Add signature to remote note lookup

2023-06-28 01:02:28 +02:00 · 2023-06-28 01:02:28 +02:00 · d9fc2c061d
commit d9fc2c061d
parent 80e90c7985
3 changed files with 13 additions and 2 deletions
--- a/packages/backend/src/remote/activitypub/request.ts
+++ b/packages/backend/src/remote/activitypub/request.ts
@ -3,6 +3,7 @@ import { getUserKeypair } from "@/misc/keypair-store.js";
 import type { User } from "@/models/entities/user.js";
 import { getResponse } from "../../misc/fetch.js";
 import { createSignedPost, createSignedGet } from "./ap-request.js";
 import { apLogger } from "@/remote/activitypub/logger.js";
 export default async (user: { id: User["id"] }, url: string, object: any) => {
 	const body = JSON.stringify(object);
@ -35,6 +36,7 @@ export default async (user: { id: User["id"] }, url: string, object: any) => {
 * @param url URL to fetch
 */
 export async function signedGet(url: string, user: { id: User["id"] }) {
 	apLogger.debug("running signedGet on url: " + url);
 	const keypair = await getUserKeypair(user.id);
 	const req = createSignedGet({
--- a/packages/backend/src/remote/activitypub/resolver.ts
+++ b/packages/backend/src/remote/activitypub/resolver.ts
@ -23,6 +23,7 @@ import renderCreate from "@/remote/activitypub/renderer/create.js";
 import { renderActivity } from "@/remote/activitypub/renderer/index.js";
 import renderFollow from "@/remote/activitypub/renderer/follow.js";
 import { shouldBlockInstance } from "@/misc/should-block-instance.js";
 import { apLogger } from "@/remote/activitypub/logger.js";
 export default class Resolver {
 	private history: Set<string>;
@ -34,6 +35,10 @@ export default class Resolver {
 		this.recursionLimit = recursionLimit;
 	}
 	public setUser(user) {
 		this.user = user;
 	}
 	public getHistory(): string[] {
 		return Array.from(this.history);
 	}
@ -102,6 +107,9 @@ export default class Resolver {
 			this.user = await getInstanceActor();
 		}
 		apLogger.debug("getting object from remote, authenticated as user:");
 		apLogger.debug(JSON.stringify(this.user, null, 2));
 		const object = (
 			this.user
 				? await signedGet(value, this.user)
--- a/packages/backend/src/server/api/endpoints/ap/show.ts
+++ b/packages/backend/src/server/api/endpoints/ap/show.ts
@ -127,6 +127,7 @@ async function fetchAny(
 	// fetching Object once from remote
 	const resolver = new Resolver();
 	resolver.setUser(me);
 	const object = await resolver.resolve(uri);
 	// /@user If a URI other than the id is specified,
@ -144,8 +145,8 @@ async function fetchAny(
 	return await mergePack(
 		me,
-		isActor(object) ? await createPerson(getApId(object)) : null,
+		isActor(object) ? await createPerson(getApId(object), resolver) : null,
-		isPost(object) ? await createNote(getApId(object), undefined, true) : null,
+		isPost(object) ? await createNote(getApId(object), resolver, true) : null,
 	);
 }