Bump version: 1.2.15 → 1.2.16

fix key logic
2025-07-18 17:07:50 +01:00 · 2025-07-18 17:07:46 +01:00
3 changed files with 22 additions and 14 deletions
--- a/.bumpversion.toml
+++ b/.bumpversion.toml
@ -1,5 +1,5 @@
 [tool.bumpversion]
-current_version = "1.2.15"
+current_version = "1.2.16"
 commit = true
 tag = true
 tag_name = "{new_version}"
--- a/2
+++ b/2
@ -1 +1 @@
-1.2.15
+1.2.16
--- a/routes/api.py
+++ b/routes/api.py
@ -15,6 +15,8 @@ from ktvmanager.lib.checker import validate_account
 from typing import Tuple
 import json
 import re
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric import ec
 from pywebpush import webpush, WebPushException
 api_blueprint = Blueprint("api", __name__)
@ -149,18 +151,24 @@ def login_route(username: str, password: str) -> Response:
 def vapid_public_key():
    """Provides the VAPID public key in the correct format."""
    pem_key = current_app.config["VAPID_PUBLIC_KEY"]
-    # Use regex to robustly extract the base64 content from the PEM key
+    try:
-    match = re.search(r"-----BEGIN PUBLIC KEY-----(.*)-----END PUBLIC KEY-----", pem_key, re.DOTALL)
+        public_key = serialization.load_pem_public_key(pem_key.encode("utf-8"))
-    if not match:
+        if not isinstance(public_key, ec.EllipticCurvePublicKey):
-        return jsonify({"error": "Could not parse VAPID public key from config"}), 500
+            raise TypeError("VAPID public key is not an Elliptic Curve key")
-    # Join the split lines to remove all whitespace and newlines
+        # Get the raw, uncompressed public key bytes (65 bytes for P-256)
-    base64_key = "".join(match.group(1).split())
+        raw_key = public_key.public_bytes(
            encoding=serialization.Encoding.X962,
            format=serialization.PublicFormat.UncompressedPoint
        )
-    # Convert to URL-safe base64 and remove padding for the PushManager API
+        # URL-safe base64 encode the raw key
-    url_safe_key = base64_key.replace('+', '-').replace('/', '_').rstrip('=')
+        url_safe_key = base64.urlsafe_b64encode(raw_key).rstrip(b'=').decode('utf-8')
        return jsonify({"public_key": url_safe_key})
    except (ValueError, TypeError, AttributeError) as e:
        current_app.logger.error(f"Error processing VAPID public key: {e}")
        return jsonify({"error": "Could not process VAPID public key"}), 500
@api_blueprint.route("/save-subscription", methods=["POST"])
Author	SHA1	Message	Date
Karl	809f1ebda5	Bump version: 1.2.15 → 1.2.16 All checks were successful Build and Publish Docker Image / build-and-push (push) Successful in 1m33s Details	2025-07-18 17:07:50 +01:00
Karl	5ab44bd78d	fix key logic	2025-07-18 17:07:46 +01:00