Add HTTP signature keyId to request log (#11591)

author: Eugen Rochko <eugen@zeonfederated.com> 2019-08-18 18:03:56 +0200
committer: GitHub <noreply@github.com> 2019-08-18 18:03:56 +0200
commit: 1bc077dc740fcaa284588fff43e71da659090980 (patch)
tree: 4d3469dc82d57f9e45eb14666958c485dc00fbfc /app/controllers/concerns
parent: 2b4e2616eab746e4b13f77fef404165b972168ad (diff)
1 files changed, 14 insertions, 1 deletions
diff --git a/app/controllers/concerns/signature_verification.rb b/app/controllers/concerns/signature_verification.rb
index 7b251cf80..ce353f1de 100644
--- a/app/controllers/concerns/signature_verification.rb
+++ b/app/controllers/concerns/signature_verification.rb
@@ -23,6 +23,19 @@ module SignatureVerification
     @signature_verification_failure_code || 401
   end
 
+  def signature_key_id
+    raw_signature    = request.headers['Signature']
+    signature_params = {}
+
+    raw_signature.split(',').each do |part|
+      parsed_parts = part.match(/([a-z]+)="([^"]+)"/i)
+      next if parsed_parts.nil? || parsed_parts.size != 3
+      signature_params[parsed_parts[1]] = parsed_parts[2]
+    end
+
+    signature_params['keyId']
+  end
+
   def signed_request_account
     return @signed_request_account if defined?(@signed_request_account)
 
@@ -154,7 +167,7 @@ module SignatureVerification
       .with_fallback { nil }
       .with_threshold(1)
       .with_cool_off_time(5.minutes.seconds)
-      .with_error_handler { |error, handle| error.is_a?(HTTP::Error) ? handle.call(error) : raise(error) }
+      .with_error_handler { |error, handle| error.is_a?(HTTP::Error) || error.is_a?(OpenSSL::SSL::SSLError) ? handle.call(error) : raise(error) }
       .run
   end
author	Eugen Rochko <eugen@zeonfederated.com>	2019-08-18 18:03:56 +0200
committer	GitHub <noreply@github.com>	2019-08-18 18:03:56 +0200
commit	1bc077dc740fcaa284588fff43e71da659090980 (patch)
tree	4d3469dc82d57f9e45eb14666958c485dc00fbfc /app/controllers/concerns
parent	2b4e2616eab746e4b13f77fef404165b972168ad (diff)