kopia lustrzana https://github.com/nextcloud/social
cleaning on moving post-merge
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>pull/226/head
rodzic
37a889d978
commit
1dda85adaa
|
@ -34,21 +34,8 @@ use daita\MySmallPhpTools\Traits\Nextcloud\TNCDataResponse;
|
|||
use Exception;
|
||||
use OC\AppFramework\Http;
|
||||
use OCA\Social\AppInfo\Application;
|
||||
use OCA\Social\Db\NotesRequest;
|
||||
use OCA\Social\Exceptions\ActivityPubFormatException;
|
||||
use OCA\Social\Exceptions\InvalidResourceEntryException;
|
||||
use OCA\Social\Exceptions\InvalidResourceException;
|
||||
use OCA\Social\Exceptions\Request410Exception;
|
||||
use OCA\Social\Exceptions\RequestException;
|
||||
use OCA\Social\Exceptions\SignatureIsGoneException;
|
||||
use OCA\Social\Exceptions\SocialAppConfigException;
|
||||
use OCA\Social\Exceptions\UnknownItemException;
|
||||
use OCA\Social\Exceptions\UrlCloudException;
|
||||
use OCA\Social\Model\ActivityPub\ACore;
|
||||
use OCA\Social\Service\ActivityPub\FollowService;
|
||||
use OCA\Social\Service\ActivityPub\PersonService;
|
||||
use OCA\Social\Service\ActivityService;
|
||||
use OCA\Social\Service\ActorService;
|
||||
use OCA\Social\Service\CacheActorService;
|
||||
use OCA\Social\Service\FollowService;
|
||||
use OCA\Social\Service\ImportService;
|
||||
|
@ -179,10 +166,10 @@ class ActivityPubController extends Controller {
|
|||
$origin = $this->signatureService->checkRequest($this->request);
|
||||
|
||||
$activity = $this->importService->importFromJson($body);
|
||||
if (!$this->activityService->checkObject($activity)) {
|
||||
if (!$this->signatureService->checkObject($activity)) {
|
||||
$activity->setOrigin($origin);
|
||||
}
|
||||
|
||||
|
||||
try {
|
||||
$this->importService->parseIncomingRequest($activity);
|
||||
} catch (UnknownItemException $e) {
|
||||
|
@ -220,7 +207,7 @@ class ActivityPubController extends Controller {
|
|||
// $actor = $this->actorService->getActor($username);
|
||||
|
||||
$activity = $this->importService->importFromJson($body);
|
||||
if (!$this->activityService->checkObject($activity)) {
|
||||
if (!$this->signatureService->checkObject($activity)) {
|
||||
$activity->setOrigin($origin);
|
||||
}
|
||||
|
||||
|
|
|
@ -535,9 +535,7 @@ class ACore extends Item implements JsonSerializable {
|
|||
if ($this->isRoot()) {
|
||||
$context = [self::CONTEXT_ACTIVITYSTREAMS];
|
||||
|
||||
if ($this->gotObject()
|
||||
&& $this->getObject()
|
||||
->gotSignature()) {
|
||||
if ($this->gotSignature()) {
|
||||
array_push($context, self::CONTEXT_SECURITY);
|
||||
}
|
||||
|
||||
|
|
|
@ -39,7 +39,6 @@ use OCA\Social\Db\NotesRequest;
|
|||
use OCA\Social\Exceptions\ActorDoesNotExistException;
|
||||
use OCA\Social\Exceptions\EmptyQueueException;
|
||||
use OCA\Social\Exceptions\InvalidResourceException;
|
||||
use OCA\Social\Exceptions\LinkedDataSignatureMissingException;
|
||||
use OCA\Social\Exceptions\NoHighPriorityRequestException;
|
||||
use OCA\Social\Exceptions\QueueStatusException;
|
||||
use OCA\Social\Exceptions\Request410Exception;
|
||||
|
@ -52,7 +51,6 @@ use OCA\Social\Model\ActivityPub\Activity\Delete;
|
|||
use OCA\Social\Model\ActivityPub\Actor\Person;
|
||||
use OCA\Social\Model\ActivityPub\Object\Tombstone;
|
||||
use OCA\Social\Model\InstancePath;
|
||||
