diff --git a/httpsig.py b/httpsig.py index 067c2ed25..c2b777c6c 100644 --- a/httpsig.py +++ b/httpsig.py @@ -309,6 +309,8 @@ def create_signed_header(date_str: str, private_key_pem: str, nickname: str, to_domain, to_port, path, http_prefix, message_body_json_str, content_type, algorithm, digest_algorithm) + if not signature_header: + return {} headers['signature'] = signature_header return headers diff --git a/posts.py b/posts.py index b5b1e592a..0fd78d693 100644 --- a/posts.py +++ b/posts.py @@ -2516,11 +2516,15 @@ def send_post(signing_priv_key_pem: str, project_version: str, to_domain, to_port, post_path, http_prefix, with_digest, post_json_str, 'application/activity+json') + if not signature_header_json: + return 8 signature_header_json_ld = \ create_signed_header(None, private_key_pem, nickname, domain, port, to_domain, to_port, post_path, http_prefix, with_digest, post_json_str, 'application/ld+json') + if not signature_header_json_ld: + return 9 # if the "to" domain is within the shared items # federation list then send the token for this domain @@ -2945,12 +2949,16 @@ def send_signed_json(post_json_object: {}, session, base_dir: str, post_path, http_prefix, with_digest, post_json_str, 'application/activity+json') + if not signature_header_json: + return 10 signature_header_json_ld = \ create_signed_header(None, private_key_pem, nickname, domain, port, to_domain, to_port, post_path, http_prefix, with_digest, post_json_str, 'application/ld+json') + if not signature_header_json_ld: + return 11 # optionally add a token so that the receiving instance may access # your shared items catalog if shared_items_token: diff --git a/session.py b/session.py index 78998fe35..9f0557fb9 100644 --- a/session.py +++ b/session.py @@ -200,6 +200,8 @@ def _get_json_signed(session, url: str, domain_full: str, session_headers: {}, create_signed_header(None, signing_priv_key_pem, 'actor', domain, port, to_domain, to_port, path, http_prefix, with_digest, message_str, content_type) + if not signature_header_json: + return {} if debug: print('Signed GET signature_header_json ' + str(signature_header_json)) # update the session headers from the signature headers diff --git a/tests.py b/tests.py index 86bc6501b..af0d0c3f9 100644 --- a/tests.py +++ b/tests.py @@ -316,6 +316,7 @@ def _test_http_signed_get(base_dir: str): host_domain, port, boxpath, http_prefix, False, None, accept) + assert signature_header headers['signature'] = signature_header['signature'] getreq_method = not with_digest @@ -520,6 +521,8 @@ def _test_http_sig_new(algorithm: str, digest_algorithm: str): domain, port, path_str, http_prefix, message_body_json_str, algorithm, digest_algorithm, debug) + assert signature_index_header + assert signature_header print('signature_index_header1: ' + str(signature_index_header)) print('signature_header1: ' + str(signature_header)) sig_input = "keyId=\"https://example.com/users/foo#main-key\"; " + \ @@ -623,6 +626,7 @@ def _test_httpsig_base(with_digest: bool, base_dir: str): boxpath, http_prefix, message_body_json_str, content_type, algorithm, digest_algorithm) + assert signature_header headers['signature'] = signature_header getreq_method = not with_digest debug = True @@ -6929,6 +6933,8 @@ def _test_httpsig_base_new(with_digest: bool, base_dir: str, boxpath, http_prefix, message_body_json_str, algorithm, digest_algorithm, debug) + assert signature_index_header + assert signature_header headers['signature'] = signature_header headers['signature-input'] = signature_index_header print('headers: ' + str(headers))