signed_request_helpers.rb 920 B

123456789101112131415161718192021
  1. # frozen_string_literal: true
  2. module SignedRequestHelpers
  3. def get(path, headers: nil, sign_with: nil, **args)
  4. return super(path, headers: headers, **args) if sign_with.nil?
  5. headers ||= {}
  6. headers['Date'] = Time.now.utc.httpdate
  7. headers['Host'] = Rails.configuration.x.local_domain
  8. signed_headers = headers.merge('(request-target)' => "get #{path}").slice('(request-target)', 'Host', 'Date')
  9. key_id = ActivityPub::TagManager.instance.key_uri_for(sign_with)
  10. keypair = sign_with.keypair
  11. signed_string = signed_headers.map { |key, value| "#{key.downcase}: #{value}" }.join("\n")
  12. signature = Base64.strict_encode64(keypair.sign(OpenSSL::Digest.new('SHA256'), signed_string))
  13. headers['Signature'] = "keyId=\"#{key_id}\",algorithm=\"rsa-sha256\",headers=\"#{signed_headers.keys.join(' ').downcase}\",signature=\"#{signature}\""
  14. super(path, headers: headers, **args)
  15. end
  16. end