Increase clock skew for HTTP signatures

2019-10-25 14:53:39 +02:00 · 2019-10-25 14:53:39 +02:00 · f67d757452
parent 4ce7eb71ba
commit f67d757452
2 changed files with 3 additions and 2 deletions
--- a/server/initializers/constants.ts
+++ b/server/initializers/constants.ts
@ -467,7 +467,8 @@ const ACTIVITY_PUB_ACTOR_TYPES: { [ id: string ]: ActivityPubActorType } = {
 const HTTP_SIGNATURE = {
  HEADER_NAME: 'signature',
  ALGORITHM: 'rsa-sha256',
-  HEADERS_TO_SIGN: [ '(request-target)', 'host', 'date', 'digest' ]
+  HEADERS_TO_SIGN: [ '(request-target)', 'host', 'date', 'digest' ],
+  CLOCK_SKEW_SECONDS: 1800
 }

 // ---------------------------------------------------------------------------
--- a/server/middlewares/activitypub.ts
+++ b/server/middlewares/activitypub.ts
@ -55,7 +55,7 @@ async function checkHttpSignature (req: Request, res: Response) {
  const sig = req.headers[HTTP_SIGNATURE.HEADER_NAME] as string
  if (sig && sig.startsWith('Signature ') === false) req.headers[HTTP_SIGNATURE.HEADER_NAME] = 'Signature ' + sig

-  const parsed = parseHTTPSignature(req)
+  const parsed = parseHTTPSignature(req, HTTP_SIGNATURE.CLOCK_SKEW_SECONDS)

  const keyId = parsed.keyId
  if (!keyId) {