feat: add Web Bot Auth support

https://datatracker.ietf.org/doc/html/draft-meunier-http-message-signatures-directory

https://datatracker.ietf.org/doc/html/draft-meunier-web-bot-auth-architecture

Author: fguillot

internal/botauth/botauth.go

@@ -0,0 +1,246 @@
+// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package botauth // import "miniflux.app/v2/internal/botauth"
+
+// Resources:
+//
+// https://datatracker.ietf.org/doc/html/draft-meunier-http-message-signatures-directory
+// https://datatracker.ietf.org/doc/html/draft-meunier-web-bot-auth-architecture
+// https://developers.cloudflare.com/bots/reference/bot-verification/web-bot-auth/
+// https://github.com/thibmeu/http-message-signatures-directory
+
+import (
+	"crypto/ed25519"
+	"crypto/sha256"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"net/url"
+	"strconv"
+	"strings"
+	"time"
+
+	"miniflux.app/v2/internal/crypto"
+)
+
+const (
+	keyValidity = 3600 // 1 hour validity
+)
+
+var GlobalInstance *bothAuth
+
+type jsonWebKey struct {
+	KeyType   string `json:"kty"`
+	Curve     string `json:"crv"`
+	PublicKey string `json:"x"`
+}
+
+type jsonWebKeySet struct {
+	Keys []jsonWebKey `json:"keys"`
+}
+
+type bothAuth struct {
+	directoryURL string
+	privateKey   []byte
+	publicJWK    *jsonWebKey
+	thumbprint   string
+}
+
+func NewBothAuth(directoryURL string, privateKey, publicKey []byte) (*bothAuth, error) {
+	if !strings.HasPrefix(directoryURL, "https://") {
+		return nil, fmt.Errorf("directory URL %q must start with https://", directoryURL)
+	}
+
+	if privateKeyLength := len(privateKey); privateKeyLength != ed25519.PrivateKeySize {
+		return nil, fmt.Errorf("invalid private key size: got %d instead of %d", privateKeyLength, ed25519.PrivateKeySize)
+	}
+
+	publicJWK := &jsonWebKey{
+		KeyType:   "OKP",
+		Curve:     "Ed25519",
+		PublicKey: base64.RawURLEncoding.EncodeToString(publicKey),
+	}
+
+	thumbprint, err := computeJWKThumbprint(publicJWK)
+	if err != nil {
+		return nil, fmt.Errorf("failed to calculate JWK thumbprint: %w", err)
+	}
+	return &bothAuth{
+		directoryURL: directoryURL,
+		privateKey:   privateKey,
+		publicJWK:    publicJWK,
+		thumbprint:   thumbprint,
+	}, nil
+}
+
+func (ba *bothAuth) DirectoryURL() string {
+	absoluteURL, err := url.JoinPath(ba.directoryURL, "/.well-known/http-message-signatures-directory")
+	if err != nil {
+		return ba.directoryURL
+	}
+	return absoluteURL
+}
+
+func (ba *bothAuth) ServeKeyDirectory(w http.ResponseWriter, r *http.Request) {
+	body, err := json.Marshal(jsonWebKeySet{Keys: []jsonWebKey{*ba.publicJWK}})
+	if err != nil {
+		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
+		return
+	}
+
+	created := time.Now().Unix()
+	expires := created + keyValidity
+
+	signatureMetadata := []signatureMetadata{
+		{name: "alg", value: "ed25519"},
+
+		// https://datatracker.ietf.org/doc/html/draft-meunier-http-message-signatures-directory-01#section-5.2-6.6.1
+		{name: "keyid", value: ba.thumbprint},
+
+		// https://datatracker.ietf.org/doc/html/draft-meunier-http-message-signatures-directory-01#section-5.2-6.2.1
+		{name: "created", value: created},
+
+		// https://datatracker.ietf.org/doc/html/draft-meunier-http-message-signatures-directory-01#section-5.2-6.4.1
+		{name: "expires", value: expires},
+
+		// https://datatracker.ietf.org/doc/html/draft-meunier-web-bot-auth-architecture-02#name-anti-replay
+		{name: "nonce", value: base64.StdEncoding.EncodeToString(crypto.GenerateRandomBytes(64))},
+
+		// https://datatracker.ietf.org/doc/html/draft-meunier-http-message-signatures-directory-01#section-5.2-6.8.1
+		{name: "tag", value: "http-message-signatures-directory"},
+	}
+
+	signatureComponents := []signatureComponent{
+		{name: "@authority", value: r.Host},
+	}
+
+	signatureParams := generateSignatureParams(signatureComponents, signatureMetadata)
+	signatureInput := `sig1=` + signatureParams
+
+	signature, err := signComponents(ba.privateKey, signatureComponents, signatureParams)
+	if err != nil {
+		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
+		return
+	}
+
+	// Set headers
