@fedify/fedify 2.1.0-dev.565 → 2.1.0-dev.592

package/dist/{http-iDlaLy8a.cjs → http-CaXARmaJ.cjs}

@@ -7,14 +7,14 @@ const __logtape_logtape = require_chunk.__toESM(require("@logtape/logtape"));
 const __fedify_vocab = require_chunk.__toESM(require("@fedify/vocab"));
 const __opentelemetry_api = require_chunk.__toESM(require("@opentelemetry/api"));
 const byte_encodings_hex = require_chunk.__toESM(require("byte-encodings/hex"));
+const structured_field_values = require_chunk.__toESM(require("structured-field-values"));
 const __opentelemetry_semantic_conventions = require_chunk.__toESM(require("@opentelemetry/semantic-conventions"));
 const byte_encodings_base64 = require_chunk.__toESM(require("byte-encodings/base64"));
-const structured_field_values = require_chunk.__toESM(require("structured-field-values"));
 const __fedify_vocab_runtime = require_chunk.__toESM(require("@fedify/vocab-runtime"));
 
 //#region deno.json
 var name = "@fedify/fedify";
-var version = "2.1.0-dev.565+b4d238a9";
+var version = "2.1.0-dev.592+6c1f6e6f";
 var license = "MIT";
 var exports$1 = {
 	".": "./src/mod.ts",
@@ -36,7 +36,6 @@ var imports = {
 	"fetch-mock": "npm:fetch-mock@^12.5.2",
 	"json-canon": "npm:json-canon@^1.0.1",
 	"jsonld": "npm:jsonld@^9.0.0",
-	"multicodec": "npm:multicodec@^3.2.1",
 	"pkijs": "npm:pkijs@^3.3.3",
 	"structured-field-values": "npm:structured-field-values@^2.0.4",
 	"uri-template-router": "npm:uri-template-router@^1.0.0",
@@ -127,6 +126,140 @@ var deno_default = {
 	tasks
 };
 
+//#endregion
+//#region src/sig/accept.ts
+/**
+* Parses an `Accept-Signature` header value (RFC 9421 §5.1) into an
+* array of {@link AcceptSignatureMember} objects.
+*
+* The `Accept-Signature` field is a Dictionary Structured Field
+* (RFC 8941 §3.2).  Each dictionary member describes a single
+* requested message signature.
+*
+* On parse failure (malformed or empty header), returns an empty array.
+*
+* @param header The raw `Accept-Signature` header value string.
+* @returns An array of parsed members.  Empty if the header is
+*          malformed or empty.
+* @since 2.1.0
+*/
+function parseAcceptSignature(header) {
+	try {
+		return parseEachSignature((0, structured_field_values.decodeDict)(header));
+	} catch {
+		(0, __logtape_logtape.getLogger)([
+			"fedify",
+			"sig",
+			"http"
+		]).warn("Failed to parse Accept-Signature header: {header}", { header });
+		return [];
+	}
+}
+const compactObject = (obj) => Object.fromEntries(Object.entries(obj).filter(([_, v]) => v !== void 0));
+const parseEachSignature = (dict) => Object.entries(dict).filter(([_, item]) => Array.isArray(item.value)).map(([label, item]) => ({
+	label,
+	components: item.value.filter((subitem) => typeof subitem.value === "string").map((subitem) => ({
+		value: subitem.value,
+		params: subitem.params ?? {}
+	})),
+	parameters: compactParams(item)
+}));
+const compactParams = (item) => {
+	const { keyid, alg, created, expires, nonce, tag } = item.params ?? {};
+	return compactObject({
+		keyid: stringOrUndefined(keyid),
+		alg: stringOrUndefined(alg),
+		created: trueOrUndefined(created),
+		expires: trueOrUndefined(expires),
+		nonce: stringOrUndefined(nonce),
+		tag: stringOrUndefined(tag)
+	});
+};
+const stringOrUndefined = (v) => typeof v === "string" ? v : void 0;
+const trueOrUndefined = (v) => v === true ? true : void 0;
+/**
+* Serializes an array of {@link AcceptSignatureMember} objects into an
+* `Accept-Signature` header value string (RFC 9421 §5.1).
+*
+* The output is a Dictionary Structured Field (RFC 8941 §3.2).
+*
+* @param members The members to serialize.
+* @returns The serialized header value string.