use OCA\Social\Model\LinkedDataSignature;
|
||||
use OCA\Social\Model\RequestQueue;
|
||||
|
||||
class ActivityService {
|
||||
|
@ -79,6 +77,9 @@ class ActivityService {
|
|||
/** @var FollowsRequest */
|
||||
private $followsRequest;
|
||||
|
||||
/** @var SignatureService */
|
||||
private $signatureService;
|
||||
|
||||
/** @var QueueService */
|
||||
private $queueService;
|
||||
|
||||
|
@ -104,6 +105,7 @@ class ActivityService {
|
|||
*
|
||||
* @param NotesRequest $notesRequest
|
||||
* @param FollowsRequest $followsRequest
|
||||
* @param SignatureService $signatureService
|
||||
* @param QueueService $queueService
|
||||
* @param AccountService $accountService
|
||||
* @param CurlService $curlService
|
||||
|
@ -111,14 +113,16 @@ class ActivityService {
|
|||
* @param MiscService $miscService
|
||||
*/
|
||||
public function __construct(
|
||||
NotesRequest $notesRequest, FollowsRequest $followsRequest, QueueService $queueService,
|
||||
AccountService $accountService,
|
||||
CurlService $curlService, ConfigService $configService, MiscService $miscService
|
||||
NotesRequest $notesRequest, FollowsRequest $followsRequest,
|
||||
SignatureService $signatureService, QueueService $queueService,
|
||||
AccountService $accountService, CurlService $curlService, ConfigService $configService,
|
||||
MiscService $miscService
|
||||
) {
|
||||
$this->notesRequest = $notesRequest;
|
||||
$this->followsRequest = $followsRequest;
|
||||
$this->queueService = $queueService;
|
||||
$this->accountService = $accountService;
|
||||
$this->signatureService = $signatureService;
|
||||
$this->curlService = $curlService;
|
||||
$this->configService = $configService;
|
||||
$this->miscService = $miscService;
|
||||
|
@ -151,7 +155,7 @@ class ActivityService {
|
|||
// }
|
||||
|
||||
$activity->setActor($actor);
|
||||
$this->signObject($actor, $activity);
|
||||
$this->signatureService->signObject($actor, $activity);
|
||||
|
||||
return $this->request($activity);
|
||||
}
|
||||
|
@ -393,97 +397,47 @@ class ActivityService {
|
|||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param IRequest $request
|
||||
*
|
||||
* @return string
|
||||
* @throws InvalidResourceException
|
||||
* @throws MalformedArrayException
|
||||
* @throws RequestException
|
||||
* @throws SignatureException
|
||||
* @throws SocialAppConfigException
|
||||
* @throws UrlCloudException
|
||||
* @throws SignatureIsGoneException
|
||||
* @throws InvalidOriginException
|
||||
*/
|
||||
public function checkRequest(IRequest $request): string {
|
||||
// TODO : check host is our current host.
|
||||
|
||||
// $host = $request->getHeader('host');
|
||||
// if ($host === '') {
|
||||
// throw new SignatureException('host is not set');
|
||||
// /**
|
||||
// * @param IRequest $request
|
||||
// *
|
||||
// * @return string
|
||||
// * @throws InvalidResourceException
|
||||
// * @throws MalformedArrayException
|
||||
// * @throws RequestException
|
||||
// * @throws SignatureException
|
||||
// * @throws SocialAppConfigException
|
||||
// * @throws UrlCloudException
|
||||
// * @throws SignatureIsGoneException
|
||||
// * @throws InvalidOriginException
|
||||
// */
|
||||
// public function checkRequest(IRequest $request): string {
|
||||
// // TODO : check host is our current host.
|
||||
//
|
||||
//// $host = $request->getHeader('host');
|
||||
//// if ($host === '') {
|
||||
//// throw new SignatureException('host is not set');
|
||||
//// }
|
||||
//
|
||||
// $dTime = new DateTime($request->getHeader('date'));
|
||||
// $dTime->format(self::DATE_FORMAT);
|
||||
//
|
||||
// if ($dTime->getTimestamp() < (time() - self::DATE_DELAY)) {
|
||||
// throw new SignatureException('object is too old');
|
||||
// }
|
||||
|
||||
$dTime = new DateTime($request->getHeader('date'));
|
||||
$dTime->format(self::DATE_FORMAT);
|
||||
|
||||
if ($dTime->getTimestamp() < (time() - self::DATE_DELAY)) {
|
||||
throw new SignatureException('object is too old');
|
||||
}
|
||||
|
||||
try {
|
||||
$origin = $this->checkSignature($request);
|
||||
} catch (Request410Exception $e) {
|
||||
throw new SignatureIsGoneException();
|
||||
}
|
||||
|
||||
return $origin;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param Person $actor
|
||||
* @param ACore $object
|
||||
*/
|
||||
public function signObject(Person $actor, ACore &$object) {
|
||||
$signature = new LinkedDataSignature();
|
||||
$signature->setPrivateKey($actor->getPrivateKey());
|
||||
$signature->setType('RsaSignature2017');
|
||||
$signature->setCreator($actor->getId() . '#main-key');
|
||||
$signature->setCreated($object->getPublished());
|
||||
$signature->setObject(json_decode(json_encode($object), true));
|
||||
|
||||
try {
|
||||
$signature->sign();
|
||||
$object->setSignature($signature);
|
||||
} catch (LinkedDataSignatureMissingException $e) {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param ACore $object
|
||||
*
|
||||
* @return bool
|
||||
* @throws InvalidResourceException
|
||||
* @throws Request410Exception
|
||||
* @throws RequestException
|
||||
* @throws SocialAppConfigException
|
||||
* @throws UrlCloudException
|
||||
* @throws InvalidOriginException
|
||||
*/
|
||||
public function checkObject(ACore $object): bool {
|
||||
try {
|
||||
$actorId = $object->getActorId();
|
||||
|
||||
$signature = new LinkedDataSignature();
|
||||
$signature->import(json_decode($object->getSource(), true));
|
||||
$signature->setPublicKey($this->retrieveKey($actorId));
|
||||
|
||||
if ($signature->verify()) {
|
||||
$object->setOrigin($this->getKeyOrigin($actorId));
|
||||
|
||||
return true;
|
||||
}
|
||||
} catch (LinkedDataSignatureMissingException $e) {
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
//
|
||||
// try {
|
||||
// $origin = $this->signatureService->checkSignature($request);
|
||||
// } catch (Request410Exception $e) {
|
||||
// throw new SignatureIsGoneException();
|
||||
// }
|
||||
//
|
||||
// return $origin;
|
||||
// }
|
||||
|
||||
|
||||
/**
|
||||
* $signature = new LinkedDataSignature();
|
||||
*
|
||||
* @param ACore $activity
|
||||
*
|
||||
* @return string
|
||||
|
|
|
@ -143,7 +143,7 @@ class CacheActorService {
|
|||
throw new InvalidOriginException();
|
||||
}
|
||||
|
||||
$actor->setAccount($actor->getPreferredUsername() . '@' . $this->get('_host', $info));
|
||||
$actor->setAccount($actor->getPreferredUsername() . '@' . $this->get('_host', $object));
|
||||
try {
|
||||
$this->save($actor);
|
||||
} catch (Exception $e) {
|
||||
|
|
|
