LBRYCommunity/comment-server
1
0
Fork 0
Code Issues 18 Pull requests 1 Projects Releases Packages Wiki Activity

Adds signing_ts into the signature schema

Browse source
This commit is contained in:
Oleg Silkin 2019-07-29 16:36:23 -04:00
parent d7f6f8fca5
commit 8d7211c17f
3 changed files with 6 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/server/handles.py
View file

@ -75,8 +75,8 @@ async def process_json(app, body: dict) -> dict:
params = body.get('params', {}) params = body.get('params', {})
clean_input_params(params) clean_input_params(params)
logger.debug(f'Received Method {method}, params: {params}') logger.debug(f'Received Method {method}, params: {params}')
start = time.time()
try: try:
start = time.time()
if asyncio.iscoroutinefunction(METHODS[method]): if asyncio.iscoroutinefunction(METHODS[method]):
result = await METHODS[method](app, params) result = await METHODS[method](app, params)
else: else:

9
src/server/misc.py
View file

@ -35,9 +35,7 @@ def make_error(error, exc=None) -> dict:
body = ERRORS[error] if error in ERRORS else ERRORS['INTERNAL'] body = ERRORS[error] if error in ERRORS else ERRORS['INTERNAL']
try: try:
if exc: if exc:
body.update({ body.update({type(exc).__name__: str(exc)})
type(exc).__name__: str(exc)
})
finally: finally:
return body return body
@ -112,12 +110,12 @@ def is_valid_credential_input(channel_id=None, channel_name=None, signature=None
return True return True
async def is_authentic_delete_signal(app, comment_id, channel_name, channel_id, signature): async def is_authentic_delete_signal(app, comment_id, channel_name, channel_id, signature, signing_ts):
claim = await resolve_channel_claim(app, channel_id, channel_name) claim = await resolve_channel_claim(app, channel_id, channel_name)
if claim: if claim:
public_key = claim['value']['public_key'] public_key = claim['value']['public_key']
claim_hash = binascii.unhexlify(claim['claim_id'].encode())[::-1] claim_hash = binascii.unhexlify(claim['claim_id'].encode())[::-1]
pieces_injest = b''.join((comment_id.encode(), claim_hash)) pieces_injest = b''.join((signing_ts.encode(), comment_id.encode(), claim_hash))
return is_signature_valid( return is_signature_valid(
encoded_signature=get_encoded_signature(signature), encoded_signature=get_encoded_signature(signature),
signature_digest=hashlib.sha256(pieces_injest).digest(), signature_digest=hashlib.sha256(pieces_injest).digest(),
@ -132,4 +130,3 @@ def clean_input_params(kwargs: dict):
kwargs[k] = v.strip() kwargs[k] = v.strip()
if k in ID_LIST: if k in ID_LIST:
kwargs[k] = v.lower() kwargs[k] = v.lower()

4
src/server/writes.py
View file

@ -38,8 +38,8 @@ async def delete_comment(app, comment_id):
return await coroutine(delete_comment_by_id)(app['writer'], comment_id) return await coroutine(delete_comment_by_id)(app['writer'], comment_id)
async def delete_comment_if_authorized(app, comment_id, channel_name, channel_id, signature): async def delete_comment_if_authorized(app, comment_id, **kwargs):
authorized = await is_authentic_delete_signal(app, comment_id, channel_name, channel_id, signature) authorized = await is_authentic_delete_signal(app, comment_id, **kwargs)
if not authorized: if not authorized:
return {'deleted': False} return {'deleted': False}