComponent.inject
|
|
||||||
|
|
||||||
import org.koin.ktor.ext.inject
|
|
||||||
import tech.barbero.http.message.signing.HttpMessage
|
import tech.barbero.http.message.signing.HttpMessage
|
||||||
import tech.barbero.http.message.signing.HttpMessageSigner
|
import tech.barbero.http.message.signing.HttpMessageSigner
|
||||||
import tech.barbero.http.message.signing.HttpRequest
|
import tech.barbero.http.message.signing.HttpRequest
|
||||||
import tech.barbero.http.message.signing.KeyMap
|
import tech.barbero.http.message.signing.KeyMap
|
||||||
import java.net.URI
|
import java.net.URI
|
||||||
import java.security.KeyFactory
|
import java.security.KeyFactory
|
||||||
import java.security.KeyPairGenerator
|
|
||||||
import java.security.MessageDigest
|
|
||||||
import java.security.PrivateKey
|
import java.security.PrivateKey
|
||||||
import java.security.PublicKey
|
import java.security.PublicKey
|
||||||
import java.security.spec.X509EncodedKeySpec
|
import java.security.spec.X509EncodedKeySpec
|
||||||
|
@ -40,11 +33,11 @@ suspend fun <T : JsonLd> ApplicationCall.respondAp(message: T, status: HttpStatu
|
||||||
respondText(activityJson, ContentType.Application.Activity, status)
|
respondText(activityJson, ContentType.Application.Activity, status)
|
||||||
}
|
}
|
||||||
|
|
||||||
suspend fun HttpClient.postAp(urlString: String,username:String,jsonLd: JsonLd): HttpResponse {
|
suspend fun HttpClient.postAp(urlString: String, username: String, jsonLd: JsonLd): HttpResponse {
|
||||||
return this.post(urlString){
|
return this.post(urlString) {
|
||||||
header("Accept", ContentType.Application.Activity)
|
header("Accept", ContentType.Application.Activity)
|
||||||
header("Content-Type", ContentType.Application.Activity)
|
header("Content-Type", ContentType.Application.Activity)
|
||||||
header("Signature","keyId=\"$username\",algorithm=\"rsa-sha256\",headers=\"(request-target) digest date\"")
|
header("Signature", "keyId=\"$username\",algorithm=\"rsa-sha256\",headers=\"(request-target) digest date\"")
|
||||||
val text = Config.configData.objectMapper.writeValueAsString(jsonLd)
|
val text = Config.configData.objectMapper.writeValueAsString(jsonLd)
|
||||||
setBody(text)
|
setBody(text)
|
||||||
}
|
}
|
||||||
|
@ -54,7 +47,7 @@ class HttpSignaturePluginConfig {
|
||||||
lateinit var keyMap: KeyMap
|
lateinit var keyMap: KeyMap
|
||||||
}
|
}
|
||||||
|
|
||||||
val httpSignaturePlugin = createClientPlugin("HttpSign",::HttpSignaturePluginConfig) {
|
val httpSignaturePlugin = createClientPlugin("HttpSign", ::HttpSignaturePluginConfig) {
|
||||||
val keyMap = pluginConfig.keyMap
|
val keyMap = pluginConfig.keyMap
|
||||||
val format = SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss zzz", Locale.US)
|
val format = SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss zzz", Locale.US)
|
||||||
onRequest { request, body ->
|
onRequest { request, body ->
|
||||||
|
@ -113,7 +106,7 @@ val httpSignaturePlugin = createClientPlugin("HttpSign",::HttpSignaturePluginCon
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
val builder = HttpMessageSigner.builder().algorithm(algorithmType).keyId("${Config.configData.url}/users/$keyId/pubkey").keyMap(keyMap)
|