+* @since 2.1.0
+*/
+function formatAcceptSignature(members) {
+	const items = members.map((member) => [member.label, new structured_field_values.Item(compToItems(member), compactParameters(member))]);
+	return (0, structured_field_values.encodeDict)(Object.fromEntries(items));
+}
+const compToItems = (member) => member.components.map((c) => new structured_field_values.Item(c.value, c.params));
+const compactParameters = (member) => {
+	const { keyid, alg, created, expires, nonce, tag } = member.parameters;
+	return compactObject({
+		keyid,
+		alg,
+		created,
+		expires,
+		nonce,
+		tag
+	});
+};
+/**
+* Filters out {@link AcceptSignatureMember} entries whose covered
+* components include response-only identifiers (`@status`) that are
+* not applicable to request-target messages, as required by
+* [RFC 9421 §5](https://www.rfc-editor.org/rfc/rfc9421#section-5).
+*
+* A warning is logged for each discarded entry.
+*
+* @param members The parsed `Accept-Signature` entries to validate.
+* @returns Only entries that are valid for request-target messages.
+* @since 2.1.0
+*/
+function validateAcceptSignature(members) {
+	const logger = (0, __logtape_logtape.getLogger)([
+		"fedify",
+		"sig",
+		"http"
+	]);
+	return members.filter((member) => {
+		if (member.components.every((c) => c.value !== "@status")) return true;
+		logLabel(logger, member.label);
+		return false;
+	});
+}
+const logLabel = (logger, label) => logger.warn("Discarding Accept-Signature member {label}: covered components include response-only identifier @status.", { label });
+/**
+* Attempts to translate an {@link AcceptSignatureMember} challenge into
+* RFC 9421 signing options that the local signer can fulfill.
+*
+* Returns `null` if the challenge cannot be fulfilled—for example, if
+* the requested `alg` or `keyid` is incompatible with the local key.
+*
+* Safety constraints:
+* - `alg`: only honored if it matches `localAlg`.
+* - `keyid`: only honored if it matches `localKeyId`.
+* - `components`: passed through exactly as requested, per RFC 9421 §5.2.
+* - `nonce`, `tag`, and `expires` are passed through directly.
+*
+* @param entry The challenge entry from the `Accept-Signature` header.
+* @param localKeyId The local key identifier (e.g., the actor key URL).
+* @param localAlg The algorithm of the local private key
+*                 (e.g., `"rsa-v1_5-sha256"`).
+* @returns Signing options if the challenge can be fulfilled, or `null`.
+* @since 2.1.0
+*/
+function fulfillAcceptSignature(entry, localKeyId, localAlg) {
+	if (entry.parameters.alg != null && entry.parameters.alg !== localAlg) return null;
+	if (entry.parameters.keyid != null && entry.parameters.keyid !== localKeyId) return null;
+	return {
+		label: entry.label,
+		components: entry.components,
+		nonce: entry.parameters.nonce,
+		tag: entry.parameters.tag,
+		expires: entry.parameters.expires
+	};
+}
+
 //#endregion
 //#region src/sig/key.ts
 /**
@@ -494,7 +627,7 @@ async function signRequest(request, privateKey, keyId, options = {}) {
 		try {
 			const spec = options.spec ?? "draft-cavage-http-signatures-12";
 			let signed;
-			if (spec === "rfc9421") signed = await signRequestRfc9421(request, privateKey, keyId, span, options.currentTime, options.body);
+			if (spec === "rfc9421") signed = await signRequestRfc9421(request, privateKey, keyId, span, options.currentTime, options.body, options.rfc9421);
 			else signed = await signRequestDraft(request, privateKey, keyId, span, options.currentTime, options.body);
 			if (span.isRecording()) {
 				span.setAttribute(__opentelemetry_semantic_conventions.ATTR_HTTP_REQUEST_METHOD, signed.method);
@@ -542,7 +675,19 @@ async function signRequestDraft(request, privateKey, keyId, span, currentTime, b
 	});
 }
 function formatRfc9421SignatureParameters(params) {
-	return `alg="${params.algorithm}";keyid="${params.keyId.href}";created=${params.created}`;
+	return Array.from(iterRfc9421(params)).join(";");
+}
+function* iterRfc9421(params) {
+	yield `alg="${params.algorithm}"`;
+	yield `keyid="${params.keyId.href}"`;
+	yield `created=${params.created}`;
+	if (params.expires != null) yield `expires=${params.expires}`;
+	if (params.nonce != null) yield `nonce="${escapeSfString(params.nonce)}"`;
+	if (params.tag != null) yield `tag="${escapeSfString(params.tag)}"`;
+}
+const escapeSfString = (value) => value.replace(/\\/g, "\\\\").replace(/"/g, "\\\"");
+function formatComponentId(component) {
+	return (0, structured_field_values.encodeItem)(new structured_field_values.Item(component.value, component.params));
 }
 /**
 * Creates a signature base for a request according to RFC 9421.
