mastodon/app/lib/signature_parser.rb

# frozen_string_literal: true

class SignatureParser
  class ParsingError < StandardError; end

  # The syntax of this header is defined in:
  # https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures-12#section-4
  # See https://datatracker.ietf.org/doc/html/rfc7235#appendix-C
  # and https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.6

  # In addition, ignore a `Signature ` string prefix that was added by old versions
  # of `node-http-signatures`

  TOKEN_RE = /[0-9a-zA-Z!#$%&'*+.^_`|~-]+/
  # qdtext and quoted_pair are not exactly according to spec but meh
  QUOTED_STRING_RE = /"([^\\"]|(\\.))*"/
  PARAM_RE = /(?<key>#{TOKEN_RE})\s*=\s*((?<value>#{TOKEN_RE})|(?<quoted_value>#{QUOTED_STRING_RE}))/

  def self.parse(raw_signature)
    # Old versions of node-http-signature add an incorrect "Signature " prefix to the header
    raw_signature = raw_signature.delete_prefix('Signature ')

    params = {}
    scanner = StringScanner.new(raw_signature)

    # Use `skip` instead of `scan` as we only care about the subgroups
    while scanner.skip(PARAM_RE)
      # This is not actually correct with regards to quoted pairs, but it's consistent
      # with our previous implementation, and good enough in practice.
      params[scanner[:key]] = scanner[:value] || scanner[:quoted_value][1...-1]

      scanner.skip(/\s*/)
      return params if scanner.eos?

      raise ParsingError unless scanner.skip(/\s*,\s*/)
    end

    raise ParsingError
  end
end