forgejo/routers/api/v1/activitypub/reqsignature.go
Michael Jerger 6f501b1fdf
Some checks are pending
/ release (push) Waiting to run
testing-integration / test-unit (push) Waiting to run
testing-integration / test-sqlite (push) Waiting to run
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
Improved signature handling & instance actor (#8275)
This PR is part of https://codeberg.org/forgejo/forgejo/pulls/4767

It improves the signature handling:
1. move logic to a service (might be used from other services as well)
2. make a clear difference between ` ReqHTTPUserSignature` and `ReqHTTPUserOrInstanceSignature`
3. improve test ability (activitypub/client & distant_federation_server_mock

Adjust instance actor
1. name &
2. webfinger

## Strategy for next PRs is

Integration tests are in the driving seat.

I will step by step add integration tests form original PR and add code required by the integration test changes.

## Meta

Proposal howto process large PRs can be discussed here: https://codeberg.org/forgejo-contrib/federation/pulls/37

Current state with rendered diagrams can be found here: https://codeberg.org/meissa/federation/src/branch/merge-large-pr/doc/merge-large-pr.md

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8275
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Co-committed-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
2025-07-01 19:49:00 +02:00

94 lines
2.6 KiB
Go

// Copyright 2022 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package activitypub
import (
"net/http"
"forgejo.org/modules/log"
"forgejo.org/modules/setting"
gitea_context "forgejo.org/services/context"
"forgejo.org/services/federation"
"github.com/42wim/httpsig"
)
func verifyHTTPUserOrInstanceSignature(ctx *gitea_context.APIContext) (authenticated bool, err error) {
if !setting.Federation.SignatureEnforced {
return true, nil
}
r := ctx.Req
// 1. Figure out what key we need to verify
v, err := httpsig.NewVerifier(r)
if err != nil {
return false, err
}
signatureAlgorithm := httpsig.Algorithm(setting.Federation.SignatureAlgorithms[0])
pubKey, err := federation.FindOrCreateFederatedUserKey(ctx.Base, v.KeyId())
if err != nil || pubKey == nil {
pubKey, err = federation.FindOrCreateFederationHostKey(ctx.Base, v.KeyId())
if err != nil {
return false, err
}
}
err = v.Verify(pubKey, signatureAlgorithm)
if err != nil {
return false, err
}
return true, nil
}
func verifyHTTPUserSignature(ctx *gitea_context.APIContext) (authenticated bool, err error) {
if !setting.Federation.SignatureEnforced {
return true, nil
}
r := ctx.Req
// 1. Figure out what key we need to verify
v, err := httpsig.NewVerifier(r)
if err != nil {
return false, err
}
signatureAlgorithm := httpsig.Algorithm(setting.Federation.SignatureAlgorithms[0])
pubKey, err := federation.FindOrCreateFederatedUserKey(ctx.Base, v.KeyId())
if err != nil {
return false, err
}
err = v.Verify(pubKey, signatureAlgorithm)
if err != nil {
return false, err
}
return true, nil
}
// ReqHTTPSignature function
func ReqHTTPUserOrInstanceSignature() func(ctx *gitea_context.APIContext) {
return func(ctx *gitea_context.APIContext) {
if authenticated, err := verifyHTTPUserOrInstanceSignature(ctx); err != nil {
log.Warn("verifyHttpSignatures failed: %v", err)
ctx.Error(http.StatusBadRequest, "reqSignature", "request signature verification failed")
} else if !authenticated {
ctx.Error(http.StatusForbidden, "reqSignature", "request signature verification failed")
}
}
}
// ReqHTTPSignature function
func ReqHTTPUserSignature() func(ctx *gitea_context.APIContext) {
return func(ctx *gitea_context.APIContext) {
if authenticated, err := verifyHTTPUserSignature(ctx); err != nil {
log.Warn("verifyHttpSignatures failed: %v", err)
ctx.Error(http.StatusBadRequest, "reqSignature", "request signature verification failed")
} else if !authenticated {
ctx.Error(http.StatusForbidden, "reqSignature", "request signature verification failed")
}
}
}