UNPKG

@fedify/fedify

Version:

An ActivityPub server framework

fedify.dev

fedify-dev/fedify

146 lines (145 loc) 5.25 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
import "@js-temporal/polyfill"; import "urlpattern-polyfill"; globalThis.addEventListener = () => {}; import { getLogger } from "@logtape/logtape"; import { Item, decodeDict, encodeDict } from "structured-field-values"; //#region src/sig/accept.ts /** * `Accept-Signature` header parsing, serialization, and validation utilities * for RFC 9421 §5 challenge-response negotiation. * * @module */ /** * Parses an `Accept-Signature` header value (RFC 9421 §5.1) into an * array of {@link AcceptSignatureMember} objects. * * The `Accept-Signature` field is a Dictionary Structured Field * (RFC 8941 §3.2). Each dictionary member describes a single * requested message signature. * * On parse failure (malformed or empty header), returns an empty array. * * @param header The raw `Accept-Signature` header value string. * @returns An array of parsed members. Empty if the header is * malformed or empty. * @since 2.1.0 */ function parseAcceptSignature(header) { try { return parseEachSignature(decodeDict(header)); } catch { getLogger([ "fedify", "sig", "http" ]).warn("Failed to parse Accept-Signature header: {header}", { header }); return []; } } const compactObject = (obj) => Object.fromEntries(Object.entries(obj).filter(([_, v]) => v !== void 0)); const parseEachSignature = (dict) => Object.entries(dict).filter(([_, item]) => Array.isArray(item.value)).map(([label, item]) => ({ label, components: item.value.filter((subitem) => typeof subitem.value === "string").map((subitem) => ({ value: subitem.value, params: subitem.params ?? {} })), parameters: compactParams(item) })); const compactParams = (item) => { const { keyid, alg, created, expires, nonce, tag } = item.params ?? {}; return compactObject({ keyid: stringOrUndefined(keyid), alg: stringOrUndefined(alg), created: trueOrUndefined(created), expires: trueOrUndefined(expires), nonce: stringOrUndefined(nonce), tag: stringOrUndefined(tag) }); }; const stringOrUndefined = (v) => typeof v === "string" ? v : void 0; const trueOrUndefined = (v) => v === true ? true : void 0; /** * Serializes an array of {@link AcceptSignatureMember} objects into an * `Accept-Signature` header value string (RFC 9421 §5.1). * * The output is a Dictionary Structured Field (RFC 8941 §3.2). * * @param members The members to serialize. * @returns The serialized header value string. * @since 2.1.0 */ function formatAcceptSignature(members) { const items = members.map((member) => [member.label, new Item(compToItems(member), compactParameters(member))]); return encodeDict(Object.fromEntries(items)); } const compToItems = (member) => member.components.map((c) => new Item(c.value, c.params)); const compactParameters = (member) => { const { keyid, alg, created, expires, nonce, tag } = member.parameters; return compactObject({ keyid, alg, created, expires, nonce, tag }); }; /** * Filters out {@link AcceptSignatureMember} entries whose covered * components include response-only identifiers (`@status`) that are * not applicable to request-target messages, as required by * [RFC 9421 §5](https://www.rfc-editor.org/rfc/rfc9421#section-5). * * A warning is logged for each discarded entry. * * @param members The parsed `Accept-Signature` entries to validate. * @returns Only entries that are valid for request-target messages. * @since 2.1.0 */ function validateAcceptSignature(members) { const logger = getLogger([ "fedify", "sig", "http" ]); return members.filter((member) => { if (member.components.every((c) => c.value !== "@status")) return true; logLabel(logger, member.label); return false; }); } const logLabel = (logger, label) => logger.warn("Discarding Accept-Signature member {label}: covered components include response-only identifier @status.", { label }); /** * Attempts to translate an {@link AcceptSignatureMember} challenge into * RFC 9421 signing options that the local signer can fulfill. * * Returns `null` if the challenge cannot be fulfilled—for example, if * the requested `alg` or `keyid` is incompatible with the local key. * * Safety constraints: * - `alg`: only honored if it matches `localAlg`. * - `keyid`: only honored if it matches `localKeyId`. * - `components`: passed through exactly as requested, per RFC 9421 §5.2. * - `nonce`, `tag`, and `expires` are passed through directly. * * @param entry The challenge entry from the `Accept-Signature` header. * @param localKeyId The local key identifier (e.g., the actor key URL). * @param localAlg The algorithm of the local private key * (e.g., `"rsa-v1_5-sha256"`). * @returns Signing options if the challenge can be fulfilled, or `null`. * @since 2.1.0 */ function fulfillAcceptSignature(entry, localKeyId, localAlg) { if (entry.parameters.alg != null && entry.parameters.alg !== localAlg) return null; if (entry.parameters.keyid != null && entry.parameters.keyid !== localKeyId) return null; return { label: entry.label, components: entry.components, nonce: entry.parameters.nonce, tag: entry.parameters.tag, expires: entry.parameters.expires }; } //#endregion export { validateAcceptSignature as i, fulfillAcceptSignature as n, parseAcceptSignature as r, formatAcceptSignature as t };