fix: keyidを修正

This commit is contained in:
usbharu 2023-03-31 12:59:19 +09:00
parent 53daf87ecf
commit aa50e1075e
1 changed files with 13 additions and 16 deletions

View File

@ -2,7 +2,6 @@ package dev.usbharu.hideout.plugins
import dev.usbharu.hideout.ap.JsonLd import dev.usbharu.hideout.ap.JsonLd
import dev.usbharu.hideout.config.Config import dev.usbharu.hideout.config.Config
import dev.usbharu.hideout.repository.IUserAuthRepository
import dev.usbharu.hideout.service.IUserAuthService import dev.usbharu.hideout.service.IUserAuthService
import dev.usbharu.hideout.service.UserAuthService import dev.usbharu.hideout.service.UserAuthService
import dev.usbharu.hideout.util.HttpUtil.Activity import dev.usbharu.hideout.util.HttpUtil.Activity
@ -14,19 +13,13 @@ import io.ktor.http.*
import io.ktor.server.application.* import io.ktor.server.application.*
import io.ktor.server.response.* import io.ktor.server.response.*
import io.ktor.util.* import io.ktor.util.*
import io.netty.handler.codec.base64.Base64
import kotlinx.coroutines.runBlocking import kotlinx.coroutines.runBlocking
import org.koin.java.KoinJavaComponent.inject
import org.koin.ktor.ext.inject
import tech.barbero.http.message.signing.HttpMessage import tech.barbero.http.message.signing.HttpMessage
import tech.barbero.http.message.signing.HttpMessageSigner import tech.barbero.http.message.signing.HttpMessageSigner
import tech.barbero.http.message.signing.HttpRequest import tech.barbero.http.message.signing.HttpRequest
import tech.barbero.http.message.signing.KeyMap import tech.barbero.http.message.signing.KeyMap
import java.net.URI import java.net.URI
import java.security.KeyFactory import java.security.KeyFactory
import java.security.KeyPairGenerator
import java.security.MessageDigest
import java.security.PrivateKey import java.security.PrivateKey
import java.security.PublicKey import java.security.PublicKey
import java.security.spec.X509EncodedKeySpec import java.security.spec.X509EncodedKeySpec
@ -40,11 +33,11 @@ suspend fun <T : JsonLd> ApplicationCall.respondAp(message: T, status: HttpStatu
respondText(activityJson, ContentType.Application.Activity, status) respondText(activityJson, ContentType.Application.Activity, status)
} }
suspend fun HttpClient.postAp(urlString: String,username:String,jsonLd: JsonLd): HttpResponse { suspend fun HttpClient.postAp(urlString: String, username: String, jsonLd: JsonLd): HttpResponse {
return this.post(urlString){ return this.post(urlString) {
header("Accept", ContentType.Application.Activity) header("Accept", ContentType.Application.Activity)
header("Content-Type", ContentType.Application.Activity) header("Content-Type", ContentType.Application.Activity)
header("Signature","keyId=\"$username\",algorithm=\"rsa-sha256\",headers=\"(request-target) digest date\"") header("Signature", "keyId=\"$username\",algorithm=\"rsa-sha256\",headers=\"(request-target) digest date\"")
val text = Config.configData.objectMapper.writeValueAsString(jsonLd) val text = Config.configData.objectMapper.writeValueAsString(jsonLd)
setBody(text) setBody(text)
} }
@ -54,7 +47,7 @@ class HttpSignaturePluginConfig {
lateinit var keyMap: KeyMap lateinit var keyMap: KeyMap
} }
val httpSignaturePlugin = createClientPlugin("HttpSign",::HttpSignaturePluginConfig) { val httpSignaturePlugin = createClientPlugin("HttpSign", ::HttpSignaturePluginConfig) {
val keyMap = pluginConfig.keyMap val keyMap = pluginConfig.keyMap
val format = SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss zzz", Locale.US) val format = SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss zzz", Locale.US)
onRequest { request, body -> onRequest { request, body ->
@ -113,7 +106,7 @@ val httpSignaturePlugin = createClientPlugin("HttpSign",::HttpSignaturePluginCon
} }
} }
val builder = HttpMessageSigner.builder().algorithm(algorithmType).keyId("${Config.configData.url}/users/$keyId/pubkey").keyMap(keyMap) val builder = HttpMessageSigner.builder().algorithm(algorithmType).keyId(keyId).keyMap(keyMap)
var tmp = builder var tmp = builder
headers.forEach { headers.forEach {
tmp = tmp.addHeaderToSign(it) tmp = tmp.addHeaderToSign(it)
@ -122,13 +115,13 @@ val httpSignaturePlugin = createClientPlugin("HttpSign",::HttpSignaturePluginCon
request.headers.remove("Signature") request.headers.remove("Signature")
signer!!.sign(object : HttpMessage,HttpRequest { signer!!.sign(object : HttpMessage, HttpRequest {
override fun headerValues(name: String?): MutableList<String> { override fun headerValues(name: String?): MutableList<String> {
return name?.let { request.headers.getAll(it) }?.toMutableList() ?: mutableListOf() return name?.let { request.headers.getAll(it) }?.toMutableList() ?: mutableListOf()
} }
override fun addHeader(name: String?, value: String?) { override fun addHeader(name: String?, value: String?) {
name?.let { request.header(it,value) } name?.let { request.header(it, value) }
} }
override fun method(): String { override fun method(): String {
@ -149,9 +142,11 @@ val httpSignaturePlugin = createClientPlugin("HttpSign",::HttpSignaturePluginCon
class KtorKeyMap(private val userAuthRepository: IUserAuthService) : KeyMap { class KtorKeyMap(private val userAuthRepository: IUserAuthService) : KeyMap {
override fun getPublicKey(keyId: String?): PublicKey = runBlocking { override fun getPublicKey(keyId: String?): PublicKey = runBlocking {
val username = (keyId ?: throw IllegalArgumentException("keyId is null")).substringBeforeLast("/pubkey")
.substringAfterLast("/")
val publicBytes = java.util.Base64.getDecoder().decode( val publicBytes = java.util.Base64.getDecoder().decode(
userAuthRepository.findByUsername( userAuthRepository.findByUsername(
(keyId ?: throw IllegalArgumentException("keyId is null")) username
).publicKey ).publicKey
) )
val x509EncodedKeySpec = X509EncodedKeySpec(publicBytes) val x509EncodedKeySpec = X509EncodedKeySpec(publicBytes)
@ -159,9 +154,11 @@ class KtorKeyMap(private val userAuthRepository: IUserAuthService) : KeyMap {
} }
override fun getPrivateKey(keyId: String?): PrivateKey = runBlocking { override fun getPrivateKey(keyId: String?): PrivateKey = runBlocking {
val username = (keyId ?: throw IllegalArgumentException("keyId is null")).substringBeforeLast("/pubkey")
.substringAfterLast("/")
val publicBytes = java.util.Base64.getDecoder().decode( val publicBytes = java.util.Base64.getDecoder().decode(
userAuthRepository.findByUsername( userAuthRepository.findByUsername(
(keyId ?: throw IllegalArgumentException("keyId is null")) username
).privateKey ).privateKey
) )
val x509EncodedKeySpec = X509EncodedKeySpec(publicBytes) val x509EncodedKeySpec = X509EncodedKeySpec(publicBytes)