THE FOLLOWS, THEY WORK

Well, in one direction anyway
author: Andrew Godwin 2022-11-07 00:19:00 -0700
committer: Andrew Godwin 2022-11-07 00:19:00 -0700
commit: c391e7bc4151ae148d42acd8bbe303338cdde31c (patch)
tree: d2b79043a63b52ec4692469eab596d831d396b9a /core
parent: fb6c409a9af5b8a686e977ee2251c359071e0ec3 (diff)
download: takahe-c391e7bc4151ae148d42acd8bbe303338cdde31c.tar.gz
takahe-c391e7bc4151ae148d42acd8bbe303338cdde31c.tar.bz2
takahe-c391e7bc4151ae148d42acd8bbe303338cdde31c.zip
2 files changed, 14 insertions, 1 deletions
diff --git a/core/middleware.py b/core/middleware.py
new file mode 100644
index 0000000..8e95f06
--- /dev/null
+++ b/core/middleware.py
@@ -0,0 +1,13 @@
+class AlwaysSecureMiddleware:
+    """
+    Locks the request object as always being secure, for when it's behind
+    a HTTPS reverse proxy.
+    """
+
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        request.__class__.scheme = "https"
+        response = self.get_response(request)
+        return response
diff --git a/core/signatures.py b/core/signatures.py
index 6f4d9ef..805ae91 100644
--- a/core/signatures.py
+++ b/core/signatures.py
@@ -96,7 +96,7 @@ class HttpSignature:
         )
         headers["Signature"] = self.compile_signature(
             {
-                "keyid": identity.urls.key.full(),  # type:ignore
+                "keyid": identity.key_id,
                 "headers": list(headers.keys()),
                 "signature": identity.sign(signed_string),
                 "algorithm": "rsa-sha256",
author	Andrew Godwin	2022-11-07 00:19:00 -0700
committer	Andrew Godwin	2022-11-07 00:19:00 -0700
commit	c391e7bc4151ae148d42acd8bbe303338cdde31c (patch)
tree	d2b79043a63b52ec4692469eab596d831d396b9a /core
parent	fb6c409a9af5b8a686e977ee2251c359071e0ec3 (diff)
download	takahe-c391e7bc4151ae148d42acd8bbe303338cdde31c.tar.gz takahe-c391e7bc4151ae148d42acd8bbe303338cdde31c.tar.bz2 takahe-c391e7bc4151ae148d42acd8bbe303338cdde31c.zip