Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements

This commit is contained in:
Ivan Tashkinov 2020-11-28 21:51:27 +03:00
commit 50e47a215f
6 changed files with 68 additions and 21 deletions

View File

@ -228,7 +228,7 @@ arm:
artifacts: *release-artifacts artifacts: *release-artifacts
only: *release-only only: *release-only
tags: tags:
- arm32 - arm32-specified
image: arm32v7/elixir:1.10.3 image: arm32v7/elixir:1.10.3
cache: *release-cache cache: *release-cache
variables: *release-variables variables: *release-variables
@ -240,7 +240,7 @@ arm-musl:
artifacts: *release-artifacts artifacts: *release-artifacts
only: *release-only only: *release-only
tags: tags:
- arm32 - arm32-specified
image: arm32v7/elixir:1.10.3-alpine image: arm32v7/elixir:1.10.3-alpine
cache: *release-cache cache: *release-cache
variables: *release-variables variables: *release-variables

View File

@ -147,16 +147,6 @@
"SameSite=Lax" "SameSite=Lax"
] ]
config :pleroma, :fed_sockets,
enabled: false,
connection_duration: :timer.hours(8),
rejection_duration: :timer.minutes(15),
fed_socket_fetches: [
default: 12_000,
interval: 3_000,
lazy: false
]
# Configures Elixir's Logger # Configures Elixir's Logger
config :logger, :console, config :logger, :console,
level: :debug, level: :debug,

View File

@ -19,11 +19,6 @@
level: :warn, level: :warn,
format: "\n[$level] $message\n" format: "\n[$level] $message\n"
config :pleroma, :fed_sockets,
enabled: false,
connection_duration: 5,
rejection_duration: 5
config :pleroma, :auth, oauth_consumer_strategies: [] config :pleroma, :auth, oauth_consumer_strategies: []
config :pleroma, Pleroma.Upload, config :pleroma, Pleroma.Upload,

View File

@ -22,8 +22,8 @@ def start_pleroma do
Pleroma.Application.limiters_setup() Pleroma.Application.limiters_setup()
Application.put_env(:phoenix, :serve_endpoints, false, persistent: true) Application.put_env(:phoenix, :serve_endpoints, false, persistent: true)
if Pleroma.Config.get(:env) != :test do unless System.get_env("DEBUG") do
Application.put_env(:logger, :console, level: :debug) Logger.remove_backend(:console)
end end
adapter = Application.get_env(:tesla, :adapter) adapter = Application.get_env(:tesla, :adapter)

View File

@ -7,8 +7,22 @@ defmodule Pleroma.Web.Plugs.DigestPlug do
require Logger require Logger
def read_body(conn, opts) do def read_body(conn, opts) do
digest_algorithm =
with [digest_header] <- Conn.get_req_header(conn, "digest") do
digest_header
|> String.split("=", parts: 2)
|> List.first()
else
_ -> "SHA-256"
end
unless String.downcase(digest_algorithm) == "sha-256" do
raise ArgumentError,
message: "invalid value for digest algorithm, got: #{digest_algorithm}"
end
{:ok, body, conn} = Conn.read_body(conn, opts) {:ok, body, conn} = Conn.read_body(conn, opts)
digest = "SHA-256=" <> (:crypto.hash(:sha256, body) |> Base.encode64()) encoded_digest = :crypto.hash(:sha256, body) |> Base.encode64()
{:ok, body, Conn.assign(conn, :digest, digest)} {:ok, body, Conn.assign(conn, :digest, "#{digest_algorithm}=#{encoded_digest}")}
end end
end end

View File

@ -0,0 +1,48 @@
defmodule Pleroma.Web.Plugs.DigestPlugTest do
use ExUnit.Case, async: true
use Plug.Test
test "digest algorithm is taken from digest header" do
body = "{\"hello\": \"world\"}"
digest = "X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE="
{:ok, ^body, conn} =
:get
|> conn("/", body)
|> put_req_header("content-type", "application/json")
|> put_req_header("digest", "sha-256=" <> digest)
|> Pleroma.Web.Plugs.DigestPlug.read_body([])
assert conn.assigns[:digest] == "sha-256=" <> digest
{:ok, ^body, conn} =
:get
|> conn("/", body)
|> put_req_header("content-type", "application/json")
|> put_req_header("digest", "SHA-256=" <> digest)
|> Pleroma.Web.Plugs.DigestPlug.read_body([])
assert conn.assigns[:digest] == "SHA-256=" <> digest
end
test "error if digest algorithm is invalid" do
body = "{\"hello\": \"world\"}"
digest = "X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE="
assert_raise ArgumentError, "invalid value for digest algorithm, got: MD5", fn ->
:get
|> conn("/", body)
|> put_req_header("content-type", "application/json")
|> put_req_header("digest", "MD5=" <> digest)
|> Pleroma.Web.Plugs.DigestPlug.read_body([])
end
assert_raise ArgumentError, "invalid value for digest algorithm, got: md5", fn ->
:get
|> conn("/", body)
|> put_req_header("content-type", "application/json")
|> put_req_header("digest", "md5=" <> digest)
|> Pleroma.Web.Plugs.DigestPlug.read_body([])
end
end
end