Code style improvement

2018-10-06 10:57:37 +02:00 · 2018-10-06 10:57:37 +02:00 · 0d6a2af851
parent 3466e55548
commit 0d6a2af851
1 changed files with 40 additions and 39 deletions
--- a/plume-common/src/activity_pub/sign.rs
+++ b/plume-common/src/activity_pub/sign.rs
@ -97,7 +97,12 @@ impl SignatureValidity {
 }

 pub fn verify_http_headers<S: Signer+::std::fmt::Debug>(sender: &S, all_headers: HeaderMap, data: String) -> SignatureValidity{
-    if let Some(sig_header) = all_headers.get_one("Signature") {
+    let sig_header = all_headers.get_one("Signature");
+    if sig_header.is_none() {
+        return SignatureValidity::Absent
+    }
+    let sig_header = sig_header.unwrap();
+
    let mut _key_id = None;
    let mut _algorithm = None;
    let mut headers = None;
@ -111,32 +116,28 @@ pub fn verify_http_headers<S: Signer+::std::fmt::Debug>(sender: &S, all_headers:
            _ => {},
        }
    }
-        if signature.is_some() && headers.is_some() {
+
+    if signature.is_none() || headers.is_none() {//missing part of the header
+        return SignatureValidity::Invalid
+    }
    let headers = headers.unwrap().split_whitespace().collect::<Vec<_>>();
    let signature = signature.unwrap();
    let h = headers.iter()
        .map(|header| (header,all_headers.get_one(header)))
        .map(|(header, value)| format!("{}: {}", header.to_lowercase(), value.unwrap_or("")))
        .collect::<Vec<_>>().join("\n");
-            if sender.verify(h, base64::decode(signature).unwrap_or(Vec::new())) {
-                if headers.contains(&"digest") {
+
+    if !sender.verify(h, base64::decode(signature).unwrap_or(Vec::new())) {
+        return SignatureValidity::Invalid
+    }
+    if !headers.contains(&"digest") {// signature is valid, but body content is not verified
+        return SignatureValidity::ValidNoDigest
+    }
    let digest = all_headers.get_one("digest").unwrap_or("");
    let digest = request::Digest::from_header(digest);
-                    if digest.map(|d| d.verify(data)).unwrap_or(false) {
-                        SignatureValidity::Valid
-                    } else {
+    if !digest.map(|d| d.verify(data)).unwrap_or(false) {// signature was valid, but body content does not match its digest
        SignatureValidity::Invalid
-                    }
    } else {
-                    SignatureValidity::ValidNoDigest
-                }
-            } else {
-                SignatureValidity::Invalid
-            }
-        } else {
-            SignatureValidity::Invalid
-        }
-    } else {
-        SignatureValidity::Absent
+	    SignatureValidity::Valid// all check passed
    }
 }