Merge branch 'fix/2322-digest-algorithm-case-insensitive' into 'develop'

Digest algorithm is taken from header

Closes #2322

See merge request pleroma/pleroma!3176

1 files changed, 16 insertions, 2 deletions

diff --git a/lib/pleroma/web/plugs/digest_plug.ex b/lib/pleroma/web/plugs/digest_plug.ex
index b521b3073..fb2723b97 100644
--- a/lib/pleroma/web/plugs/digest_plug.ex
+++ b/lib/pleroma/web/plugs/digest_plug.ex
@@ -7,8 +7,22 @@ defmodule Pleroma.Web.Plugs.DigestPlug do
   require Logger
 
   def read_body(conn, opts) do
+    digest_algorithm =
+      with [digest_header] <- Conn.get_req_header(conn, "digest") do
+        digest_header
+        |> String.split("=", parts: 2)
+        |> List.first()
+      else
+        _ -> "SHA-256"
+      end
+
+    unless String.downcase(digest_algorithm) == "sha-256" do
+      raise ArgumentError,
+        message: "invalid value for digest algorithm, got: #{digest_algorithm}"
+    end
+
     {:ok, body, conn} = Conn.read_body(conn, opts)
-    digest = "SHA-256=" <> (:crypto.hash(:sha256, body) |> Base.encode64())
-    {:ok, body, Conn.assign(conn, :digest, digest)}
+    encoded_digest = :crypto.hash(:sha256, body) |> Base.encode64()
+    {:ok, body, Conn.assign(conn, :digest, "#{digest_algorithm}=#{encoded_digest}")}
   end
 end