summaryrefslogtreecommitdiffstats
path: root/core
diff options
context:
space:
mode:
authorAndrew Godwin2022-11-06 13:48:04 -0700
committerAndrew Godwin2022-11-06 13:48:04 -0700
commitdbe57075d386d7474bafc208b654507d9a2d769e (patch)
tree96b779d17753669f42b7569ec4ec66834b0673f4 /core
parent8aec395331a1e9ec4ef1ea38aa20b8517131133b (diff)
downloadtakahe-dbe57075d386d7474bafc208b654507d9a2d769e.tar.gz
takahe-dbe57075d386d7474bafc208b654507d9a2d769e.tar.bz2
takahe-dbe57075d386d7474bafc208b654507d9a2d769e.zip
Rework to a domains model for better vhosting
Diffstat (limited to 'core')
-rw-r--r--core/context.py4
-rw-r--r--core/ld.py11
-rw-r--r--core/signatures.py48
3 files changed, 60 insertions, 3 deletions
diff --git a/core/context.py b/core/context.py
index 38a268c..026ac11 100644
--- a/core/context.py
+++ b/core/context.py
@@ -2,4 +2,6 @@ from django.conf import settings
def config_context(request):
- return {"config": {"site_name": settings.SITE_NAME}}
+ return {
+ "config": {"site_name": settings.SITE_NAME},
+ }
diff --git a/core/ld.py b/core/ld.py
index 38e436a..28ff65a 100644
--- a/core/ld.py
+++ b/core/ld.py
@@ -252,7 +252,7 @@ def builtin_document_loader(url: str, options={}):
)
-def canonicalise(json_data):
+def canonicalise(json_data, include_security=False):
"""
Given an ActivityPub JSON-LD document, round-trips it through the LD
systems to end up in a canonicalised, compacted format.
@@ -264,5 +264,12 @@ def canonicalise(json_data):
raise ValueError("Pass decoded JSON data into LDDocument")
return jsonld.compact(
jsonld.expand(json_data),
- ["https://www.w3.org/ns/activitystreams", "https://w3id.org/security/v1"],
+ (
+ [
+ "https://www.w3.org/ns/activitystreams",
+ "https://w3id.org/security/v1",
+ ]
+ if include_security
+ else "https://www.w3.org/ns/activitystreams"
+ ),
)
diff --git a/core/signatures.py b/core/signatures.py
new file mode 100644
index 0000000..bcacb68
--- /dev/null
+++ b/core/signatures.py
@@ -0,0 +1,48 @@
+import base64
+from typing import Any, Dict, List
+
+from cryptography.hazmat.primitives import hashes
+from django.http import HttpRequest
+
+
+class HttpSignature:
+ """
+ Allows for calculation and verification of HTTP signatures
+ """
+
+ @classmethod
+ def calculate_digest(cls, data, algorithm="sha-256") -> str:
+ """
+ Calculates the digest header value for a given HTTP body
+ """
+ if algorithm == "sha-256":
+ digest = hashes.Hash(hashes.SHA256())
+ digest.update(data)
+ return "SHA-256=" + base64.b64encode(digest.finalize()).decode("ascii")
+ else:
+ raise ValueError(f"Unknown digest algorithm {algorithm}")
+
+ @classmethod
+ def headers_from_request(cls, request: HttpRequest, header_names: List[str]) -> str:
+ """
+ Creates the to-be-signed header payload from a Django request"""
+ headers = {}
+ for header_name in header_names:
+ if header_name == "(request-target)":
+ value = f"post {request.path}"
+ elif header_name == "content-type":
+ value = request.META["CONTENT_TYPE"]
+ else:
+ value = request.META[f"HTTP_{header_name.upper()}"]
+ headers[header_name] = value
+ return "\n".join(f"{name.lower()}: {value}" for name, value in headers.items())
+
+ @classmethod
+ def parse_signature(cls, signature) -> Dict[str, Any]:
+ signature_details = {}
+ for item in signature.split(","):
+ name, value = item.split("=", 1)
+ value = value.strip('"')
+ signature_details[name.lower()] = value
+ signature_details["headers"] = signature_details["headers"].split()
+ return signature_details