Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements
This commit is contained in:
commit
50e47a215f
|
@ -228,7 +228,7 @@ arm:
|
||||||
artifacts: *release-artifacts
|
artifacts: *release-artifacts
|
||||||
only: *release-only
|
only: *release-only
|
||||||
tags:
|
tags:
|
||||||
- arm32
|
- arm32-specified
|
||||||
image: arm32v7/elixir:1.10.3
|
image: arm32v7/elixir:1.10.3
|
||||||
cache: *release-cache
|
cache: *release-cache
|
||||||
variables: *release-variables
|
variables: *release-variables
|
||||||
|
@ -240,7 +240,7 @@ arm-musl:
|
||||||
artifacts: *release-artifacts
|
artifacts: *release-artifacts
|
||||||
only: *release-only
|
only: *release-only
|
||||||
tags:
|
tags:
|
||||||
- arm32
|
- arm32-specified
|
||||||
image: arm32v7/elixir:1.10.3-alpine
|
image: arm32v7/elixir:1.10.3-alpine
|
||||||
cache: *release-cache
|
cache: *release-cache
|
||||||
variables: *release-variables
|
variables: *release-variables
|
||||||
|
|
|
@ -147,16 +147,6 @@
|
||||||
"SameSite=Lax"
|
"SameSite=Lax"
|
||||||
]
|
]
|
||||||
|
|
||||||
config :pleroma, :fed_sockets,
|
|
||||||
enabled: false,
|
|
||||||
connection_duration: :timer.hours(8),
|
|
||||||
rejection_duration: :timer.minutes(15),
|
|
||||||
fed_socket_fetches: [
|
|
||||||
default: 12_000,
|
|
||||||
interval: 3_000,
|
|
||||||
lazy: false
|
|
||||||
]
|
|
||||||
|
|
||||||
# Configures Elixir's Logger
|
# Configures Elixir's Logger
|
||||||
config :logger, :console,
|
config :logger, :console,
|
||||||
level: :debug,
|
level: :debug,
|
||||||
|
|
|
@ -19,11 +19,6 @@
|
||||||
level: :warn,
|
level: :warn,
|
||||||
format: "\n[$level] $message\n"
|
format: "\n[$level] $message\n"
|
||||||
|
|
||||||
config :pleroma, :fed_sockets,
|
|
||||||
enabled: false,
|
|
||||||
connection_duration: 5,
|
|
||||||
rejection_duration: 5
|
|
||||||
|
|
||||||
config :pleroma, :auth, oauth_consumer_strategies: []
|
config :pleroma, :auth, oauth_consumer_strategies: []
|
||||||
|
|
||||||
config :pleroma, Pleroma.Upload,
|
config :pleroma, Pleroma.Upload,
|
||||||
|
|
|
@ -22,8 +22,8 @@ def start_pleroma do
|
||||||
Pleroma.Application.limiters_setup()
|
Pleroma.Application.limiters_setup()
|
||||||
Application.put_env(:phoenix, :serve_endpoints, false, persistent: true)
|
Application.put_env(:phoenix, :serve_endpoints, false, persistent: true)
|
||||||
|
|
||||||
if Pleroma.Config.get(:env) != :test do
|
unless System.get_env("DEBUG") do
|
||||||
Application.put_env(:logger, :console, level: :debug)
|
Logger.remove_backend(:console)
|
||||||
end
|
end
|
||||||
|
|
||||||
adapter = Application.get_env(:tesla, :adapter)
|
adapter = Application.get_env(:tesla, :adapter)
|
||||||
|
|
|
@ -7,8 +7,22 @@ defmodule Pleroma.Web.Plugs.DigestPlug do
|
||||||
require Logger
|
require Logger
|
||||||
|
|
||||||
def read_body(conn, opts) do
|
def read_body(conn, opts) do
|
||||||
|
digest_algorithm =
|
||||||
|
with [digest_header] <- Conn.get_req_header(conn, "digest") do
|
||||||
|
digest_header
|
||||||
|
|> String.split("=", parts: 2)
|
||||||
|
|> List.first()
|
||||||
|
else
|
||||||
|
_ -> "SHA-256"
|
||||||
|
end
|
||||||
|
|
||||||
|
unless String.downcase(digest_algorithm) == "sha-256" do
|
||||||
|
raise ArgumentError,
|
||||||
|
message: "invalid value for digest algorithm, got: #{digest_algorithm}"
|
||||||
|
end
|
||||||
|
|
||||||
{:ok, body, conn} = Conn.read_body(conn, opts)
|
{:ok, body, conn} = Conn.read_body(conn, opts)
|
||||||
digest = "SHA-256=" <> (:crypto.hash(:sha256, body) |> Base.encode64())
|
encoded_digest = :crypto.hash(:sha256, body) |> Base.encode64()
|
||||||
{:ok, body, Conn.assign(conn, :digest, digest)}
|
{:ok, body, Conn.assign(conn, :digest, "#{digest_algorithm}=#{encoded_digest}")}
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -0,0 +1,48 @@
|
||||||
|
defmodule Pleroma.Web.Plugs.DigestPlugTest do
|
||||||
|
use ExUnit.Case, async: true
|
||||||
|
use Plug.Test
|
||||||
|
|
||||||
|
test "digest algorithm is taken from digest header" do
|
||||||
|
body = "{\"hello\": \"world\"}"
|
||||||
|
digest = "X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE="
|
||||||
|
|
||||||
|
{:ok, ^body, conn} =
|
||||||
|
:get
|
||||||
|
|> conn("/", body)
|
||||||
|
|> put_req_header("content-type", "application/json")
|
||||||
|
|> put_req_header("digest", "sha-256=" <> digest)
|
||||||
|
|> Pleroma.Web.Plugs.DigestPlug.read_body([])
|
||||||
|
|
||||||
|
assert conn.assigns[:digest] == "sha-256=" <> digest
|
||||||
|
|
||||||
|
{:ok, ^body, conn} =
|
||||||
|
:get
|
||||||
|
|> conn("/", body)
|
||||||
|
|> put_req_header("content-type", "application/json")
|
||||||
|
|> put_req_header("digest", "SHA-256=" <> digest)
|
||||||
|
|> Pleroma.Web.Plugs.DigestPlug.read_body([])
|
||||||
|
|
||||||
|
assert conn.assigns[:digest] == "SHA-256=" <> digest
|
||||||
|
end
|
||||||
|
|
||||||
|
test "error if digest algorithm is invalid" do
|
||||||
|
body = "{\"hello\": \"world\"}"
|
||||||
|
digest = "X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE="
|
||||||
|
|
||||||
|
assert_raise ArgumentError, "invalid value for digest algorithm, got: MD5", fn ->
|
||||||
|
:get
|
||||||
|
|> conn("/", body)
|
||||||
|
|> put_req_header("content-type", "application/json")
|
||||||
|
|> put_req_header("digest", "MD5=" <> digest)
|
||||||
|
|> Pleroma.Web.Plugs.DigestPlug.read_body([])
|
||||||
|
end
|
||||||
|
|
||||||
|
assert_raise ArgumentError, "invalid value for digest algorithm, got: md5", fn ->
|
||||||
|
:get
|
||||||
|
|> conn("/", body)
|
||||||
|
|> put_req_header("content-type", "application/json")
|
||||||
|
|> put_req_header("digest", "md5=" <> digest)
|
||||||
|
|> Pleroma.Web.Plugs.DigestPlug.read_body([])
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in New Issue