+	w.Header().Set("Content-Type", "application/http-message-signatures-directory+json")
+	w.Header().Set("Signature", `sig1=:`+signature+`:`)
+	w.Header().Set("Signature-Input", signatureInput)
+	w.Header().Set("Cache-Control", "max-age=86400")
+
+	w.WriteHeader(http.StatusOK)
+	w.Write(body)
+}
+
+func (ba *bothAuth) SignRequest(req *http.Request) error {
+	created := time.Now().Unix()
+	expires := created + keyValidity
+
+	// @authority component
+	// https://www.rfc-editor.org/rfc/rfc9421#section-2.2.3
+	authority := req.Host
+	if authority == "" {
+		authority = req.URL.Host
+	}
+
+	signatureAgent := `"` + ba.directoryURL + `"`
+
+	signatureMetadata := []signatureMetadata{
+		{name: "alg", value: "ed25519"},
+
+		// https://datatracker.ietf.org/doc/html/draft-meunier-web-bot-auth-architecture-02#section-4.2-5.6.1
+		{name: "keyid", value: ba.thumbprint},
+
+		// https://datatracker.ietf.org/doc/html/draft-meunier-web-bot-auth-architecture-02#section-4.2-5.2.1
+		{name: "created", value: created},
+
+		// https://datatracker.ietf.org/doc/html/draft-meunier-web-bot-auth-architecture-02#section-4.2-5.4.1
+		{name: "expires", value: expires},
+
+		// https://datatracker.ietf.org/doc/html/draft-meunier-web-bot-auth-architecture-02#name-anti-replay
+		{name: "nonce", value: base64.StdEncoding.EncodeToString(crypto.GenerateRandomBytes(64))},
+
+		// https://datatracker.ietf.org/doc/html/draft-meunier-web-bot-auth-architecture-02#section-4.2-5.8.1
+		{name: "tag", value: "web-bot-auth"},
+	}
+
+	// https://datatracker.ietf.org/doc/html/draft-meunier-web-bot-auth-architecture-02#name-signature-agent
+	signatureComponents := []signatureComponent{
+		{name: "@authority", value: authority},
+		{name: "signature-agent", value: signatureAgent},
+	}
+
+	signatureParams := generateSignatureParams(signatureComponents, signatureMetadata)
+	signatureInput := `sig1=` + signatureParams
+
+	signature, err := signComponents(ba.privateKey, signatureComponents, signatureParams)
+	if err != nil {
+		return fmt.Errorf("failed to sign request: %w", err)
+	}
+
+	// Add headers to request
+	req.Header.Set("Signature-Agent", signatureAgent)
+	req.Header.Set("Signature-Input", signatureInput)
+	req.Header.Set("Signature", `sig1=:`+signature+`:`)
+
+	return nil
+}
+
+// computeJWKThumbprint computes RFC 7638 JWK thumbprint
+// https://www.rfc-editor.org/rfc/rfc8037.html#appendix-A.3
+func computeJWKThumbprint(jwk *jsonWebKey) (string, error) {
+	canonical := `{"crv":"` + jwk.Curve + `","kty":"` + jwk.KeyType + `","x":"` + jwk.PublicKey + `"}`
+	hash := sha256.Sum256([]byte(canonical))
+	return base64.RawURLEncoding.EncodeToString(hash[:]), nil
+}
+
+type signatureMetadata struct {
+	name  string
+	value any
+}
+
+// https://www.rfc-editor.org/rfc/rfc9421#name-signature-parameters
+func generateSignatureParams(components []signatureComponent, signatureMetadata []signatureMetadata) string {
+	var componentNames []string
+
+	for _, component := range components {
+		componentNames = append(componentNames, `"`+component.name+`"`)
+	}
+
+	var metadataParts []string
+	for _, meta := range signatureMetadata {
+		switch v := meta.value.(type) {
+		case string:
+			metadataParts = append(metadataParts, meta.name+`="`+v+`"`)
+		case int64:
+			metadataParts = append(metadataParts, meta.name+`=`+strconv.FormatInt(v, 10))
+		}
+	}
+
+	return `(` + strings.Join(componentNames, ` `) + `);` + strings.Join(metadataParts, ";")
+}
+
+type signatureComponent struct {
+	name  string
+	value string
+}
+
+// https://www.rfc-editor.org/rfc/rfc9421#name-signing-request-components-
+func signComponents(privateKey ed25519.PrivateKey, components []signatureComponent, signatureParams string) (string, error) {
+	var signatureBase strings.Builder
+
+	// Build signature base
+	for _, comp := range components {
+		signatureBase.WriteString(`"` + comp.name + `": ` + comp.value + "\n")
+	}
+
+	signatureBase.WriteString(`"@signature-params": ` + signatureParams)
+
+	// Sign the signature base
+	signature := ed25519.Sign(privateKey, []byte(signatureBase.String()))
+
+	return base64.StdEncoding.EncodeToString(signature), nil
+}

