npm - @fedify/fedify - Versions diffs - 1.3.0-dev.576 → 1.3.0-dev.577 - Mend

@fedify/fedify 1.3.0-dev.576 → 1.3.0-dev.577

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @fedify/fedify might be problematic. Click here for more details.

Files changed (7) hide show

package/esm/deno.js CHANGED Viewed

@@ -1,6 +1,6 @@
 export default {
     "name": "@fedify/fedify",
-    "version": "1.3.0-dev.576+5eedba62",
+    "version": "1.3.0-dev.577+bda6d57e",
     "license": "MIT",
     "exports": {
         ".": "./mod.ts",

package/esm/sig/http.js CHANGED Viewed

@@ -236,7 +236,6 @@ async function verifyRequestInternal(request, span, { documentLoader, contextLoa
     }
     const { keyId, headers, signature } = sigValues;
     span?.setAttribute("http_signatures.key_id", keyId);
-    span?.setAttribute("http_signatures.signature", signature);
     if ("algorithm" in sigValues) {
         span?.setAttribute("http_signatures.algorithm", sigValues.algorithm);
     }
@@ -266,6 +265,7 @@ async function verifyRequestInternal(request, span, { documentLoader, contextLoa
                 ? request.headers.get("host") ?? new URL(request.url).host
                 : request.headers.get(name))).join("\n");
     const sig = decodeBase64(signature);
+    span?.setAttribute("http_signatures.signature", encodeHex(sig));
     // TODO: support other than RSASSA-PKCS1-v1_5:
     const verified = await dntShim.crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, sig, new TextEncoder().encode(message));
     if (!verified) {

package/esm/sig/key.js CHANGED Viewed

@@ -1,5 +1,7 @@
 import * as dntShim from "../_dnt.shims.js";
 import { getLogger } from "@logtape/logtape";
+import { SpanKind, SpanStatusCode, trace, } from "@opentelemetry/api";
+import metadata from "../deno.js";
 import { getDocumentLoader, } from "../runtime/docloader.js";
 import { isActor } from "../vocab/actor.js";
 import { CryptographicKey, Object } from "../vocab/vocab.js";
@@ -104,7 +106,39 @@ export async function importJwk(jwk, type) {
  * @returns The fetched key or `null` if the key is not found.
  * @since 1.3.0
  */
-export async function fetchKey(keyId,
+export function fetchKey(keyId,
+// deno-lint-ignore no-explicit-any
+cls, options = {}) {
+    const tracerProvider = options.tracerProvider ?? trace.getTracerProvider();
+    const tracer = tracerProvider.getTracer(metadata.name, metadata.version);
+    keyId = typeof keyId === "string" ? new URL(keyId) : keyId;
+    return tracer.startActiveSpan("activitypub.fetch_key", {
+        kind: SpanKind.CLIENT,
+        attributes: {
+            "http.method": "GET",
+            "url.full": keyId.href,
+            "url.scheme": keyId.protocol.replace(/:$/, ""),
+            "url.domain": keyId.hostname,
+            "url.path": keyId.pathname,
+            "url.query": keyId.search.replace(/^\?/, ""),
+            "url.fragment": keyId.hash.replace(/^#/, ""),
+        },
+    }, async (span) => {
+        try {
+            const result = await fetchKeyInternal(keyId, cls, options);
+            span.setAttribute("activitypub.actor.key.cached", result.cached);
+            return result;
+        }
+        catch (e) {
+            span.setStatus({ code: SpanStatusCode.ERROR, message: String(e) });
+            throw e;
+        }
+        finally {
+            span.end();
+        }
+    });
+}
+async function fetchKeyInternal(keyId,
 // deno-lint-ignore no-explicit-any
 cls, { documentLoader, contextLoader, keyCache, tracerProvider } = {}) {
     const logger = getLogger(["fedify", "sig", "key"]);