refactor!: WD-4 signatures

2026-03-12 20:19:15 +01:00 · 2024-08-15 19:22:17 +02:00 · 2024-08-15 19:22:17 +02:00 · 93a61a8f29
commit 93a61a8f29
parent bb2e69e982
12 changed files with 175 additions and 305 deletions
--- a/internal/validators/val_impls/request_validator_impl.go
+++ b/internal/validators/val_impls/request_validator_impl.go
@ -44,13 +44,13 @@ func (i RequestValidatorImpl) Validate(ctx context.Context, r *http.Request) err

 	r = r.WithContext(ctx)

-	date, sigHeader, err := lysand.ExtractFederationHeaders(r.Header)
+	fedHeaders, err := lysand.ExtractFederationHeaders(r.Header)
 	if err != nil {
 		return err
 	}

 	// TODO: Fetch user from database instead of using the URI
-	user, err := i.repositories.Users().Resolve(ctx, lysand.URLFromStd(sigHeader.KeyID))
+	user, err := i.repositories.Users().Resolve(ctx, lysand.URLFromStd(fedHeaders.SignedBy))
 	if err != nil {
 		return err
 	}
@ -60,13 +60,13 @@ func (i RequestValidatorImpl) Validate(ctx context.Context, r *http.Request) err
 		return err
 	}

-	if !(lysand.Verifier{PublicKey: user.PublicKey}).Verify(r.Method, date, r.Host, r.URL.Path, body, sigHeader) {
-		i.log.Info("signature verification failed", "user", user.URI, "ur", r.URL.Path)
+	if !(lysand.Verifier{PublicKey: user.PublicKey}).Verify(r.Method, r.URL, body, fedHeaders) {
+		i.log.Info("signature verification failed", "user", user.URI, "url", r.URL.Path)
 		s.CaptureError(ErrInvalidSignature)

 		return ErrInvalidSignature
 	} else {
-		i.log.V(2).Info("signature verification succeeded", "user", user.URI, "ur", r.URL.Path)
+		i.log.V(2).Info("signature verification succeeded", "user", user.URI, "url", r.URL.Path)
 	}

 	return nil