diff options
Diffstat (limited to 'app/lib')
-rw-r--r-- | app/lib/activitypub/activity/update.rb | 2 | ||||
-rw-r--r-- | app/lib/activitypub/linked_data_signature.rb | 5 | ||||
-rw-r--r-- | app/lib/request.rb | 5 |
3 files changed, 7 insertions, 5 deletions
diff --git a/app/lib/activitypub/activity/update.rb b/app/lib/activitypub/activity/update.rb index aa5907f03..6eebc3b5c 100644 --- a/app/lib/activitypub/activity/update.rb +++ b/app/lib/activitypub/activity/update.rb @@ -11,6 +11,6 @@ class ActivityPub::Activity::Update < ActivityPub::Activity def update_account return if @account.uri != object_uri - ActivityPub::ProcessAccountService.new.call(@account.username, @account.domain, @object) + ActivityPub::ProcessAccountService.new.call(@account.username, @account.domain, @object, signed_with_known_key: true) end end diff --git a/app/lib/activitypub/linked_data_signature.rb b/app/lib/activitypub/linked_data_signature.rb index 16142a6ff..f52a8f406 100644 --- a/app/lib/activitypub/linked_data_signature.rb +++ b/app/lib/activitypub/linked_data_signature.rb @@ -32,7 +32,7 @@ class ActivityPub::LinkedDataSignature end end - def sign!(creator) + def sign!(creator, sign_with: nil) options = { 'type' => 'RsaSignature2017', 'creator' => [ActivityPub::TagManager.instance.uri_for(creator), '#main-key'].join, @@ -42,8 +42,9 @@ class ActivityPub::LinkedDataSignature options_hash = hash(options.without('type', 'id', 'signatureValue').merge('@context' => CONTEXT)) document_hash = hash(@json.without('signature')) to_be_signed = options_hash + document_hash + keypair = sign_with.present? ? OpenSSL::PKey::RSA.new(sign_with) : creator.keypair - signature = Base64.strict_encode64(creator.keypair.sign(OpenSSL::Digest::SHA256.new, to_be_signed)) + signature = Base64.strict_encode64(keypair.sign(OpenSSL::Digest::SHA256.new, to_be_signed)) @json.merge('signature' => options.merge('signatureValue' => signature)) end diff --git a/app/lib/request.rb b/app/lib/request.rb index 576ed23ca..21bdaa700 100644 --- a/app/lib/request.rb +++ b/app/lib/request.rb @@ -22,10 +22,11 @@ class Request set_digest! if options.key?(:body) end - def on_behalf_of(account, key_id_format = :acct) + def on_behalf_of(account, key_id_format = :acct, sign_with: nil) raise ArgumentError unless account.local? @account = account + @keypair = sign_with.present? ? OpenSSL::PKey::RSA.new(sign_with) : @account.keypair @key_id_format = key_id_format self @@ -70,7 +71,7 @@ class Request def signature algorithm = 'rsa-sha256' - signature = Base64.strict_encode64(@account.keypair.sign(OpenSSL::Digest::SHA256.new, signed_string)) + signature = Base64.strict_encode64(@keypair.sign(OpenSSL::Digest::SHA256.new, signed_string)) "keyId=\"#{key_id}\",algorithm=\"#{algorithm}\",headers=\"#{signed_headers}\",signature=\"#{signature}\"" end |