diff --git a/keyserver/src/services/blob.js b/keyserver/src/services/blob.js --- a/keyserver/src/services/blob.js +++ b/keyserver/src/services/blob.js @@ -6,17 +6,43 @@ makeBlobServiceEndpointURL, } from 'lib/utils/blob-service.js'; import { getMessageForException } from 'lib/utils/errors.js'; +import { createHTTPAuthorizationHeader } from 'lib/utils/services-utils.js'; + +import { verifyUserLoggedIn } from '../user/login.js'; +import { getContentSigningKey } from '../utils/olm-utils.js'; + +async function createRequestHeaders( + includeContentType: boolean = true, +): Promise<{ [string]: string }> { + const [{ userId: userID, accessToken }, deviceID] = await Promise.all([ + verifyUserLoggedIn(), + getContentSigningKey(), + ]); + + const authorization = createHTTPAuthorizationHeader({ + userID, + deviceID, + accessToken, + }); + + return { + Authorization: authorization, + ...(includeContentType && { 'Content-Type': 'application/json' }), + }; +} async function uploadBlob(blob: Blob, hash: string): Promise { const formData = new FormData(); formData.append('blob_hash', hash); formData.append('blob_data', blob); + const headers = await createRequestHeaders(false); const uploadBlobResponse = await fetch( makeBlobServiceEndpointURL(blobService.httpEndpoints.UPLOAD_BLOB), { method: blobService.httpEndpoints.UPLOAD_BLOB.method, body: formData, + headers, }, ); @@ -27,6 +53,7 @@ } async function assignHolder(holder: string, hash: string): Promise { + const headers = await createRequestHeaders(); const assignHolderResponse = await fetch( makeBlobServiceEndpointURL(blobService.httpEndpoints.ASSIGN_HOLDER), { @@ -35,9 +62,7 @@ holder, blob_hash: hash, }), - headers: { - 'content-type': 'application/json', - }, + headers, }, ); @@ -71,11 +96,10 @@ }, > { const url = getBlobFetchableURL(hash); + const headers = await createRequestHeaders(); const response = await fetch(url, { method: blobService.httpEndpoints.GET_BLOB.method, - headers: { - 'content-type': 'application/json', - }, + headers, }); if (!response.ok) {