forked from fedi/mastodon
Add HTTP signature keyId to request log (#11591)
This commit is contained in:
parent
2b4e2616ea
commit
1bc077dc74
|
@ -23,6 +23,19 @@ module SignatureVerification
|
|||
@signature_verification_failure_code || 401
|
||||
end
|
||||
|
||||
def signature_key_id
|
||||
raw_signature = request.headers['Signature']
|
||||
signature_params = {}
|
||||
|
||||
raw_signature.split(',').each do |part|
|
||||
parsed_parts = part.match(/([a-z]+)="([^"]+)"/i)
|
||||
next if parsed_parts.nil? || parsed_parts.size != 3
|
||||
signature_params[parsed_parts[1]] = parsed_parts[2]
|
||||
end
|
||||
|
||||
signature_params['keyId']
|
||||
end
|
||||
|
||||
def signed_request_account
|
||||
return @signed_request_account if defined?(@signed_request_account)
|
||||
|
||||
|
@ -154,7 +167,7 @@ module SignatureVerification
|
|||
.with_fallback { nil }
|
||||
.with_threshold(1)
|
||||
.with_cool_off_time(5.minutes.seconds)
|
||||
.with_error_handler { |error, handle| error.is_a?(HTTP::Error) ? handle.call(error) : raise(error) }
|
||||
.with_error_handler { |error, handle| error.is_a?(HTTP::Error) || error.is_a?(OpenSSL::SSL::SSLError) ? handle.call(error) : raise(error) }
|
||||
.run
|
||||
end
|
||||
|
||||
|
|
|
@ -71,6 +71,12 @@ Rails.application.configure do
|
|||
# Better log formatting
|
||||
config.lograge.enabled = true
|
||||
|
||||
config.lograge.custom_payload do |controller|
|
||||
if controller.respond_to?(:signed_request?) && controller.signed_request?
|
||||
{ key: controller.signature_key_id }
|
||||
end
|
||||
end
|
||||
|
||||
# Do not dump schema after migrations.
|
||||
config.active_record.dump_schema_after_migration = false
|
||||
|
||||
|
|
Loading…
Reference in a new issue