WebOfTrust · iFergal · Jan 15, 2025 · Jan 17, 2025 · Jan 23, 2025 · Jan 23, 2025
diff --git a/src/keria/app/agenting.py b/src/keria/app/agenting.py
@@ -49,7 +49,7 @@
 from ..peer import exchanging as keriaexchanging
 from .specing import AgentSpecResource
 from ..core import authing, longrunning, httping
-from ..core.authing import Authenticater
+from ..core.authing import SignedHeaderAuthenticator
 from ..core.keeping import RemoteManager
 from ..db import basing
 
@@ -152,8 +152,8 @@ def setupDoers(config: KERIAServerConfig):
     """
     Sets up the HIO coroutines the KERIA agent server is composed of including three HTTP servers for a KERIA agent server:
     1. Boot server for bootstrapping agents. Signify calls this with a signed inception event.
-    2. Admin server for administrative tasks like creating agents.
-    3. HTTP server for all other agent operations.
+    2. Admin server for any Signify client related actions after bootstrapping.
+    3. HTTP server for all other external agents send KERI events or messages for interactions.
     """
     agency = Agency(
         name=config.name,
@@ -173,7 +173,8 @@ def setupDoers(config: KERIAServerConfig):
         'signature',
         'signature-input',
         'signify-resource',
-        'signify-timestamp'
+        'signify-timestamp',
+        'signify-receiver'
     ]
     bootApp = falcon.App(middleware=falcon.CORSMiddleware(
         allow_origins='*', allow_credentials='*',
@@ -188,14 +189,15 @@ def setupDoers(config: KERIAServerConfig):
     bootApp.add_route("/health", HealthEnd())
 
     # Create Authenticater for verifying signatures on all requests
-    authn = Authenticater(agency=agency)
+    authn = SignedHeaderAuthenticator(agency=agency)
 
-    app = falcon.App(middleware=falcon.CORSMiddleware(
-        allow_origins='*', allow_credentials='*',
-        expose_headers=allowed_cors_headers))
+    app = falcon.App(
+        middleware=falcon.CORSMiddleware(allow_origins='*', allow_credentials='*', expose_headers=allowed_cors_headers),
+        request_type=authing.ModifiableRequest
+    )
     if config.cors:
         app.add_middleware(middleware=httping.HandleCORS())
-    app.add_middleware(authing.SignatureValidationComponent(agency=agency, authn=authn, allowed=["/agent"]))
+    app.add_middleware(authing.AuthenticationMiddleware(agency=agency, authn=authn, allowed=["/agent"]))
     app.req_options.media_handlers.update(media.Handlers())
     app.resp_options.media_handlers.update(media.Handlers())
 

diff --git a/src/keria/app/aiding.py b/src/keria/app/aiding.py
@@ -24,8 +24,8 @@
 
 
 def loadEnds(app, agency, authn):
-    groupEnd = AgentResourceEnd(agency=agency, authn=authn)
-    app.add_route("/agent/{caid}", groupEnd)
+    agentEnd = AgentResourceEnd(agency=agency, authn=authn)
+    app.add_route("/agent/{caid}", agentEnd)
 
     aidsEnd = IdentifierCollectionEnd()
     app.add_route("/identifiers", aidsEnd)
@@ -245,7 +245,8 @@ def on_put(self, req, rep, caid):
         ctrlHab = agent.hby.habByName(caid, ns="agent")
         ctrlHab.rotate(serder=rot, sigers=[core.Siger(qb64=sig) for sig in sigs])
 
-        if not self.authn.verify(req):
+        # @TODO - foconnor: Not sure if this should be here - Signify is not signing headers for passcode rotation.
+        if not self.authn.inbound(req):
             raise falcon.HTTPForbidden(description="invalid signature on request")
 
         sxlt = body["sxlt"]