internal/botauth/botauth_test.go

@@ -0,0 +1,91 @@
+// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package botauth
+
+import (
+	"crypto/ed25519"
+	"encoding/base64"
+	"testing"
+)
+
+func TestComputeThumbprint(t *testing.T) {
+	// Test values taken from https://www.rfc-editor.org/rfc/rfc8037.html#appendix-A.3
+	jwk := &jsonWebKey{
+		KeyType:   "OKP",
+		Curve:     "Ed25519",
+		PublicKey: "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo",
+	}
+
+	expectedThumbprint := "kPrK_qmxVWaYVA9wwBF6Iuo3vVzz7TxHCTwXBygrS4k"
+
+	thumbprint, err := computeJWKThumbprint(jwk)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if thumbprint != expectedThumbprint {
+		t.Fatalf("Invalid thumbprint, got %q instead of %q", thumbprint, expectedThumbprint)
+	}
+}
+
+func TestGenerateSignatureParams(t *testing.T) {
+	// Example taken from https://www.rfc-editor.org/rfc/rfc9421#name-signing-a-request-using-ed2
+	signatureComponents := []signatureComponent{
+		{name: "date", value: "Tue, 20 Apr 2021 02:07:55 GMT"},
+		{name: "@method", value: "POST"},
+		{name: "@path", value: "/foo"},
+		{name: "@authority", value: "example.com"},
+		{name: "content-type", value: "application/json"},
+		{name: "content-length", value: "18"},
+	}
+
+	signatureMetadata := []signatureMetadata{
+		{name: "created", value: int64(1618884473)},
+		{name: "keyid", value: "test-key-ed25519"},
+	}
+
+	generatedSignatureParams := generateSignatureParams(signatureComponents, signatureMetadata)
+	expectedSignatureParams := `("date" "@method" "@path" "@authority" "content-type" "content-length");created=1618884473;keyid="test-key-ed25519"`
+
+	if generatedSignatureParams != expectedSignatureParams {
+		t.Fatalf("Invalid signature params, got %s instead of %s", generatedSignatureParams, expectedSignatureParams)
+	}
+}
+
+func TestSignComponents(t *testing.T) {
+	// Test key from https://www.rfc-editor.org/rfc/rfc9421#name-example-ed25519-test-key
+	privateKeyBase64 := "n4Ni-HpISpVObnQMW0wOhCKROaIKqKtW_2ZYb2p9KcU"
+	privateKey, err := base64.RawURLEncoding.DecodeString(privateKeyBase64)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Example taken from https://www.rfc-editor.org/rfc/rfc9421#name-signing-a-request-using-ed2
+	signatureComponents := []signatureComponent{
+		{name: "date", value: "Tue, 20 Apr 2021 02:07:55 GMT"},
+		{name: "@method", value: "POST"},
+		{name: "@path", value: "/foo"},
+		{name: "@authority", value: "example.com"},
+		{name: "content-type", value: "application/json"},
+		{name: "content-length", value: "18"},
+	}
+
+	signatureMetadata := []signatureMetadata{
+		{name: "created", value: int64(1618884473)},
+		{name: "keyid", value: "test-key-ed25519"},
+	}
+
+	generatedSignatureParams := generateSignatureParams(signatureComponents, signatureMetadata)
+	signature, err := signComponents(ed25519.NewKeyFromSeed(privateKey), signatureComponents, generatedSignatureParams)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Expected signature taken from https://www.rfc-editor.org/rfc/rfc9421#name-signing-a-request-using-ed2
+	expectedSignature := "wqcAqbmYJ2ji2glfAMaRy4gruYYnx2nEFN2HN6jrnDnQCK1u02Gb04v9EDgwUPiu4A0w6vuQv5lIp5WPpBKRCw=="
+
+	if signature != expectedSignature {
+		t.Fatalf("Invalid signature, got %q instead of %q", signature, expectedSignature)
+	}
+}

