fixes
This commit is contained in:
parent
516e0f8ecf
commit
487e7ba43c
2 changed files with 19 additions and 8 deletions
|
@ -7,6 +7,8 @@ import DbResolver from "@/remote/activitypub/db-resolver.js";
|
||||||
import { getApId } from "@/remote/activitypub/type.js";
|
import { getApId } from "@/remote/activitypub/type.js";
|
||||||
import { shouldBlockInstance } from "@/misc/should-block-instance.js";
|
import { shouldBlockInstance } from "@/misc/should-block-instance.js";
|
||||||
import type { IncomingMessage } from "http";
|
import type { IncomingMessage } from "http";
|
||||||
|
import type { CacheableRemoteUser } from "@/models/entities/user.js";
|
||||||
|
import type { UserPublickey } from "@/models/entities/user-publickey.js";
|
||||||
|
|
||||||
export async function hasSignature(req: IncomingMessage): Promise<string> {
|
export async function hasSignature(req: IncomingMessage): Promise<string> {
|
||||||
const meta = await fetchMeta();
|
const meta = await fetchMeta();
|
||||||
|
@ -98,7 +100,10 @@ export async function checkFetch(req: IncomingMessage): Promise<number> {
|
||||||
|
|
||||||
export async function getSignatureUser(
|
export async function getSignatureUser(
|
||||||
req: IncomingMessage,
|
req: IncomingMessage,
|
||||||
): Promise<CacheableRemoteUser> {
|
): Promise<{
|
||||||
|
user: CacheableRemoteUser;
|
||||||
|
key: UserPublickey | null;
|
||||||
|
} | null> {
|
||||||
let authUser;
|
let authUser;
|
||||||
const meta = await fetchMeta();
|
const meta = await fetchMeta();
|
||||||
if (meta.secureMode || meta.privateMode) {
|
if (meta.secureMode || meta.privateMode) {
|
||||||
|
@ -114,7 +119,7 @@ export async function getSignatureUser(
|
||||||
const host = toPuny(keyId.hostname);
|
const host = toPuny(keyId.hostname);
|
||||||
|
|
||||||
if (await shouldBlockInstance(host, meta)) {
|
if (await shouldBlockInstance(host, meta)) {
|
||||||
return 403;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (
|
if (
|
||||||
|
@ -137,20 +142,20 @@ export async function getSignatureUser(
|
||||||
authUser = await dbResolver.getAuthUserFromKeyId(signature.keyId);
|
authUser = await dbResolver.getAuthUserFromKeyId(signature.keyId);
|
||||||
|
|
||||||
// keyIdでわからなければ、resolveしてみる
|
// keyIdでわからなければ、resolveしてみる
|
||||||
if (authUser == null) {
|
if (!authUser) {
|
||||||
try {
|
try {
|
||||||
keyId.hash = "";
|
keyId.hash = "";
|
||||||
authUser = await dbResolver.getAuthUserFromApId(
|
authUser = await dbResolver.getAuthUserFromApId(
|
||||||
getApId(keyId.toString()),
|
getApId(keyId.toString()),
|
||||||
);
|
);
|
||||||
} catch (e) {
|
} catch {
|
||||||
// できなければ駄目
|
// できなければ駄目
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// publicKey がなくても終了
|
// publicKey がなくても終了
|
||||||
if (authUser?.key == null) {
|
if (!authUser?.key) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -108,17 +108,23 @@ router.get("/notes/:note", async (ctx, next) => {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (note.visibility == "followers") {
|
if (note.visibility === "followers") {
|
||||||
serverLogger.debug(
|
serverLogger.debug(
|
||||||
"Responding to request for follower-only note, validating access...",
|
"Responding to request for follower-only note, validating access...",
|
||||||
);
|
);
|
||||||
let remoteUser = await getSignatureUser(ctx.req);
|
const remoteUser = await getSignatureUser(ctx.req);
|
||||||
serverLogger.debug("Local note author user:");
|
serverLogger.debug("Local note author user:");
|
||||||
serverLogger.debug(JSON.stringify(note, null, 2));
|
serverLogger.debug(JSON.stringify(note, null, 2));
|
||||||
serverLogger.debug("Authenticated remote user:");
|
serverLogger.debug("Authenticated remote user:");
|
||||||
serverLogger.debug(JSON.stringify(remoteUser, null, 2));
|
serverLogger.debug(JSON.stringify(remoteUser, null, 2));
|
||||||
|
|
||||||
let relation = await Users.getRelation(remoteUser.user.id, note.userId);
|
if (remoteUser == null) {
|
||||||
|
serverLogger.debug("Rejecting: no user");
|
||||||
|
ctx.status = 401;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
const relation = await Users.getRelation(remoteUser.user.id, note.userId);
|
||||||
serverLogger.debug("Relation:");
|
serverLogger.debug("Relation:");
|
||||||
serverLogger.debug(JSON.stringify(relation, null, 2));
|
serverLogger.debug(JSON.stringify(relation, null, 2));
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue