Code style improvement

This commit is contained in:
Trinity Pointard 2018-10-06 10:57:37 +02:00
parent 3466e55548
commit 0d6a2af851

View File

@ -97,7 +97,12 @@ impl SignatureValidity {
} }
pub fn verify_http_headers<S: Signer+::std::fmt::Debug>(sender: &S, all_headers: HeaderMap, data: String) -> SignatureValidity{ pub fn verify_http_headers<S: Signer+::std::fmt::Debug>(sender: &S, all_headers: HeaderMap, data: String) -> SignatureValidity{
if let Some(sig_header) = all_headers.get_one("Signature") { let sig_header = all_headers.get_one("Signature");
if sig_header.is_none() {
return SignatureValidity::Absent
}
let sig_header = sig_header.unwrap();
let mut _key_id = None; let mut _key_id = None;
let mut _algorithm = None; let mut _algorithm = None;
let mut headers = None; let mut headers = None;
@ -111,32 +116,28 @@ pub fn verify_http_headers<S: Signer+::std::fmt::Debug>(sender: &S, all_headers:
_ => {}, _ => {},
} }
} }
if signature.is_some() && headers.is_some() {
if signature.is_none() || headers.is_none() {//missing part of the header
return SignatureValidity::Invalid
}
let headers = headers.unwrap().split_whitespace().collect::<Vec<_>>(); let headers = headers.unwrap().split_whitespace().collect::<Vec<_>>();
let signature = signature.unwrap(); let signature = signature.unwrap();
let h = headers.iter() let h = headers.iter()
.map(|header| (header,all_headers.get_one(header))) .map(|header| (header,all_headers.get_one(header)))
.map(|(header, value)| format!("{}: {}", header.to_lowercase(), value.unwrap_or(""))) .map(|(header, value)| format!("{}: {}", header.to_lowercase(), value.unwrap_or("")))
.collect::<Vec<_>>().join("\n"); .collect::<Vec<_>>().join("\n");
if sender.verify(h, base64::decode(signature).unwrap_or(Vec::new())) {
if headers.contains(&"digest") { if !sender.verify(h, base64::decode(signature).unwrap_or(Vec::new())) {
return SignatureValidity::Invalid
}
if !headers.contains(&"digest") {// signature is valid, but body content is not verified
return SignatureValidity::ValidNoDigest
}
let digest = all_headers.get_one("digest").unwrap_or(""); let digest = all_headers.get_one("digest").unwrap_or("");
let digest = request::Digest::from_header(digest); let digest = request::Digest::from_header(digest);
if digest.map(|d| d.verify(data)).unwrap_or(false) { if !digest.map(|d| d.verify(data)).unwrap_or(false) {// signature was valid, but body content does not match its digest
SignatureValidity::Valid
} else {
SignatureValidity::Invalid SignatureValidity::Invalid
}
} else { } else {
SignatureValidity::ValidNoDigest SignatureValidity::Valid// all check passed
}
} else {
SignatureValidity::Invalid
}
} else {
SignatureValidity::Invalid
}
} else {
SignatureValidity::Absent
} }
} }