davrot/forgejo_backup
1
0
Fork 0
mirror of https://codeberg.org/davrot/forgejo.git synced 2025-06-24 20:00:02 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

feat(activitiypub): enable HTTP signatures on all ActivityPub endpoints (#7035)

Browse source 
- Set the right keyID and use the right signing keys for outgoing requests.
- Verify the HTTP signature of all incoming requests, except for the server actor.
- Caches keys of incoming requests for users and servers actors.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7035
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: famfo <famfo@famfo.xyz>
Co-committed-by: famfo <famfo@famfo.xyz>
This commit is contained in:
famfo 2025-04-03 15:24:15 +00:00 committed by David Rotermund
parent 376c2aec8a
commit 4c18778bbf
22 changed files with 681 additions and 122 deletions
Download patch file Download diff file Expand all files Collapse all files

2
modules/test/distant_federation_server_mock.go
View file

@ -95,7 +95,7 @@ func (mock *FederationServerMock) DistantServer(t *testing.T) *httptest.Server {
})
}
for _, repository := range mock.Repositories {
federatedRoutes.HandleFunc(fmt.Sprintf("/api/v1/activitypub/repository-id/%v/inbox/", repository.ID),
federatedRoutes.HandleFunc(fmt.Sprintf("/api/v1/activitypub/repository-id/%v/inbox", repository.ID),
func(res http.ResponseWriter, req *http.Request) {
if req.Method != "POST" {
t.Errorf("POST expected at: %q", req.URL.EscapedPath())