mirror of
https://github.com/iv-org/invidious.git
synced 2024-12-23 22:39:31 -05:00
Add nonce to pubsub token
This commit is contained in:
parent
5895604282
commit
004fb96b2f
@ -2329,13 +2329,19 @@ get "/feed/webhook/:token" do |env|
|
|||||||
challenge = env.params.query["hub.challenge"]
|
challenge = env.params.query["hub.challenge"]
|
||||||
lease_seconds = env.params.query["hub.lease_seconds"]
|
lease_seconds = env.params.query["hub.lease_seconds"]
|
||||||
|
|
||||||
|
if verify_token.starts_with? "v1"
|
||||||
|
_, time, nonce, signature = verify_token.split(":")
|
||||||
|
data = "#{time}:#{nonce}"
|
||||||
|
else
|
||||||
time, signature = verify_token.split(":")
|
time, signature = verify_token.split(":")
|
||||||
|
data = "#{time}"
|
||||||
|
end
|
||||||
|
|
||||||
if Time.now.to_unix - time.to_i > 600
|
if Time.now.to_unix - time.to_i > 600
|
||||||
halt env, status_code: 400
|
halt env, status_code: 400
|
||||||
end
|
end
|
||||||
|
|
||||||
if OpenSSL::HMAC.hexdigest(:sha1, HMAC_KEY, time) != signature
|
if OpenSSL::HMAC.hexdigest(:sha1, HMAC_KEY, data) != signature
|
||||||
halt env, status_code: 400
|
halt env, status_code: 400
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -194,11 +194,13 @@ end
|
|||||||
def subscribe_pubsub(ucid, key, config)
|
def subscribe_pubsub(ucid, key, config)
|
||||||
client = make_client(PUBSUB_URL)
|
client = make_client(PUBSUB_URL)
|
||||||
time = Time.now.to_unix.to_s
|
time = Time.now.to_unix.to_s
|
||||||
|
nonce = Random::Secure.hex(4)
|
||||||
|
signature = "#{time}:#{nonce}"
|
||||||
|
|
||||||
host_url = make_host_url(Kemal.config.ssl || config.https_only, config.domain)
|
host_url = make_host_url(Kemal.config.ssl || config.https_only, config.domain)
|
||||||
|
|
||||||
body = {
|
body = {
|
||||||
"hub.callback" => "#{host_url}/feed/webhook/#{time}:#{OpenSSL::HMAC.hexdigest(:sha1, key, time)}",
|
"hub.callback" => "#{host_url}/feed/webhook/v1:#{time}:#{nonce}:#{OpenSSL::HMAC.hexdigest(:sha1, key, signature)}",
|
||||||
"hub.topic" => "https://www.youtube.com/feeds/videos.xml?channel_id=#{ucid}",
|
"hub.topic" => "https://www.youtube.com/feeds/videos.xml?channel_id=#{ucid}",
|
||||||
"hub.verify" => "async",
|
"hub.verify" => "async",
|
||||||
"hub.mode" => "subscribe",
|
"hub.mode" => "subscribe",
|
||||||
|
Loading…
Reference in New Issue
Block a user