a few small fixes
This commit is contained in:
parent
7f94229214
commit
9d387b86aa
|
@ -149,21 +149,19 @@ async def http_signatures(app, handler):
|
|||
raise json_error(401, 'Missing signature')
|
||||
|
||||
if any(map(request.path.startswith, auth_paths)) and request.method != 'POST':
|
||||
if user_check(request.path):
|
||||
logging.info('allowing passthrough of user')
|
||||
if json_req or request.path.endswith('.json'):
|
||||
if not user_check(request.path):
|
||||
signature = request.headers.get('signature', '')
|
||||
|
||||
elif json_req or request.path.endswith('.json'):
|
||||
signature = request.headers.get('signature', '')
|
||||
if not signature:
|
||||
logging.info('missing signature')
|
||||
raise json_error(401, 'Missing signature')
|
||||
|
||||
if not signature:
|
||||
logging.info('missing signature')
|
||||
raise json_error(401, 'Missing signature')
|
||||
actor = parse_sig(signature)
|
||||
|
||||
actor = parse_sig(signature)
|
||||
|
||||
if not (await validate(actor, request)):
|
||||
logging.info(f'Signature validation failed for: {actor}')
|
||||
raise json_error(401, 'signature check failed, signature did not match key')
|
||||
if not (await validate(actor, request)):
|
||||
logging.info(f'Signature validation failed for: {actor}')
|
||||
raise json_error(401, 'signature check failed, signature did not match key')
|
||||
|
||||
else:
|
||||
auth_username = PAWSCONFIG['user']
|
||||
|
@ -201,11 +199,19 @@ async def http_filter(app, handler):
|
|||
ua = request.headers.get('user-agent')
|
||||
|
||||
if 'Mozilla/5.0' not in ua and 'aiohttp/3.3.2' not in ua:
|
||||
domain = parse_ua(ua)
|
||||
try:
|
||||
data = await request.json()
|
||||
actor = data.get('actor')
|
||||
|
||||
if not domain:
|
||||
logging.info('Missing user-agent')
|
||||
raise json_error(401, 'Missing User-Agent')
|
||||
if actor:
|
||||
domain = urlparse(actor).netloc
|
||||
|
||||
except:
|
||||
domain = parse_ua(ua)
|
||||
|
||||
if not domain:
|
||||
logging.info('Missing user-agent')
|
||||
raise json_error(401, 'Missing User-Agent')
|
||||
|
||||
if [agent for agent in blocked_agents if agent in request.headers.get('User-Agent', '').lower()]:
|
||||
logging.info(f'Blocked garbage: {domain}')
|
||||
|
|
|
@ -153,5 +153,5 @@ async def validate(actor, request):
|
|||
|
||||
request['validated'] = result
|
||||
|
||||
logging.info(f'validates? {result}')
|
||||
logging.debug(f'validates? {result}')
|
||||
return result
|
||||
|
|
Loading…
Reference in a new issue