Don't crypt raw iolists.
This commit is contained in:
parent
8ae13d94dc
commit
89c1e90eb2
@ -41,6 +41,7 @@ defmodule Pleroma.Web.Websub do
|
|||||||
Enum.each(subscriptions, fn(sub) ->
|
Enum.each(subscriptions, fn(sub) ->
|
||||||
response = FeedRepresenter.to_simple_form(user, [activity], [user])
|
response = FeedRepresenter.to_simple_form(user, [activity], [user])
|
||||||
|> :xmerl.export_simple(:xmerl_xml)
|
|> :xmerl.export_simple(:xmerl_xml)
|
||||||
|
|> to_string
|
||||||
|
|
||||||
signature = sign(sub.secret, response)
|
signature = sign(sub.secret, response)
|
||||||
HTTPoison.post(sub.callback, response, [
|
HTTPoison.post(sub.callback, response, [
|
||||||
@ -51,7 +52,7 @@ defmodule Pleroma.Web.Websub do
|
|||||||
end
|
end
|
||||||
|
|
||||||
def sign(secret, doc) do
|
def sign(secret, doc) do
|
||||||
:crypto.hmac(:sha, secret, doc) |> Base.encode16
|
:crypto.hmac(:sha, secret, to_string(doc)) |> Base.encode16
|
||||||
end
|
end
|
||||||
|
|
||||||
def incoming_subscription_request(user, %{"hub.mode" => "subscribe"} = params) do
|
def incoming_subscription_request(user, %{"hub.mode" => "subscribe"} = params) do
|
||||||
|
@ -167,4 +167,11 @@ defmodule Pleroma.Web.WebsubTest do
|
|||||||
{:error, websub} = Websub.request_subscription(websub, poster, 1000)
|
{:error, websub} = Websub.request_subscription(websub, poster, 1000)
|
||||||
assert websub.state == "rejected"
|
assert websub.state == "rejected"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "sign a text" do
|
||||||
|
signed = Websub.sign("secret", "text")
|
||||||
|
assert signed == "B8392C23690CCF871F37EC270BE1582DEC57A503"
|
||||||
|
|
||||||
|
signed = Websub.sign("secret", [["て"], ['す']])
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user