Adds signing_ts
into the signature schema
This commit is contained in:
parent
d7f6f8fca5
commit
8d7211c17f
3 changed files with 6 additions and 9 deletions
|
@ -75,8 +75,8 @@ async def process_json(app, body: dict) -> dict:
|
||||||
params = body.get('params', {})
|
params = body.get('params', {})
|
||||||
clean_input_params(params)
|
clean_input_params(params)
|
||||||
logger.debug(f'Received Method {method}, params: {params}')
|
logger.debug(f'Received Method {method}, params: {params}')
|
||||||
|
start = time.time()
|
||||||
try:
|
try:
|
||||||
start = time.time()
|
|
||||||
if asyncio.iscoroutinefunction(METHODS[method]):
|
if asyncio.iscoroutinefunction(METHODS[method]):
|
||||||
result = await METHODS[method](app, params)
|
result = await METHODS[method](app, params)
|
||||||
else:
|
else:
|
||||||
|
|
|
@ -35,9 +35,7 @@ def make_error(error, exc=None) -> dict:
|
||||||
body = ERRORS[error] if error in ERRORS else ERRORS['INTERNAL']
|
body = ERRORS[error] if error in ERRORS else ERRORS['INTERNAL']
|
||||||
try:
|
try:
|
||||||
if exc:
|
if exc:
|
||||||
body.update({
|
body.update({type(exc).__name__: str(exc)})
|
||||||
type(exc).__name__: str(exc)
|
|
||||||
})
|
|
||||||
finally:
|
finally:
|
||||||
return body
|
return body
|
||||||
|
|
||||||
|
@ -112,12 +110,12 @@ def is_valid_credential_input(channel_id=None, channel_name=None, signature=None
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
async def is_authentic_delete_signal(app, comment_id, channel_name, channel_id, signature):
|
async def is_authentic_delete_signal(app, comment_id, channel_name, channel_id, signature, signing_ts):
|
||||||
claim = await resolve_channel_claim(app, channel_id, channel_name)
|
claim = await resolve_channel_claim(app, channel_id, channel_name)
|
||||||
if claim:
|
if claim:
|
||||||
public_key = claim['value']['public_key']
|
public_key = claim['value']['public_key']
|
||||||
claim_hash = binascii.unhexlify(claim['claim_id'].encode())[::-1]
|
claim_hash = binascii.unhexlify(claim['claim_id'].encode())[::-1]
|
||||||
pieces_injest = b''.join((comment_id.encode(), claim_hash))
|
pieces_injest = b''.join((signing_ts.encode(), comment_id.encode(), claim_hash))
|
||||||
return is_signature_valid(
|
return is_signature_valid(
|
||||||
encoded_signature=get_encoded_signature(signature),
|
encoded_signature=get_encoded_signature(signature),
|
||||||
signature_digest=hashlib.sha256(pieces_injest).digest(),
|
signature_digest=hashlib.sha256(pieces_injest).digest(),
|
||||||
|
@ -132,4 +130,3 @@ def clean_input_params(kwargs: dict):
|
||||||
kwargs[k] = v.strip()
|
kwargs[k] = v.strip()
|
||||||
if k in ID_LIST:
|
if k in ID_LIST:
|
||||||
kwargs[k] = v.lower()
|
kwargs[k] = v.lower()
|
||||||
|
|
||||||
|
|
|
@ -38,8 +38,8 @@ async def delete_comment(app, comment_id):
|
||||||
return await coroutine(delete_comment_by_id)(app['writer'], comment_id)
|
return await coroutine(delete_comment_by_id)(app['writer'], comment_id)
|
||||||
|
|
||||||
|
|
||||||
async def delete_comment_if_authorized(app, comment_id, channel_name, channel_id, signature):
|
async def delete_comment_if_authorized(app, comment_id, **kwargs):
|
||||||
authorized = await is_authentic_delete_signal(app, comment_id, channel_name, channel_id, signature)
|
authorized = await is_authentic_delete_signal(app, comment_id, **kwargs)
|
||||||
if not authorized:
|
if not authorized:
|
||||||
return {'deleted': False}
|
return {'deleted': False}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue