Auth fetch verification (cavage) works now
All checks were successful
/ docker (push) Successful in 4m14s
All checks were successful
/ docker (push) Successful in 4m14s
- Verifying inbound requests signed with Cavage are now checked as expected - Fixed a bug where the signature header is not generated correctly - Extended config to include settings for what requests to verify - Fixed new server in main not using internal port from config
This commit is contained in:
parent
271acc8d29
commit
627926460c
SSH key fingerprint:
SHA256:9VAo09aaVNTWKzPW7Hq2LW+ox9OdwmTSHRoD4mlz1yI
8 changed files with 90 additions and 36 deletions
|
|
@ -52,7 +52,9 @@ type ConfigAdmin struct {
|
|||
ProfilingPassword string `toml:"profiling_password"`
|
||||
// Allow registration on the server
|
||||
// If disabled, user must be manually created (currently via the debug server)
|
||||
AllowRegistration bool `toml:"allow_registration"`
|
||||
AllowRegistration bool `toml:"allow_registration"`
|
||||
AuthFetchForNonGet bool `toml:"auth_fetch_for_non_get"`
|
||||
AuthFetchForGet bool `toml:"auth_fetch_for_get"`
|
||||
}
|
||||
|
||||
type ConfigStorage struct {
|
||||
|
|
@ -119,6 +121,10 @@ type ConfigExperimental struct {
|
|||
// Both are created and stored for each local user. If this flag is enabled,
|
||||
// Linstrom shares the ED25519 key on request, otherwise the RSA key
|
||||
UseEd25519Keys bool `toml:"use_ed25519_keys"`
|
||||
// Require authorized fetch signing for requests to the server actor too
|
||||
// The implementation itself is stable, but might cause issues during initial connect
|
||||
// if the other server also requires authorized fetch for the server actor
|
||||
AuthFetchForServerActor bool `toml:"auth_fetch_for_server_actor"`
|
||||
}
|
||||
|
||||
type Config struct {
|
||||
|
|
@ -151,10 +157,12 @@ var defaultConfig Config = Config{
|
|||
AdminMail: nil,
|
||||
},
|
||||
Admin: ConfigAdmin{
|
||||
Username: "server-admin",
|
||||
FirstTimeSetupOTP: "Example otp password",
|
||||
ProfilingPassword: "Example profiling password",
|
||||
AllowRegistration: true,
|
||||
Username: "server-admin",
|
||||
FirstTimeSetupOTP: "Example otp password",
|
||||
ProfilingPassword: "Example profiling password",
|
||||
AllowRegistration: true,
|
||||
AuthFetchForNonGet: true,
|
||||
AuthFetchForGet: false,
|
||||
},
|
||||
Webauthn: ConfigWebAuthn{
|
||||
DisplayName: "Linstrom",
|
||||
|
|
@ -198,7 +206,8 @@ var defaultConfig Config = Config{
|
|||
UseSSL: false,
|
||||
},
|
||||
Experimental: ConfigExperimental{
|
||||
UseEd25519Keys: false,
|
||||
UseEd25519Keys: false,
|
||||
AuthFetchForServerActor: false,
|
||||
},
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue