activitypub inbox: only accept unsigned/invalid-signature relayed creates, nothing else
although the previous handling assumed any unsigned/invalid signature message was a Create, lets make it more explicit
This commit is contained in:
parent
6258ddaa60
commit
5c312ad677
|
@ -93,19 +93,29 @@ def inbox(%{assigns: %{valid_signature: true}} = conn, params) do
|
||||||
json(conn, "ok")
|
json(conn, "ok")
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# only accept relayed Creates
|
||||||
|
def inbox(conn, %{"type" => "Create"} = params) do
|
||||||
|
Logger.info(
|
||||||
|
"Signature missing or not from author, relayed Create message, fetching object from source"
|
||||||
|
)
|
||||||
|
|
||||||
|
ActivityPub.fetch_object_from_id(params["object"]["id"])
|
||||||
|
|
||||||
|
json(conn, "ok")
|
||||||
|
end
|
||||||
|
|
||||||
def inbox(conn, params) do
|
def inbox(conn, params) do
|
||||||
headers = Enum.into(conn.req_headers, %{})
|
headers = Enum.into(conn.req_headers, %{})
|
||||||
|
|
||||||
if !String.contains?(headers["signature"] || "", params["actor"]) do
|
if String.contains?(headers["signature"], params["actor"]) do
|
||||||
Logger.info("Signature not from author, relayed message, fetching from source")
|
Logger.info(
|
||||||
ActivityPub.fetch_object_from_id(params["object"]["id"])
|
"Signature validation error for: #{params["actor"]}, make sure you are forwarding the HTTP Host header!"
|
||||||
else
|
)
|
||||||
Logger.info("Signature error - make sure you are forwarding the HTTP Host header!")
|
|
||||||
Logger.info("Could not validate #{params["actor"]}")
|
|
||||||
Logger.info(inspect(conn.req_headers))
|
Logger.info(inspect(conn.req_headers))
|
||||||
end
|
end
|
||||||
|
|
||||||
json(conn, "ok")
|
json(conn, "error")
|
||||||
end
|
end
|
||||||
|
|
||||||
def relay(conn, params) do
|
def relay(conn, params) do
|
||||||
|
|
Loading…
Reference in New Issue