commit: 14a2c1da13a855d2daa1fa19a59964496d271950
parent bb522bcc44463d258672f35979a2c939e7199e55
Author: lain <lain@soykaf.club>
Date: Fri, 27 Nov 2020 11:51:24 +0000
Merge branch 'fix/2322-digest-algorithm-case-insensitive' into 'develop'
Digest algorithm is taken from header
Closes #2322
See merge request pleroma/pleroma!3176
Diffstat:
2 files changed, 64 insertions(+), 2 deletions(-)
diff --git a/lib/pleroma/web/plugs/digest_plug.ex b/lib/pleroma/web/plugs/digest_plug.ex
@@ -7,8 +7,22 @@ defmodule Pleroma.Web.Plugs.DigestPlug do
require Logger
def read_body(conn, opts) do
+ digest_algorithm =
+ with [digest_header] <- Conn.get_req_header(conn, "digest") do
+ digest_header
+ |> String.split("=", parts: 2)
+ |> List.first()
+ else
+ _ -> "SHA-256"
+ end
+
+ unless String.downcase(digest_algorithm) == "sha-256" do
+ raise ArgumentError,
+ message: "invalid value for digest algorithm, got: #{digest_algorithm}"
+ end
+
{:ok, body, conn} = Conn.read_body(conn, opts)
- digest = "SHA-256=" <> (:crypto.hash(:sha256, body) |> Base.encode64())
- {:ok, body, Conn.assign(conn, :digest, digest)}
+ encoded_digest = :crypto.hash(:sha256, body) |> Base.encode64()
+ {:ok, body, Conn.assign(conn, :digest, "#{digest_algorithm}=#{encoded_digest}")}
end
end
diff --git a/test/pleroma/web/plugs/digest_plug_test.exs b/test/pleroma/web/plugs/digest_plug_test.exs
@@ -0,0 +1,48 @@
+defmodule Pleroma.Web.Plugs.DigestPlugTest do
+ use ExUnit.Case, async: true
+ use Plug.Test
+
+ test "digest algorithm is taken from digest header" do
+ body = "{\"hello\": \"world\"}"
+ digest = "X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE="
+
+ {:ok, ^body, conn} =
+ :get
+ |> conn("/", body)
+ |> put_req_header("content-type", "application/json")
+ |> put_req_header("digest", "sha-256=" <> digest)
+ |> Pleroma.Web.Plugs.DigestPlug.read_body([])
+
+ assert conn.assigns[:digest] == "sha-256=" <> digest
+
+ {:ok, ^body, conn} =
+ :get
+ |> conn("/", body)
+ |> put_req_header("content-type", "application/json")
+ |> put_req_header("digest", "SHA-256=" <> digest)
+ |> Pleroma.Web.Plugs.DigestPlug.read_body([])
+
+ assert conn.assigns[:digest] == "SHA-256=" <> digest
+ end
+
+ test "error if digest algorithm is invalid" do
+ body = "{\"hello\": \"world\"}"
+ digest = "X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE="
+
+ assert_raise ArgumentError, "invalid value for digest algorithm, got: MD5", fn ->
+ :get
+ |> conn("/", body)
+ |> put_req_header("content-type", "application/json")
+ |> put_req_header("digest", "MD5=" <> digest)
+ |> Pleroma.Web.Plugs.DigestPlug.read_body([])
+ end
+
+ assert_raise ArgumentError, "invalid value for digest algorithm, got: md5", fn ->
+ :get
+ |> conn("/", body)
+ |> put_req_header("content-type", "application/json")
+ |> put_req_header("digest", "md5=" <> digest)
+ |> Pleroma.Web.Plugs.DigestPlug.read_body([])
+ end
+ end
+end