@@ -553,30 +698,31 @@ function formatRfc9421SignatureParameters(params) {
 */
 function createRfc9421SignatureBase(request, components, parameters) {
 	const url = new URL(request.url);
-	const baseComponents = [];
-	for (const component of components) {
-		let value;
-		if (component === "@method") value = request.method.toUpperCase();
-		else if (component === "@target-uri") value = request.url;
-		else if (component === "@authority") value = url.host;
-		else if (component === "@scheme") value = url.protocol.slice(0, -1);
-		else if (component === "@request-target") value = `${request.method.toLowerCase()} ${url.pathname}${url.search}`;
-		else if (component === "@path") value = url.pathname;
-		else if (component === "@query") value = url.search.startsWith("?") ? url.search.slice(1) : url.search;
-		else if (component === "@query-param") throw new Error("@query-param requires a parameter name");
-		else if (component === "@status") throw new Error("@status is only valid for responses");
-		else if (component.startsWith("@")) throw new Error(`Unsupported derived component: ${component}`);
-		else {
-			const header = request.headers.get(component);
-			if (header == null) throw new Error(`Missing header: ${component}`);
-			value = header;
-		}
-		baseComponents.push(`"${component}": ${value}`);
-	}
-	const sigComponents = components.map((c) => `"${c}"`).join(" ");
-	baseComponents.push(`"@signature-params": (${sigComponents});${parameters}`);
-	return baseComponents.join("\n");
+	return components.map((component) => {
+		const id = formatComponentId(component);
+		const derived = derivedComponents[component.value]?.(request, url);
+		if (derived != null) return `${id}: ${derived}`;
+		if (component.value.startsWith("@")) throw new Error(`Unsupported derived component: ${component.value}`);
+		const header = request.headers.get(component.value);
+		if (header == null) throw new Error(`Missing header: ${component.value}`);
+		return `${id}: ${header}`;
+	}).concat([`"@signature-params": (${components.map((c) => formatComponentId(c)).join(" ")});${parameters}`]).join("\n");
 }
+const derivedComponents = {
+	"@method": (request) => request.method.toUpperCase(),
+	"@target-uri": (_, url) => url.href,
+	"@authority": (_, url) => url.host,
+	"@scheme": (_, url) => url.protocol.slice(0, -1),
+	"@request-target": (request, url) => `${request.method.toLowerCase()} ${url.pathname}${url.search}`,
+	"@path": (_, url) => url.pathname,
+	"@query": (_, { search }) => search.startsWith("?") ? search.slice(1) : search,
+	"@query-param": () => {
+		throw new Error("@query-param requires a parameter name");
+	},
+	"@status": () => {
+		throw new Error("@status is only valid for responses");
+	}
+};
 /**
 * Formats a signature using rfc9421 format.
 * @param signature The raw signature bytes.
@@ -584,9 +730,9 @@ function createRfc9421SignatureBase(request, components, parameters) {
 * @param parameters The signature parameters.
 * @returns The formatted signature string.
 */
-function formatRfc9421Signature(signature, components, parameters) {
-	const signatureInputValue = `sig1=("${components.join("\" \"")}");${parameters}`;
-	const signatureValue = `sig1=:${(0, byte_encodings_base64.encodeBase64)(signature)}:`;
+function formatRfc9421Signature(signature, components, parameters, label = "sig1") {
+	const signatureInputValue = `${label}=(${components.map((c) => formatComponentId(c)).join(" ")});${parameters}`;
+	const signatureValue = `${label}=:${(0, byte_encodings_base64.encodeBase64)(signature)}:`;
 	return [signatureInputValue, signatureValue];
 }
 /**
@@ -612,12 +758,17 @@ function parseRfc9421SignatureInput(signatureInput) {
 	const result = {};
 	for (const [label, item] of Object.entries(dict)) {
 		if (!Array.isArray(item.value) || typeof item.params.keyid !== "string" || typeof item.params.created !== "number") continue;
-		const components = item.value.map((subitem) => subitem.value).filter((v) => typeof v === "string");
+		const components = item.value.filter((subitem) => typeof subitem.value === "string").map((subitem) => ({
+			value: subitem.value,
+			params: subitem.params ?? {}
+		}));
 		const params = (0, structured_field_values.encodeItem)(new structured_field_values.Item(0, item.params));
 		result[label] = {