internal/cli/cli.go

@@ -11,7 +11,9 @@ import (
 	"log/slog"
 	"os"
 
+	"miniflux.app/v2/internal/botauth"
 	"miniflux.app/v2/internal/config"
+	"miniflux.app/v2/internal/crypto"
 	"miniflux.app/v2/internal/database"
 	"miniflux.app/v2/internal/proxyrotator"
 	"miniflux.app/v2/internal/storage"
@@ -249,6 +251,44 @@ func Parse() {
 		}
 	}
 
+	if config.Opts.WebBotAuth() {
+		hasKeys, err := store.HasWebAuthBothKeys()
+		if err != nil {
+			printErrorAndExit(fmt.Errorf("unable to check for existing web bot auth keys: %v", err))
+		}
+
+		var privateKey, publicKey []byte
+		if !hasKeys {
+			slog.Info("Web bot authentication is enabled but no keys are present in the database, generating a new key pair")
+			privateKey, publicKey, err := crypto.GenerateEd25519Keys()
+			if err != nil {
+				printErrorAndExit(fmt.Errorf("unable to generate web bot auth keys: %v", err))
+			}
+
+			if err := store.SaveWebAuthBothKeys(privateKey, publicKey); err != nil {
+				printErrorAndExit(fmt.Errorf("unable to save web bot auth keys: %v", err))
+			}
+
+			slog.Info("A new Ed25519 key pair has been generated for web bot authentication")
+		} else {
+			privateKey, publicKey, err = store.WebAuthBothKeys()
+			if err != nil {
+				printErrorAndExit(fmt.Errorf("unable to fetch web bot auth keys: %v", err))
+			}
+		}
+
+		botauth.GlobalInstance, err = botauth.NewBothAuth(
+			config.Opts.BaseURL(),
+			privateKey,
+			publicKey,
+		)
+		if err != nil {
+			printErrorAndExit(fmt.Errorf("unable to initialize web bot auth: %v", err))
+		}
+
+		slog.Info("Web bot authentication is enabled", slog.String("directory_url", botauth.GlobalInstance.DirectoryURL()))
+	}
+
 	if flagRefreshFeeds {
 		refreshFeeds(store)
 		return