Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-26 16:46:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

test: fixed improper signed_string reconstruction in .verify()

Browse Source
This commit is contained in:
Julian Lam
2023-08-08 15:33:35 -04:00
parent bcee1c8dc8
commit cc0d18869a
2 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/activitypub/index.js
View File

@@ -136,7 +136,7 @@ ActivityPub.verify = async (req) => {
// Re-construct signature string
const signed_string = headers.split(' ').reduce((memo, cur) => {
if (cur === '(request-target)') {
memo.push(`${cur}: ${String(req.method).toLowerCase()} ${req.path}`);
memo.push(`${cur}: ${String(req.method).toLowerCase()} ${req.baseUrl}${req.path}`);
} else if (req.headers.hasOwnProperty(cur)) {
memo.push(`${cur}: ${req.headers[cur]}`);
}

2
test/activitypub.js
View File

@@ -261,9 +261,11 @@ describe('ActivityPub integration', () => {
describe('.verify()', () => {
let uid;
let username;
const baseUrl = nconf.get('relative_path');
const mockReqBase = {
method: 'GET',
// path: ...
baseUrl,
headers: {
// host: ...
// date: ...