 			keyId: item.params.keyid,
 			alg: item.params.alg,
 			created: item.params.created,
+			nonce: typeof item.params.nonce === "string" ? item.params.nonce : void 0,
+			tag: typeof item.params.tag === "string" ? item.params.tag : void 0,
 			components,
 			parameters: params.slice(params.indexOf(";") + 1)
 		};
@@ -648,7 +799,7 @@ function parseRfc9421Signature(signature) {
 	for (const [key, value] of Object.entries(dict)) if (value.value instanceof Uint8Array) result[key] = value.value;
 	return result;
 }
-async function signRequestRfc9421(request, privateKey, keyId, span, currentTime, bodyBuffer) {
+async function signRequestRfc9421(request, privateKey, keyId, span, currentTime, bodyBuffer, rfc9421Options) {
 	if (privateKey.algorithm.name !== "RSASSA-PKCS1-v1_5") throw new TypeError("Unsupported algorithm: " + privateKey.algorithm.name);
 	const url = new URL(request.url);
 	const body = bodyBuffer !== void 0 ? bodyBuffer : request.method !== "GET" && request.method !== "HEAD" ? await request.clone().arrayBuffer() : null;
@@ -662,18 +813,40 @@ async function signRequestRfc9421(request, privateKey, keyId, span, currentTime,
 	currentTime ??= Temporal.Now.instant();
 	const created = currentTime.epochMilliseconds / 1e3 | 0;
 	if (!headers.has("Date")) headers.set("Date", new Date(currentTime.toString()).toUTCString());
-	const components = [
-		"@method",
-		"@target-uri",
-		"@authority",
-		"host",
-		"date"
-	];
-	if (body != null) components.push("content-digest");
+	const label = rfc9421Options?.label ?? "sig1";
+	const components = [...rfc9421Options?.components ?? [
+		{
+			value: "@method",
+			params: {}
+		},
+		{
+			value: "@target-uri",
+			params: {}
+		},
+		{
+			value: "@authority",
+			params: {}
+		},
+		{
+			value: "host",
+			params: {}
+		},
+		{
+			value: "date",
+			params: {}
+		}
+	], ...body != null ? [{
+		value: "content-digest",
+		params: {}
+	}] : []];
+	const expires = rfc9421Options?.expires === true ? (currentTime.epochMilliseconds / 1e3 | 0) + 3600 : void 0;
 	const signatureParams = formatRfc9421SignatureParameters({
 		algorithm: "rsa-v1_5-sha256",
 		keyId,
-		created
+		created,
+		expires,
+		nonce: rfc9421Options?.nonce,
+		tag: rfc9421Options?.tag
 	});
 	let signatureBase;
 	try {
@@ -685,9 +858,11 @@ async function signRequestRfc9421(request, privateKey, keyId, span, currentTime,
 		throw new TypeError(`Failed to create signature base: ${String(error)}; it is probably a bug in the implementation.  Please report it at Fedify's issue tracker.`);
 	}
 	const signatureBytes = await crypto.subtle.sign("RSASSA-PKCS1-v1_5", privateKey, new TextEncoder().encode(signatureBase));
-	const [signatureInput, signature] = formatRfc9421Signature(signatureBytes, components, signatureParams);
-	headers.set("Signature-Input", signatureInput);
-	headers.set("Signature", signature);
+	const [signatureInput, signature] = formatRfc9421Signature(signatureBytes, components, signatureParams, label);
+	const existingInput = headers.get("Signature-Input");
+	headers.set("Signature-Input", existingInput != null ? `${existingInput}, ${signatureInput}` : signatureInput);
+	const existingSignature = headers.get("Signature");
+	headers.set("Signature", existingSignature != null ? `${existingSignature}, ${signature}` : signature);
 	if (span.isRecording()) {
 		span.setAttribute("http_signatures.algorithm", "rsa-v1_5-sha256");
 		span.setAttribute("http_signatures.signature", (0, byte_encodings_hex.encodeHex)(signatureBytes));
@@ -1146,7 +1321,7 @@ async function verifyRequestRfc9421(request, span, { documentLoader, contextLoad
 				continue;
 			}
 		}
-		if (request.method !== "GET" && request.method !== "HEAD" && sigInput.components.includes("content-digest")) {
+		if (request.method !== "GET" && request.method !== "HEAD" && sigInput.components.some((c) => c.value === "content-digest")) {
 			const contentDigestHeader = request.headers.get("Content-Digest");
 			if (!contentDigestHeader) {
 				logger.debug("Failed to verify; Content-Digest header required but not found.", { components: sigInput.components });
@@ -1216,7 +1391,8 @@ async function verifyRequestRfc9421(request, span, { documentLoader, contextLoad
 			const verified = await crypto.subtle.verify(algorithm, key.publicKey, sigBytes.slice(), signatureBaseBytes);
