npm - @fedify/fedify - Versions diffs - 0.9.0-dev.183 → 0.9.0-dev.184 - Mend

@fedify/fedify 0.9.0-dev.183 → 0.9.0-dev.184

This version of @fedify/fedify might be problematic. Click here for more details.

Files changed (3) hide show

package/CHANGES.md CHANGED Viewed

@@ -55,6 +55,10 @@ To be released.
      -  Deprecated `VerifyOptions` interface.  Use `VerifyRequestOptions`
         instead.
+ -  When signing an HTTP request, the `algorithm` parameter is now added to
+    the `Signature` header.  This change improves the compatibility with
+    Misskey and other implementations that require the `algorithm` parameter.
  -  Added more log messages using the [LogTape] library.  Currently the below
     logger categories are used:

package/esm/sig/http.js CHANGED Viewed

@@ -41,7 +41,7 @@ export async function signRequest(request, privateKey, keyId) {
         .map(([name, value]) => `${name}: ${value.trim()}`).join("\n");
     // TODO: support other than RSASSA-PKCS1-v1_5:
     const signature = await dntShim.crypto.subtle.sign("RSASSA-PKCS1-v1_5", privateKey, new TextEncoder().encode(message));
-    const sigHeader = `keyId="${keyId.href}",headers="${headerNames.join(" ")}",signature="${encodeBase64(signature)}"`;
+    const sigHeader = `keyId="${keyId.href}",algorithm="rsa-sha256",headers="${headerNames.join(" ")}",signature="${encodeBase64(signature)}"`;
     headers.set("Signature", sigHeader);
     return new Request(request, {
         headers,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@fedify/fedify",
-  "version": "0.9.0-dev.183+c5893c1a",
+  "version": "0.9.0-dev.184+5e5b73cc",
   "description": "An ActivityPub server framework",
   "keywords": [
     "ActivityPub",