1
0
Fork 0
peertube/server/middlewares/validators/activitypub/signature.ts
Chocobozzz 41f2ebae4f
Add HTTP signature check before linked signature
It's faster, and will allow us to use RSA signature 2018 (with upstream
jsonld-signature module) without too much incompatibilities in the
peertube federation
2018-10-19 12:26:37 +02:00

38 lines
1.3 KiB
TypeScript

import * as express from 'express'
import { body } from 'express-validator/check'
import {
isSignatureCreatorValid, isSignatureTypeValid,
isSignatureValueValid
} from '../../../helpers/custom-validators/activitypub/signature'
import { isDateValid } from '../../../helpers/custom-validators/misc'
import { logger } from '../../../helpers/logger'
import { areValidationErrors } from '../utils'
const signatureValidator = [
body('signature.type')
.optional()
.custom(isSignatureTypeValid).withMessage('Should have a valid signature type'),
body('signature.created')
.optional()
.custom(isDateValid).withMessage('Should have a valid signature created date'),
body('signature.creator')
.optional()
.custom(isSignatureCreatorValid).withMessage('Should have a valid signature creator'),
body('signature.signatureValue')
.optional()
.custom(isSignatureValueValid).withMessage('Should have a valid signature value'),
(req: express.Request, res: express.Response, next: express.NextFunction) => {
logger.debug('Checking activitypub signature parameter', { parameters: { signature: req.body.signature } })
if (areValidationErrors(req, res)) return
return next()
}
]
// ---------------------------------------------------------------------------
export {
signatureValidator
}