Giters

jointakahe / takahe

An ActivityPub/Fediverse server

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

KeyError 'algorithm'

doodlemania2 opened this issue · comments

commented

Got a new user today and getting this error once every 60 minutes.

Internal Server Error: /@user@domain.com/inbox/

KeyError at /@user@user.com/inbox/
'algorithm'

Request Method: POST
Request URL: http://url2836.thedoodleproject.net/ls/click?upn=E-2BIWnGoNaV1xc2v5aE-2B4G6uZk043CSFmH064dQWMlZ2YaU7ezkj5apkwLeMChluFng54yKyATwf6g349uK84nhOERuOBjWKM7igozipe6L5YyoxU1F2gZlWKGkFljRKqOay3iDlosc66VKJYyl1aHg-3D-3DEfXT_MTQKioXqYBjSf6sZsbopRxXOuEG0ZOkr5NI5G2u0JGue5A2wySIzjiRhGEaq8QLdc5-2F13XkiF-2Ft5QXEFQ4QDyjeiOxfuFwR7taJIxQWHuNq0PEnmwg3KVSVDhnsLKAXRyQ1hsPlracAvRyASo-2FrHdxzL3dnUIGpOyWsmdMuwX3nSPjwKaE6hXHDBF69W4Vv9pBOiTTV5uNH6BjiXwxnBtFV1i5dR8tPGHa9iE8-2Fpf5Y-3D
Django Version: 4.2.2
Python Executable: /usr/local/bin/python3
Python Version: 3.11.4
Python Path: ['/takahe', '/usr/local/bin', '/usr/local/lib/python311.zip', '/usr/local/lib/python3.11', '/usr/local/lib/python3.11/lib-dynload', '/usr/local/lib/python3.11/site-packages']
Server time: Thu, 20 Jul 2023 04:19:18 +0000
Installed Applications:
['django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.postgres',
'corsheaders',
'django_htmx',
'hatchway',
'core',
'activities',
'api',
'mediaproxy',
'stator',
'users']
Installed Middleware:
['core.middleware.SentryTaggingMiddleware',
'django.middleware.security.SecurityMiddleware',
'corsheaders.middleware.CorsMiddleware',
'whitenoise.middleware.WhiteNoiseMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django_htmx.middleware.HtmxMiddleware',
'core.middleware.HeadersMiddleware',
'core.middleware.ConfigLoadingMiddleware',
'api.middleware.ApiTokenMiddleware',
'users.middleware.DomainMiddleware']

Traceback (most recent call last):
File "/usr/local/lib/python3.11/site-packages/django/core/handlers/exception.py", line 55, in inner
response = get_response(request)
^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/django/core/handlers/base.py", line 197, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/django/views/generic/base.py", line 104, in view
return self.dispatch(request, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/django/utils/decorators.py", line 46, in _wrapper
return bound_method(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/django/views/decorators/csrf.py", line 56, in wrapper_view
return view_func(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/django/views/generic/base.py", line 143, in dispatch
return handler(request, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/takahe/users/views/activitypub.py", line 175, in post
HttpSignature.verify_request(
^
File "/takahe/core/signatures.py", line 161, in verify_request
signature_details = cls.parse_signature(request.headers["signature"])
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/takahe/core/signatures.py", line 108, in parse_signature
"algorithm": bits["algorithm"],
^^^^^^^^^^^^^^^^^

Exception Type: KeyError at /@user@domain.com/inbox/
Exception Value: 'algorithm'
Raised during: users.views.activitypub.Inbox
Request information:
USER: AnonymousUser

GET: No GET data

POST: No POST data

FILES: No FILES data

COOKIES: No cookie data

META:
CONTENT_LENGTH = '482'
CONTENT_TYPE = 'application/activity+json'
HTTP_ACCEPT = 'application/activity+json'
HTTP_ACCEPT_ENCODING = 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3'
HTTP_CONNECTION = 'close'
HTTP_DATE = 'Thu, 20 Jul 2023 04:19:18 GMT'
HTTP_DIGEST = 'SHA-256=l9zkgO7T6fGiIsAjbIXudzXPW7od5ealogeH2uqb0eQ='
HTTP_HOST = 'service-domain'
HTTP_SIGNATURE = '********************'
HTTP_USER_AGENT = 'Ruby'
HTTP_X_FORWARDED_FOR = '172.20.0.1, 172.20.10.128'
HTTP_X_FORWARDED_PROTO = 'https'
HTTP_X_FORWARDED_SCHEME = 'https'
HTTP_X_REAL_IP = '172.20.0.1'
PATH_INFO = '/@user@domain.com/inbox/'
QUERY_STRING = ''
RAW_URI = '/@user@domain.com/inbox/'
REMOTE_ADDR = '127.0.0.1'
REMOTE_PORT = '47472'
REQUEST_METHOD = 'POST'
SCRIPT_NAME = ''
SERVER_NAME = '0.0.0.0'
SERVER_PORT = '8001'
SERVER_PROTOCOL = 'HTTP/1.1'
SERVER_SOFTWARE = 'gunicorn/20.1.0'
gunicorn.socket = <socket.socket fd=9, family=2, type=1, proto=0, laddr=('127.0.0.1', 8001), raddr=('127.0.0.1', 47472)>
wsgi.errors = <gunicorn.http.wsgi.WSGIErrorsWrapper object at 0x7f82dcdf0a30>
wsgi.file_wrapper = <class 'gunicorn.http.wsgi.FileWrapper'>
wsgi.input = <gunicorn.http.body.Body object at 0x7f82dc3c83d0>
wsgi.input_terminated = True
wsgi.multiprocess = True
wsgi.multithread = False
wsgi.run_once = False
wsgi.url_scheme = 'https'
wsgi.version = '(1, 0)'
a

commented

Looks like someone has written a Fediverse server with broken signing. I'll make it raise a nice error.