moon
/
enigma-bbs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch '459-activitypub-integration' of ssh://numinibsd/git/base/enigma-bbs into 459-activitypub-integration

This commit is contained in:
Bryan Ashby 2023-04-19 13:21:51 -06:00
parent ea3d2cffec faf8ccaaf8
commit 22e7689f01
1 changed files with 115 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
core/servers/content/web_handlers/activitypub.js
View File

@ -215,6 +215,31 @@ exports.getModule = class ActivityPubWebHandler extends WebHandlerModule {
});
}
_getAssociatedActors(objectActorId, signatureActorId, cb) {
signatureActorId = async.waterfall(
[
callback => {
Actor.fromId(objectActorId, (err, objectActor) => {
return callback(err, objectActor);
});
},
(objectActor, callback) => {
// shortcut
if (objectActorId === signatureActorId) {
return callback(null, objectActor, objectActor);
}
Actor.fromId(signatureActorId, (err, signatureActor) => {
return callback(err, objectActor, signatureActor);
});
},
],
(err, objectActor, signatureActor) => {
return cb(err, objectActor, signatureActor);
}
);
}
_inboxPostHandler(req, resp, signature, inboxType) {
EnigAssert(signature, 'Called without signature!');
EnigAssert(signature.keyId, 'No keyId in signature!');
@ -239,10 +264,15 @@ exports.getModule = class ActivityPubWebHandler extends WebHandlerModule {
}
// Fetch and validate the signature of the remote Actor
Actor.fromId(getActorId(activity), (err, remoteActor) => {
this._getAssociatedActors(
getActorId(activity),
signature.keyId.split('#', 1)[0], // trim #main-key
(err, remoteActor, signatureActor) => {
//Actor.fromId(getActorId(activity), (err, remoteActor) => {
// validate sig up front
const httpSigValidated =
remoteActor && this._validateActorSignature(remoteActor, signature);
remoteActor &&
this._validateActorSignature(signatureActor, signature);
if (activity.type !== WellKnownActivity.Delete && !httpSigValidated) {
return this.webServer.accessDenied(resp);
}
@ -288,7 +318,11 @@ exports.getModule = class ActivityPubWebHandler extends WebHandlerModule {
case WellKnownActivity.Follow:
// Follow requests are only allowed directly
if (Collections.Inbox === inboxType) {
return this._inboxFollowActivity(resp, remoteActor, activity);
return this._inboxFollowActivity(
resp,
remoteActor,
activity
);
}
break;
@ -321,7 +355,8 @@ exports.getModule = class ActivityPubWebHandler extends WebHandlerModule {
}
return this.webServer.notImplemented(resp);
});
}
);
});
}
@ -801,17 +836,17 @@ exports.getModule = class ActivityPubWebHandler extends WebHandlerModule {
return false;
}
// if (signature.keyId !== pubKey.id) {
// this.log.warn(
// {
// actorId: actor.id,
// signatureKeyId: signature.keyId,
// actorPubKeyId: pubKey.id,
// },
// 'Key ID mismatch'
// );
// return false;
// }
if (signature.keyId !== pubKey.id) {
this.log.warn(
{
actorId: actor.id,
signatureKeyId: signature.keyId,
actorPubKeyId: pubKey.id,
},
'Key ID mismatch'
);
return false;
}
if (!httpSignature.verifySignature(signature, pubKey.publicKeyPem)) {
this.log.warn(