forked from mirrors/akkoma
Signature: Handle non-ap ids in key ids.
Mastodon and Gab sometimes send the format `acct:name@server`.
This commit is contained in:
parent
3370bb0e46
commit
a912f72a36
2 changed files with 29 additions and 7 deletions
|
@ -8,6 +8,7 @@ defmodule Pleroma.Signature do
|
||||||
alias Pleroma.Keys
|
alias Pleroma.Keys
|
||||||
alias Pleroma.User
|
alias Pleroma.User
|
||||||
alias Pleroma.Web.ActivityPub.ActivityPub
|
alias Pleroma.Web.ActivityPub.ActivityPub
|
||||||
|
alias Pleroma.Web.ActivityPub.ObjectValidators.Types
|
||||||
|
|
||||||
def key_id_to_actor_id(key_id) do
|
def key_id_to_actor_id(key_id) do
|
||||||
uri =
|
uri =
|
||||||
|
@ -21,12 +22,23 @@ defmodule Pleroma.Signature do
|
||||||
uri
|
uri
|
||||||
end
|
end
|
||||||
|
|
||||||
URI.to_string(uri)
|
maybe_ap_id = URI.to_string(uri)
|
||||||
|
|
||||||
|
case Types.ObjectID.cast(maybe_ap_id) do
|
||||||
|
{:ok, ap_id} ->
|
||||||
|
{:ok, ap_id}
|
||||||
|
|
||||||
|
_ ->
|
||||||
|
case Pleroma.Web.WebFinger.finger(maybe_ap_id) do
|
||||||
|
%{"ap_id" => ap_id} -> {:ok, ap_id}
|
||||||
|
_ -> {:error, maybe_ap_id}
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def fetch_public_key(conn) do
|
def fetch_public_key(conn) do
|
||||||
with %{"keyId" => kid} <- HTTPSignatures.signature_for_conn(conn),
|
with %{"keyId" => kid} <- HTTPSignatures.signature_for_conn(conn),
|
||||||
actor_id <- key_id_to_actor_id(kid),
|
{:ok, actor_id} <- key_id_to_actor_id(kid),
|
||||||
{:ok, public_key} <- User.get_public_key_for_ap_id(actor_id) do
|
{:ok, public_key} <- User.get_public_key_for_ap_id(actor_id) do
|
||||||
{:ok, public_key}
|
{:ok, public_key}
|
||||||
else
|
else
|
||||||
|
@ -37,7 +49,7 @@ defmodule Pleroma.Signature do
|
||||||
|
|
||||||
def refetch_public_key(conn) do
|
def refetch_public_key(conn) do
|
||||||
with %{"keyId" => kid} <- HTTPSignatures.signature_for_conn(conn),
|
with %{"keyId" => kid} <- HTTPSignatures.signature_for_conn(conn),
|
||||||
actor_id <- key_id_to_actor_id(kid),
|
{:ok, actor_id} <- key_id_to_actor_id(kid),
|
||||||
{:ok, _user} <- ActivityPub.make_user_from_ap_id(actor_id),
|
{:ok, _user} <- ActivityPub.make_user_from_ap_id(actor_id),
|
||||||
{:ok, public_key} <- User.get_public_key_for_ap_id(actor_id) do
|
{:ok, public_key} <- User.get_public_key_for_ap_id(actor_id) do
|
||||||
{:ok, public_key}
|
{:ok, public_key}
|
||||||
|
|
|
@ -44,7 +44,8 @@ defmodule Pleroma.SignatureTest do
|
||||||
|
|
||||||
test "it returns error when not found user" do
|
test "it returns error when not found user" do
|
||||||
assert capture_log(fn ->
|
assert capture_log(fn ->
|
||||||
assert Signature.fetch_public_key(make_fake_conn("test-ap_id")) == {:error, :error}
|
assert Signature.fetch_public_key(make_fake_conn("https://test-ap-id")) ==
|
||||||
|
{:error, :error}
|
||||||
end) =~ "[error] Could not decode user"
|
end) =~ "[error] Could not decode user"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -64,7 +65,7 @@ defmodule Pleroma.SignatureTest do
|
||||||
|
|
||||||
test "it returns error when not found user" do
|
test "it returns error when not found user" do
|
||||||
assert capture_log(fn ->
|
assert capture_log(fn ->
|
||||||
{:error, _} = Signature.refetch_public_key(make_fake_conn("test-ap_id"))
|
{:error, _} = Signature.refetch_public_key(make_fake_conn("https://test-ap_id"))
|
||||||
end) =~ "[error] Could not decode user"
|
end) =~ "[error] Could not decode user"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -100,12 +101,21 @@ defmodule Pleroma.SignatureTest do
|
||||||
describe "key_id_to_actor_id/1" do
|
describe "key_id_to_actor_id/1" do
|
||||||
test "it properly deduces the actor id for misskey" do
|
test "it properly deduces the actor id for misskey" do
|
||||||
assert Signature.key_id_to_actor_id("https://example.com/users/1234/publickey") ==
|
assert Signature.key_id_to_actor_id("https://example.com/users/1234/publickey") ==
|
||||||
"https://example.com/users/1234"
|
{:ok, "https://example.com/users/1234"}
|
||||||
end
|
end
|
||||||
|
|
||||||
test "it properly deduces the actor id for mastodon and pleroma" do
|
test "it properly deduces the actor id for mastodon and pleroma" do
|
||||||
assert Signature.key_id_to_actor_id("https://example.com/users/1234#main-key") ==
|
assert Signature.key_id_to_actor_id("https://example.com/users/1234#main-key") ==
|
||||||
"https://example.com/users/1234"
|
{:ok, "https://example.com/users/1234"}
|
||||||
|
end
|
||||||
|
|
||||||
|
test "it calls webfinger for 'acct:' accounts" do
|
||||||
|
with_mock(Pleroma.Web.WebFinger,
|
||||||
|
finger: fn _ -> %{"ap_id" => "https://gensokyo.2hu/users/raymoo"} end
|
||||||
|
) do
|
||||||
|
assert Signature.key_id_to_actor_id("acct:raymoo@gensokyo.2hu") ==
|
||||||
|
{:ok, "https://gensokyo.2hu/users/raymoo"}
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue