Change terminology to be the same as in Mastodon documentation: 'secure mode' rather than 'authorized fetch'

merge-requests/30/head
Bob Mottram 2021-09-08 12:46:13 +01:00
parent 619d7d5aa0
commit dd9a02ad2b
2 changed files with 26 additions and 26 deletions

View File

@ -594,10 +594,10 @@ class PubServer(BaseHTTPRequestHandler):
return False
return True
def _authorizedFetch(self) -> bool:
def _secureMode(self) -> bool:
"""http authentication of GET requests for json
"""
if not self.server.authorizedFetch:
if not self.server.secureMode:
return True
signature = None
@ -609,7 +609,7 @@ class PubServer(BaseHTTPRequestHandler):
# check that the headers are signed
if not signature:
if self.server.debug:
print('WARN: authorized fetch, ' +
print('AUTH: secure mode, ' +
'GET has no signature in headers')
return False
@ -623,7 +623,7 @@ class PubServer(BaseHTTPRequestHandler):
break
if not keyId:
if self.server.debug:
print('WARN: authorized fetch, ' +
print('AUTH: secure mode, ' +
'failed to obtain keyId from signature')
return False
@ -634,8 +634,7 @@ class PubServer(BaseHTTPRequestHandler):
# is the keyId (actor) valid?
if not urlPermitted(keyId, self.server.federationList):
if self.server.debug:
print('Authorized fetch failed: ' + keyId +
' is not permitted')
print('AUTH: Secure mode GET request not permitted: ' + keyId)
return False
# make sure we have a session
@ -644,7 +643,7 @@ class PubServer(BaseHTTPRequestHandler):
self.server.session = createSession(self.server.proxyType)
if not self.server.session:
print('ERROR: GET failed to create session during ' +
'authorized fetch')
'secure mode')
return False
# obtain the public key
@ -656,7 +655,7 @@ class PubServer(BaseHTTPRequestHandler):
self.server.signingPrivateKeyPem)
if not pubKey:
if self.server.debug:
print('DEBUG: Authorized fetch failed to ' +
print('AUTH: secure mode failed to ' +
'obtain public key for ' + keyId)
return False
@ -666,7 +665,7 @@ class PubServer(BaseHTTPRequestHandler):
return True
if self.server.debug:
print('Authorized fetch failed for ' + keyId)
print('AUTH: secure mode authorization failed for ' + keyId)
return False
def _login_headers(self, fileFormat: str, length: int,
@ -8164,7 +8163,7 @@ class PubServer(BaseHTTPRequestHandler):
cookie, callingDomain, False)
self._write(msg)
else:
if self._authorizedFetch():
if self._secureMode():
msg = json.dumps(repliesJson, ensure_ascii=False)
msg = msg.encode('utf-8')
protocolStr = 'application/json'
@ -8258,7 +8257,7 @@ class PubServer(BaseHTTPRequestHandler):
'individual post done',
'post replies done')
else:
if self._authorizedFetch():
if self._secureMode():
msg = json.dumps(repliesJson,
ensure_ascii=False)
msg = msg.encode('utf-8')
@ -8361,7 +8360,7 @@ class PubServer(BaseHTTPRequestHandler):
'post replies done',
'show roles')
else:
if self._authorizedFetch():
if self._secureMode():
rolesList = getActorRolesList(actorJson)
msg = json.dumps(rolesList,
ensure_ascii=False)
@ -8469,7 +8468,7 @@ class PubServer(BaseHTTPRequestHandler):
'post roles done',
'show skills')
else:
if self._authorizedFetch():
if self._secureMode():
actorSkillsList = \
getOccupationSkills(actorJson)
skills = getSkillsFromList(actorSkillsList)
@ -8605,7 +8604,7 @@ class PubServer(BaseHTTPRequestHandler):
'done',
'show status')
else:
if self._authorizedFetch():
if self._secureMode():
msg = json.dumps(postJsonObject,
ensure_ascii=False)
msg = msg.encode('utf-8')
@ -10079,7 +10078,7 @@ class PubServer(BaseHTTPRequestHandler):
'show events done',
'show outbox')
else:
if self._authorizedFetch():
if self._secureMode():
msg = json.dumps(outboxFeed,
ensure_ascii=False)
msg = msg.encode('utf-8')
@ -10323,7 +10322,7 @@ class PubServer(BaseHTTPRequestHandler):
self.server.GETbusy = False
return True
else:
if self._authorizedFetch():
if self._secureMode():
msg = json.dumps(shares,
ensure_ascii=False)
msg = msg.encode('utf-8')
@ -10440,7 +10439,7 @@ class PubServer(BaseHTTPRequestHandler):
'show profile 3')
return True
else:
if self._authorizedFetch():
if self._secureMode():
msg = json.dumps(following,
ensure_ascii=False).encode('utf-8')
msglen = len(msg)
@ -10557,7 +10556,7 @@ class PubServer(BaseHTTPRequestHandler):
'show profile 4')
return True
else:
if self._authorizedFetch():
if self._secureMode():
msg = json.dumps(followers,
ensure_ascii=False).encode('utf-8')
msglen = len(msg)
@ -10693,7 +10692,7 @@ class PubServer(BaseHTTPRequestHandler):
'show profile 4 done',
'show profile posts')
else:
if self._authorizedFetch():
if self._secureMode():
acceptStr = self.headers['Accept']
msgStr = json.dumps(actorJson, ensure_ascii=False)
msg = msgStr.encode('utf-8')
@ -14286,7 +14285,7 @@ class PubServer(BaseHTTPRequestHandler):
self.server.GETbusy = False
return
if not self._authorizedFetch():
if not self._secureMode():
if self.server.debug:
print('WARN: Unauthorized GET')
self._404()
@ -16289,7 +16288,7 @@ def runDaemon(lowBandwidth: bool,
httpPrefix: str = 'https',
fedList: [] = [],
maxMentions: int = 10, maxEmoji: int = 10,
authorizedFetch: bool = False,
secureMode: bool = False,
proxyType: str = None, maxReplies: int = 64,
domainMaxPostsPerDay: int = 8640,
accountMaxPostsPerDay: int = 864,
@ -16510,7 +16509,7 @@ def runDaemon(lowBandwidth: bool,
httpd.outboxThread = {}
httpd.newPostThread = {}
httpd.projectVersion = projectVersion
httpd.authorizedFetch = authorizedFetch
httpd.secureMode = secureMode
# max POST size of 30M
httpd.maxPostLength = 1024 * 1024 * 30
httpd.maxMediaSize = httpd.maxPostLength

View File

@ -407,10 +407,11 @@ parser.add_argument("--debug", type=str2bool, nargs='?',
parser.add_argument("--notificationSounds", type=str2bool, nargs='?',
const=True, default=True,
help="Play notification sounds")
parser.add_argument("--authorizedFetch", type=str2bool, nargs='?',
parser.add_argument("--secureMode", type=str2bool, nargs='?',
const=True, default=False,
help="Enable authorization on GET requests" +
" for json (authorized fetch)")
help="Requires all GET requests to be signed, " +
"so that the sender can be identifies and " +
"blocked if neccessary")
parser.add_argument("--instanceOnlySkillsSearch", type=str2bool, nargs='?',
const=True, default=False,
help="Skills searches only return " +
@ -2993,7 +2994,7 @@ if __name__ == "__main__":
args.YTReplacementDomain,
port, proxyPort, httpPrefix,
federationList, args.maxMentions,
args.maxEmoji, args.authorizedFetch,
args.maxEmoji, args.secureMode,
proxyType, args.maxReplies,
args.domainMaxPostsPerDay,
args.accountMaxPostsPerDay,