@ -45,6 +45,7 @@ use OCA\Social\Exceptions\SocialAppConfigException;
|
|||
use OCA\Social\Exceptions\UnknownItemException;
|
||||
use OCA\Social\Exceptions\UrlCloudException;
|
||||
use OCA\Social\Model\ActivityPub\Activity\Follow;
|
||||
use OCA\Social\Model\ActivityPub\Activity\Undo;
|
||||
use OCA\Social\Model\ActivityPub\Actor\Person;
|
||||
use OCA\Social\Model\ActivityPub\OrderedCollection;
|
||||
use OCA\Social\Model\InstancePath;
|
||||
|
@ -185,6 +186,7 @@ class FollowService {
|
|||
* @throws RequestException
|
||||
* @throws SocialAppConfigException
|
||||
* @throws UnknownItemException
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function unfollowAccount(Person $actor, string $account) {
|
||||
$remoteActor = $this->cacheActorService->getFromAccount($account);
|
||||
|
@ -192,6 +194,18 @@ class FollowService {
|
|||
try {
|
||||
$follow = $this->followsRequest->getByPersons($actor->getId(), $remoteActor->getId());
|
||||
$this->followsRequest->delete($follow);
|
||||
|
||||
$undo = new Undo();
|
||||
$follow->setParent($undo);
|
||||
$undo->setObject($follow);
|
||||
$undo->setActorId($actor->getId());
|
||||
|
||||
$undo->addInstancePath(
|
||||
new InstancePath(
|
||||
$remoteActor->getInbox(), InstancePath::TYPE_INBOX, InstancePath::PRIORITY_TOP
|
||||
)
|
||||
);
|
||||
$this->activityService->request($undo);
|
||||
} catch (FollowDoesNotExistException $e) {
|
||||
}
|
||||
}
|
||||
|
@ -275,6 +289,5 @@ class FollowService {
|
|||
return $collection;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -39,20 +39,6 @@ use OCA\Social\Exceptions\RedundancyLimitException;
|
|||
use OCA\Social\Exceptions\SocialAppConfigException;
|
||||
use OCA\Social\Exceptions\UnknownItemException;
|
||||
use OCA\Social\Model\ActivityPub\ACore;
|
||||
use OCA\Social\Model\ActivityPub\Activity\Accept;
|
||||
use OCA\Social\Model\ActivityPub\Activity\Create;
|
||||
use OCA\Social\Model\ActivityPub\Activity\Delete;
|
||||
use OCA\Social\Model\ActivityPub\Activity\Reject;
|
||||
use OCA\Social\Model\ActivityPub\Tombstone;
|
||||
use OCA\Social\Model\ActivityPub\Document;
|
||||
use OCA\Social\Model\ActivityPub\Follow;
|
||||
use OCA\Social\Model\ActivityPub\Image;
|
||||
use OCA\Social\Model\ActivityPub\Note;
|
||||
use OCA\Social\Model\ActivityPub\Activity\Undo;
|
||||
use OCA\Social\Service\ActivityPub\DeleteService;
|
||||
use OCA\Social\Service\ActivityPub\FollowService;
|
||||
use OCA\Social\Service\ActivityPub\NoteService;
|
||||
use OCA\Social\Service\ActivityPub\UndoService;
|
||||
|
||||
|
||||
class ImportService {
|
||||
|
@ -85,13 +71,9 @@ class ImportService {
|
|||
*
|
||||
* @return ACore
|
||||
* @throws ActivityPubFormatException
|
||||
* @throws InvalidResourceEntryException
|
||||
* @throws RedundancyLimitException
|
||||
* @throws SocialAppConfigException
|
||||
* @throws UnknownItemException
|
||||
* @throws SocialAppConfigException
|
||||
* @throws ActivityPubFormatException
|
||||
* @throws RedundancyLimitException
|
||||
* @throws UrlCloudException
|
||||
*/
|
||||
public function importFromJson(string $json): ACore {
|
||||
$data = json_decode($json, true);
|
||||
|
@ -151,7 +133,8 @@ class ImportService {
|
|||
$interface->processIncomingRequest($activity);
|
||||
} catch (Exception $e) {