 			if (verified) return {
 				verified: true,
-				key
+				key,
+				signatureLabel: sigName
 			};
 			else if (cached) {
 				logger.debug("Failed to verify with cached key {keyId}; retrying with fresh key...", { keyId: sigInput.keyId });
@@ -1305,12 +1481,63 @@ async function doubleKnock(request, identity, options = {}) {
 			body
 		});
 	} else if (response.status === 400 || response.status === 401 || response.status > 401) {
-		const spec = firstTrySpec === "draft-cavage-http-signatures-12" ? "rfc9421" : "draft-cavage-http-signatures-12";
-		(0, __logtape_logtape.getLogger)([
+		const logger = (0, __logtape_logtape.getLogger)([
 			"fedify",
 			"sig",
 			"http"
-		]).debug("Failed to verify with the spec {spec} ({status} {statusText}); retrying with spec {secondSpec}... (double-knocking)", {
+		]);
+		const acceptSigHeader = response.headers.get("Accept-Signature");
+		if (acceptSigHeader != null) {
+			const entries = validateAcceptSignature(parseAcceptSignature(acceptSigHeader));
+			const localKeyId = identity.keyId.href;
+			const localAlg = "rsa-v1_5-sha256";
+			let fulfilled = false;
+			let challengeRequest;
+			for (const entry of entries) {
+				const rfc9421 = fulfillAcceptSignature(entry, localKeyId, localAlg);
+				if (rfc9421 == null) continue;
+				logger.debug("Received Accept-Signature challenge; accumulating label {label} and components {components}.", {
+					label: rfc9421.label,
+					components: rfc9421.components
+				});
+				try {
+					challengeRequest = await signRequest(challengeRequest ?? request, identity.privateKey, identity.keyId, {
+						spec: "rfc9421",
+						tracerProvider,
+						body,
+						rfc9421
+					});
+					fulfilled = true;
+				} catch (error) {
+					logger.debug("Failed to fulfill Accept-Signature challenge entry {label}: {error}", {
+						label: entry.label,
+						error
+					});
+				}
+			}
+			if (fulfilled && challengeRequest != null) {
+				signedRequest = challengeRequest;
+				log?.(signedRequest);
+				response = await fetch(signedRequest, {
+					redirect: "manual",
+					signal
+				});
+				if (response.status >= 300 && response.status < 400 && response.headers.has("Location")) {
+					const location = response.headers.get("Location");
+					return doubleKnock(createRedirectRequest(request, location, body), identity, {
+						...options,
+						body
+					});
+				}
+			}
+			if (fulfilled && response.status < 300) {
+				await specDeterminer?.rememberSpec(origin, "rfc9421");
+				return response;
+			}
+			if (fulfilled && response.status !== 400 && response.status !== 401) return response;
+		}
+		const spec = firstTrySpec === "draft-cavage-http-signatures-12" ? "rfc9421" : "draft-cavage-http-signatures-12";
+		logger.debug("Failed to verify with the spec {spec} ({status} {statusText}); retrying with spec {secondSpec}... (double-knocking)", {
 			spec: firstTrySpec,
 			secondSpec: spec,
 			status: response.status,
@@ -1395,6 +1622,18 @@ Object.defineProperty(exports, 'fetchKeyDetailed', {
     return fetchKeyDetailed;
   }
 });
+Object.defineProperty(exports, 'formatAcceptSignature', {
+  enumerable: true,
+  get: function () {
+    return formatAcceptSignature;
+  }
+});
+Object.defineProperty(exports, 'fulfillAcceptSignature', {
+  enumerable: true,
+  get: function () {
+    return fulfillAcceptSignature;
+  }
+});
 Object.defineProperty(exports, 'generateCryptoKeyPair', {
   enumerable: true,
   get: function () {
@@ -1407,12 +1646,30 @@ Object.defineProperty(exports, 'importJwk', {
     return importJwk;
   }
 });
+Object.defineProperty(exports, 'parseAcceptSignature', {
+  enumerable: true,
+  get: function () {
+    return parseAcceptSignature;
+  }
+});
+Object.defineProperty(exports, 'parseRfc9421SignatureInput', {
+  enumerable: true,
+  get: function () {
+    return parseRfc9421SignatureInput;
+  }
+});
 Object.defineProperty(exports, 'signRequest', {
   enumerable: true,
   get: function () {
     return signRequest;
   }
 });
+Object.defineProperty(exports, 'validateAcceptSignature', {
+  enumerable: true,
+  get: function () {
+    return validateAcceptSignature;
+  }
+});
 Object.defineProperty(exports, 'validateCryptoKey', {
   enumerable: true,
   get: function () {