This commit is contained in:
ThatOneCalculator 2023-06-27 22:20:52 -07:00 committed by Namekuji
parent 516e0f8ecf
commit 487e7ba43c
No known key found for this signature in database
GPG key ID: 1D62332C07FBA532
2 changed files with 19 additions and 8 deletions

View file

@ -7,6 +7,8 @@ import DbResolver from "@/remote/activitypub/db-resolver.js";
import { getApId } from "@/remote/activitypub/type.js";
import { shouldBlockInstance } from "@/misc/should-block-instance.js";
import type { IncomingMessage } from "http";
import type { CacheableRemoteUser } from "@/models/entities/user.js";
import type { UserPublickey } from "@/models/entities/user-publickey.js";
export async function hasSignature(req: IncomingMessage): Promise<string> {
const meta = await fetchMeta();
@ -98,7 +100,10 @@ export async function checkFetch(req: IncomingMessage): Promise<number> {
export async function getSignatureUser(
req: IncomingMessage,
): Promise<CacheableRemoteUser> {
): Promise<{
user: CacheableRemoteUser;
key: UserPublickey | null;
} | null> {
let authUser;
const meta = await fetchMeta();
if (meta.secureMode || meta.privateMode) {
@ -114,7 +119,7 @@ export async function getSignatureUser(
const host = toPuny(keyId.hostname);
if (await shouldBlockInstance(host, meta)) {
return 403;
return null;
}
if (
@ -137,20 +142,20 @@ export async function getSignatureUser(
authUser = await dbResolver.getAuthUserFromKeyId(signature.keyId);
// keyIdでわからなければ、resolveしてみる
if (authUser == null) {
if (!authUser) {
try {
keyId.hash = "";
authUser = await dbResolver.getAuthUserFromApId(
getApId(keyId.toString()),
);
} catch (e) {
} catch {
// できなければ駄目
return null;
}
}
// publicKey がなくても終了
if (authUser?.key == null) {
if (!authUser?.key) {
return null;
}

View file

@ -108,17 +108,23 @@ router.get("/notes/:note", async (ctx, next) => {
return;
}
if (note.visibility == "followers") {
if (note.visibility === "followers") {
serverLogger.debug(
"Responding to request for follower-only note, validating access...",
);
let remoteUser = await getSignatureUser(ctx.req);
const remoteUser = await getSignatureUser(ctx.req);
serverLogger.debug("Local note author user:");
serverLogger.debug(JSON.stringify(note, null, 2));
serverLogger.debug("Authenticated remote user:");
serverLogger.debug(JSON.stringify(remoteUser, null, 2));
let relation = await Users.getRelation(remoteUser.user.id, note.userId);
if (remoteUser == null) {
serverLogger.debug("Rejecting: no user");
ctx.status = 401;
return;
}
const relation = await Users.getRelation(remoteUser.user.id, note.userId);
serverLogger.debug("Relation:");
serverLogger.debug(JSON.stringify(relation, null, 2));