val builder = HttpMessageSigner.builder().algorithm(algorithmType).keyId(keyId).keyMap(keyMap)
|
||||||
var tmp = builder
|
var tmp = builder
|
||||||
headers.forEach {
|
headers.forEach {
|
||||||
tmp = tmp.addHeaderToSign(it)
|
tmp = tmp.addHeaderToSign(it)
|
||||||
|
@ -122,13 +115,13 @@ val httpSignaturePlugin = createClientPlugin("HttpSign",::HttpSignaturePluginCon
|
||||||
|
|
||||||
request.headers.remove("Signature")
|
request.headers.remove("Signature")
|
||||||
|
|
||||||
signer!!.sign(object : HttpMessage,HttpRequest {
|
signer!!.sign(object : HttpMessage, HttpRequest {
|
||||||
override fun headerValues(name: String?): MutableList<String> {
|
override fun headerValues(name: String?): MutableList<String> {
|
||||||
return name?.let { request.headers.getAll(it) }?.toMutableList() ?: mutableListOf()
|
return name?.let { request.headers.getAll(it) }?.toMutableList() ?: mutableListOf()
|
||||||
}
|
}
|
||||||
|
|
||||||
override fun addHeader(name: String?, value: String?) {
|
override fun addHeader(name: String?, value: String?) {
|
||||||
name?.let { request.header(it,value) }
|
name?.let { request.header(it, value) }
|
||||||
}
|
}
|
||||||
|
|
||||||
override fun method(): String {
|
override fun method(): String {
|
||||||
|
@ -149,9 +142,11 @@ val httpSignaturePlugin = createClientPlugin("HttpSign",::HttpSignaturePluginCon
|
||||||
|
|
||||||
class KtorKeyMap(private val userAuthRepository: IUserAuthService) : KeyMap {
|
class KtorKeyMap(private val userAuthRepository: IUserAuthService) : KeyMap {
|
||||||
override fun getPublicKey(keyId: String?): PublicKey = runBlocking {
|
override fun getPublicKey(keyId: String?): PublicKey = runBlocking {
|
||||||
|
val username = (keyId ?: throw IllegalArgumentException("keyId is null")).substringBeforeLast("/pubkey")
|
||||||
|
.substringAfterLast("/")
|
||||||
val publicBytes = java.util.Base64.getDecoder().decode(
|
val publicBytes = java.util.Base64.getDecoder().decode(
|
||||||
userAuthRepository.findByUsername(
|
userAuthRepository.findByUsername(
|
||||||
(keyId ?: throw IllegalArgumentException("keyId is null"))
|
username
|
||||||
).publicKey
|
).publicKey
|
||||||
)
|
)
|
||||||
val x509EncodedKeySpec = X509EncodedKeySpec(publicBytes)
|
val x509EncodedKeySpec = X509EncodedKeySpec(publicBytes)
|
||||||
|
@ -159,9 +154,11 @@ class KtorKeyMap(private val userAuthRepository: IUserAuthService) : KeyMap {
|
||||||
}
|
}
|
||||||
|
|
||||||
override fun getPrivateKey(keyId: String?): PrivateKey = runBlocking {
|
override fun getPrivateKey(keyId: String?): PrivateKey = runBlocking {
|
||||||
|
val username = (keyId ?: throw IllegalArgumentException("keyId is null")).substringBeforeLast("/pubkey")
|
||||||
|
.substringAfterLast("/")
|
||||||
val publicBytes = java.util.Base64.getDecoder().decode(
|
val publicBytes = java.util.Base64.getDecoder().decode(
|
||||||
userAuthRepository.findByUsername(
|
userAuthRepository.findByUsername(
|
||||||
(keyId ?: throw IllegalArgumentException("keyId is null"))
|
username
|
||||||
).privateKey
|
).privateKey
|
||||||
)
|
)
|
||||||
val x509EncodedKeySpec = X509EncodedKeySpec(publicBytes)
|
val x509EncodedKeySpec = X509EncodedKeySpec(publicBytes)
|
||||||
|
|
Loading…
Reference in New Issue