|
||||
$this->miscService->log(
|
||||
'Cannot parse ' . $activity->getType() . ': ' . $e->getMessage()
|
||||
'Cannot parse ' . $activity->getType() . ': ' . get_class($e) . ' '
|
||||
. $e->getMessage()
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -36,6 +36,7 @@ use DateTime;
|
|||
use Exception;
|
||||
use OCA\Social\Exceptions\InvalidOriginException;
|
||||
use OCA\Social\Exceptions\InvalidResourceException;
|
||||
use OCA\Social\Exceptions\LinkedDataSignatureMissingException;
|
||||
use OCA\Social\Exceptions\RedundancyLimitException;
|
||||
use OCA\Social\Exceptions\Request410Exception;
|
||||
use OCA\Social\Exceptions\RequestException;
|
||||
|
@ -43,7 +44,10 @@ use OCA\Social\Exceptions\SignatureException;
|
|||
use OCA\Social\Exceptions\SignatureIsGoneException;
|
||||
use OCA\Social\Exceptions\SocialAppConfigException;
|
||||
use OCA\Social\Exceptions\UnknownItemException;
|
||||
use OCA\Social\Exceptions\UrlCloudException;
|
||||
use OCA\Social\Model\ActivityPub\ACore;
|
||||
use OCA\Social\Model\ActivityPub\Actor\Person;
|
||||
use OCA\Social\Model\LinkedDataSignature;
|
||||
use OCP\IRequest;
|
||||
|
||||
class SignatureService {
|
||||
|
@ -72,7 +76,6 @@ class SignatureService {
|
|||
/**
|
||||
* ActivityService constructor.
|
||||
*
|
||||
* @param AccountService $accountService
|
||||
* @param CacheActorService $cacheActorService
|
||||
* @param CurlService $curlService
|
||||
* @param ConfigService $configService
|
||||
|
@ -141,6 +144,58 @@ class SignatureService {
|
|||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param ACore $object
|
||||
*
|
||||
* @return bool
|
||||
* @throws InvalidOriginException
|
||||
* @throws InvalidResourceException
|
||||
* @throws MalformedArrayException
|
||||
* @throws RedundancyLimitException
|
||||
* @throws Request410Exception
|
||||
* @throws RequestException
|
||||
* @throws SocialAppConfigException
|
||||
* @throws UnknownItemException
|
||||
*/
|
||||
public function checkObject(ACore $object): bool {
|
||||
try {
|
||||
$actorId = $object->getActorId();
|
||||
|
||||
$signature = new LinkedDataSignature();
|
||||
$signature->import(json_decode($object->getSource(), true));
|
||||
$signature->setPublicKey($this->retrieveKey($actorId));
|
||||
if ($signature->verify()) {
|
||||
$object->setOrigin($this->getKeyOrigin($actorId));
|
||||
|
||||
return true;
|
||||
}
|
||||
} catch (LinkedDataSignatureMissingException $e) {
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param Person $actor
|
||||
* @param ACore $object
|
||||
*/
|
||||
public function signObject(Person $actor, ACore &$object) {
|
||||
$signature = new LinkedDataSignature();
|
||||
$signature->setPrivateKey($actor->getPrivateKey());
|
||||
$signature->setType('RsaSignature2017');
|
||||
$signature->setCreator($actor->getId() . '#main-key');
|
||||
$signature->setCreated($object->getPublished());
|
||||
$signature->setObject(json_decode(json_encode($object), true));
|
||||
|
||||
try {
|
||||
$signature->sign();
|
||||
$object->setSignature($signature);
|
||||
} catch (LinkedDataSignatureMissingException $e) {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param IRequest $request
|
||||
*
|
||||
|
|
Ładowanie…
Reference in New Issue