From 20b5805e9aebdc66c24de147468c9e1ad50f27d4 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 14 Sep 2021 23:03:26 +0100 Subject: [PATCH] Set accept type for signed header --- httpsig.py | 7 ++++--- posts.py | 6 ++++-- session.py | 5 ++++- tests.py | 2 +- 4 files changed, 13 insertions(+), 7 deletions(-) diff --git a/httpsig.py b/httpsig.py index ce88ee2b3..e6c887716 100644 --- a/httpsig.py +++ b/httpsig.py @@ -202,15 +202,17 @@ def createSignedHeader(dateStr: str, privateKeyPem: str, nickname: str, domain: str, port: int, toDomain: str, toPort: int, path: str, httpPrefix: str, withDigest: bool, - messageBodyJsonStr: str) -> {}: + messageBodyJsonStr: str, + contentType: str) -> {}: """Note that the domain is the destination, not the sender """ headerDomain = getFullDomain(toDomain, toPort) if not dateStr: dateStr = strftime("%a, %d %b %Y %H:%M:%S %Z", gmtime()) - if not withDigest: + if not contentType: contentType = 'application/activity+json' + if not withDigest: headers = { '(request-target)': f'get {path}', 'host': headerDomain, @@ -222,7 +224,6 @@ def createSignedHeader(dateStr: str, privateKeyPem: str, nickname: str, domain, port, toDomain, toPort, path, httpPrefix, None) else: - contentType = 'application/activity+json' bodyDigest = messageContentDigest(messageBodyJsonStr) contentLength = len(messageBodyJsonStr) headers = { diff --git a/posts.py b/posts.py index 7f213c259..b819174cc 100644 --- a/posts.py +++ b/posts.py @@ -2244,7 +2244,8 @@ def sendPost(signingPrivateKeyPem: str, projectVersion: str, signatureHeaderJson = \ createSignedHeader(None, privateKeyPem, nickname, domain, port, toDomain, toPort, - postPath, httpPrefix, withDigest, postJsonStr) + postPath, httpPrefix, withDigest, postJsonStr, + None) # if the "to" domain is within the shared items # federation list then send the token for this domain @@ -2603,7 +2604,8 @@ def sendSignedJson(postJsonObject: {}, session, baseDir: str, signatureHeaderJson = \ createSignedHeader(None, privateKeyPem, nickname, domain, port, toDomain, toPort, - postPath, httpPrefix, withDigest, postJsonStr) + postPath, httpPrefix, withDigest, postJsonStr, + None) # optionally add a token so that the receiving instance may access # your shared items catalog if sharedItemsToken: diff --git a/session.py b/session.py index b55b56b5e..8bbffdcea 100644 --- a/session.py +++ b/session.py @@ -179,10 +179,13 @@ def _getJsonSigned(session, url: str, domainFull: str, sessionHeaders: {}, path = '/' + url.split(toDomainFull + '/')[1] else: path = '/actor' + contentType = 'application/activity+json' + if sessionHeaders.get('Accept'): + contentType = sessionHeaders['Accept'] signatureHeaderJson = \ createSignedHeader(None, signingPrivateKeyPem, 'actor', domain, port, toDomain, toPort, path, httpPrefix, withDigest, - messageStr) + messageStr, contentType) if debug: print('Signed GET signatureHeaderJson ' + str(signatureHeaderJson)) # update the session headers from the signature headers diff --git a/tests.py b/tests.py index 5abee1f78..dec4d9dd9 100644 --- a/tests.py +++ b/tests.py @@ -354,7 +354,7 @@ def _testHttpSignedGET(): 'epicyon.libreserver.org', 443, host, 443, boxpath, httpPrefix, False, - None) + None, accept) signature = signatureHeader['signature'] print('')