Sign the header for returned actors

2021-01-21 15:37:03 +00:00 · 2021-01-21 15:37:03 +00:00 · 3d5aad4aa7
parent 83ede4e43e
commit 3d5aad4aa7
2 changed files with 23 additions and 6 deletions
--- a/daemon.py
+++ b/daemon.py
@ -10,6 +10,7 @@ from http.server import BaseHTTPRequestHandler, ThreadingHTTPServer, HTTPServer
 import sys
 import json
 import time
+from time import gmtime, strftime
 import locale
 import urllib.parse
 import datetime
@ -65,6 +66,7 @@ from person import removeAccount
 from person import canRemovePost
 from person import personSnooze
 from person import personUnsnooze
+from posts import getPersonKey
 from posts import isModerator
 from posts import mutePost
 from posts import unmutePost
@ -221,6 +223,7 @@ from media import removeMetaData
 from cache import storePersonInCache
 from cache import getPersonFromCache
 from httpsig import verifyPostHeaders
+from httpsig import signPostHeaders
 from theme import setNewsAvatar
 from theme import setTheme
 from theme import getTheme
@ -9065,13 +9068,27 @@ class PubServer(BaseHTTPRequestHandler):
                                      'show profile posts')
        else:
            if self._fetchAuthenticated():
-                if atPath:
-                    print('@ detected actor ' + str(actorJson))
                msg = json.dumps(actorJson,
                                 ensure_ascii=False).encode('utf-8')
                msglen = len(msg)
                self._set_headers('application/json', msglen,
                                  None, callingDomain)
+                nickname = path.split('/users/')[1]
+                if '/' in nickname:
+                    nickname = nickname.split('/')[0]
+                privateKeyPem = \
+                    getPersonKey(nickname, domain, baseDir, 'private', debug)
+                if len(privateKeyPem) > 0:
+                    dateStr = strftime("%a, %d %b %Y %H:%M:%S %Z", gmtime())
+                    boxpath = '/inbox'
+                    signatureHeader = \
+                        signPostHeaders(dateStr, privateKeyPem, nickname,
+                                        domain, port,
+                                        callingDomain, 443,
+                                        boxpath, httpPrefix, None)
+                    self.headers['signature'] = signatureHeader
+                if atPath:
+                    print('@ detected actor ' + str(actorJson))
                self._write(msg)
            else:
                self._404()
--- a/posts.py
+++ b/posts.py
@ -118,8 +118,8 @@ def noOfFollowersOnDomain(baseDir: str, handle: str,
    return ctr


-def _getPersonKey(nickname: str, domain: str, baseDir: str, keyType='public',
-                  debug=False):
+def getPersonKey(nickname: str, domain: str, baseDir: str, keyType='public',
+                 debug=False):
    """Returns the public or private key of a person
    """
    handle = nickname + '@' + domain
@ -1837,7 +1837,7 @@ def sendPost(projectVersion: str,
                        None, None, None, None, None)

    # get the senders private key
-    privateKeyPem = _getPersonKey(nickname, domain, baseDir, 'private')
+    privateKeyPem = getPersonKey(nickname, domain, baseDir, 'private')
    if len(privateKeyPem) == 0:
        return 6

@ -2159,7 +2159,7 @@ def sendSignedJson(postJsonObject: {}, session, baseDir: str,
    # sharedInbox is optional

    # get the senders private key
-    privateKeyPem = _getPersonKey(nickname, domain, baseDir, 'private', debug)
+    privateKeyPem = getPersonKey(nickname, domain, baseDir, 'private', debug)
    if len(privateKeyPem) == 0:
        if debug:
            print('DEBUG: Private key not found for ' +