HTTP signatures (#4146)
* Add Request class with HTTP signature generator Spec: https://tools.ietf.org/html/draft-cavage-http-signatures-06 * Add HTTP signature verification concern * Add test for SignatureVerification concern * Add basic test for Request class * Make PuSH subscribe/unsubscribe requests use new Request class Accidentally fix lease_seconds not being set and sent properly, and change the new minimum subscription duration to 1 day * Make all PuSH workers use new Request class * Make Salmon sender use new Request class * Make FetchLinkService use new Request class * Make FetchAtomService use the new Request class * Make Remotable use the new Request class * Make ResolveRemoteAccountService use the new Request class * Add more tests * Allow +-30 seconds window for signed request to remain valid * Disable time window validation for signed requests, restore 7 days as PuSH subscription duration (which was previous default due to a bug)
This commit is contained in:
Eugen Rochko
GitHub
parent
c1f201c49a
commit
1618b68bfa
23 changed files with 379 additions and 90 deletions
|
|
@ -1,7 +1,6 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module Remotable
|
||||
include HttpHelper
|
||||
extend ActiveSupport::Concern
|
||||
|
||||
included do
|
||||
|
|
@ -20,7 +19,7 @@ module Remotable
|
|||
return if !%w(http https).include?(parsed_url.scheme) || parsed_url.host.empty? || self[attribute_name] == url
|
||||
|
||||
begin
|
||||
response = http_client.get(url)
|
||||
response = Request.new(:get, url).perform
|
||||
|
||||
return if response.code != 200
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue