async def verify_request(request) -> bool:
hsig = _parse_sig_header(request.headers.get("Signature"))
if not hsig:
return False
actor = await fetch(hsig["keyId"])
if not actor:
return False
return verify(hsig, request, actor)
async def verify_request(method: str, path: str, headers, body: str) -> bool:
hsig = _parse_sig_header(headers.get("Signature"))
if not hsig:
logger.debug("no signature in header")
return False
logger.debug(f"hsig={hsig}")
signed_string = _build_signed_string(hsig["headers"], method, path,
headers, _body_digest(body))
actor = await fetch(hsig["keyId"])
if not actor: return False
k = get_key(actor["id"])
k.load_pub(actor["publicKey"]["publicKeyPem"])
if k.key_id() != hsig["keyId"]:
return False
return _verify_h(signed_string, base64.b64decode(hsig["signature"]),
k.pubkey)