IT FUCKING WORKS

(except for iceshrimp, but who cares) (well, I do. Would not be nice to
not be compatible with a not-so-rarely used software)

web/shared/client.go

@@ -1,18 +1,12 @@
 package webshared
 
 import (
-	"crypto/ed25519"
-	"crypto/sha256"
-	"crypto/x509"
-	"encoding/base64"
 	"io"
 	"net/http"
 	"strings"
 	"time"
 
 	"git.mstar.dev/mstar/goutils/maputils"
-	"github.com/go-ap/httpsig"
-	"github.com/rs/zerolog/log"
 
 	"git.mstar.dev/mstar/linstrom/config"
 )
@@ -21,8 +15,6 @@ import (
 
 var RequestClient = http.Client{}
 
-const xRandomHeader = "X-Auth-Random"
-
 // Sign a given outbound request for authorized fetch.
 // At the end, the Signature header will have the signature needed,
 // nothing else is modified.
@@ -31,19 +23,9 @@ const xRandomHeader = "X-Auth-Random"
 func SignRequest(r *http.Request, keyId string, privateKeyBytes, postBody []byte) error {
 	method := r.Method
 	headers := r.Header
-	var nowString string
 	if dateString := headers.Get("Date"); dateString != "" {
-		nowString = dateString
 	} else {
-		nowString = time.Now().Format("Mon, 02 Jan 2006 15:04:05 MST")
-		headers.Set("Date", nowString)
-	}
-	var host string
-	if hostString := headers.Get("Host"); hostString != "" {
-		host = hostString
-	} else {
-		host = config.GlobalConfig.General.GetFullDomain()
-		headers.Set("Host", host)
+		headers.Set("Date", time.Now().UTC().Format(http.TimeFormat))
 	}
 	applyBodyHash(headers, postBody)
 	mappedHeaders := maputils.MapNewKeys(headers, func(k string, v []string) (string, string) {
@@ -61,14 +43,14 @@ func SignRequest(r *http.Request, keyId string, privateKeyBytes, postBody []byte
 	var signedString string
 	var usedHeaders []string
 	if config.GlobalConfig.Experimental.UseEd25519Keys {
-		tmp, tmp2, err := CreateSignatureED(method, r.URL.Path, mappedHeaders, privateKeyBytes)
+		tmp, tmp2, err := CreateSignatureED(method, r.URL, mappedHeaders, privateKeyBytes)
 		if err != nil {
 			return err
 		}
 		signedString = tmp
 		usedHeaders = tmp2
 	} else {
-		tmp, tmp2, err := CreateSignatureRSA(method, r.URL.Path, mappedHeaders, privateKeyBytes)
+		tmp, tmp2, err := CreateSignatureRSA(method, r.URL, mappedHeaders, privateKeyBytes)
 		if err != nil {
 			return err
 		}
@@ -80,47 +62,10 @@ func SignRequest(r *http.Request, keyId string, privateKeyBytes, postBody []byte
 		signedString,
 		usedHeaders...,
 	)
-	log.Debug().Str("signature-header", signature).Send()
 	headers.Set("Signature", signature)
 	return nil
 }
 
-func SignRequestWithHttpsig(
-	r *http.Request,
-	keyId string,
-	privateKeyBytes, postBody []byte,
-) error {
-	keyId = config.GlobalConfig.General.GetFullPublicUrl() + "/api/activitypub/user/" + keyId
-	if config.GlobalConfig.Experimental.UseEd25519Keys {
-		key := ed25519.PrivateKey(privateKeyBytes)
-		signer := httpsig.NewEd25519Signer(keyId, key, nil)
-		if err := signer.Sign(r); err != nil {
-			return err
-		}
-	} else {
-		key, err := x509.ParsePKCS1PrivateKey(privateKeyBytes)
-		if err != nil {
-			return err
-		}
-		signer := httpsig.NewRSASHA256Signer(keyId, key, nil)
-		if err = signer.Sign(r); err != nil {
-			return err
-		}
-		// r.Header.Add("Signature", strings.TrimPrefix(r.Header.Get("Authorization"), "Signature "))
-	}
-	return nil
-}
-
-func applyBodyHash(headers http.Header, body []byte) error {
-	if body == nil {
-		return nil
-	}
-	hash := sha256.Sum256(body)
-	based := base64.StdEncoding.EncodeToString(hash[:])
-	headers.Set("Digest", "SHA-256="+based)
-	return nil
-}
-
 func NewRequest(method string, url string, body io.Reader) (*http.Request, error) {
 	req, err := http.NewRequest(method, url, body)
 	if err != nil {
@@ -130,7 +75,6 @@ func NewRequest(method string, url string, body io.Reader) (*http.Request, error
 		"User-Agent",
 		"Linstrom v0.0.0-pre-alpha ("+config.GlobalConfig.General.GetFullDomain()+")",
 	)
-	req.Header.Add("Date", time.Now().Format(time.RFC1123))
-	req.Header.Add("Host", config.GlobalConfig.General.GetFullDomain())
+	req.Header.Add("Date", time.Now().UTC().Format(http.TimeFormat))
 	return req, nil
 }