kopia lustrzana https://github.com/nextcloud/social
Merge pull request #1539 from nextcloud/fix/noid/fix-digest
fix digest, error on curlpull/1541/head
Maxence Lange
GitHub
commit
8edd01485b
|
|
@ -30,12 +30,7 @@ declare(strict_types=1);
|
|||
|
||||
namespace OCA\Social\Controller;
|
||||
|
||||
use OCA\Social\Tools\Traits\TNCLogger;
|
||||
use OCA\Social\Tools\Traits\TNCDataResponse;
|
||||
use OCA\Social\Tools\Traits\TAsync;
|
||||
use OCA\Social\Tools\Traits\TStringTools;
|
||||
use Exception;
|
||||
use OCP\AppFramework\Http;
|
||||
use OCA\Social\AppInfo\Application;
|
||||
use OCA\Social\Exceptions\AccountDoesNotExistException;
|
||||
use OCA\Social\Exceptions\ItemUnknownException;
|
||||
|
|
@ -44,20 +39,26 @@ use OCA\Social\Exceptions\SignatureIsGoneException;
|
|||
use OCA\Social\Exceptions\SocialAppConfigException;
|
||||
use OCA\Social\Exceptions\StreamNotFoundException;
|
||||
use OCA\Social\Exceptions\UrlCloudException;
|
||||
use OCA\Social\Model\ActivityPub\Activity\Delete;
|
||||
use OCA\Social\Service\AccountService;
|
||||
use OCA\Social\Service\CacheActorService;
|
||||
use OCA\Social\Service\ConfigService;
|
||||
use OCA\Social\Service\FediverseService;
|
||||
use OCA\Social\Service\FollowService;
|
||||
use OCA\Social\Service\ImportService;
|
||||
use OCA\Social\Service\MiscService;
|
||||
use OCA\Social\Service\SignatureService;
|
||||
use OCA\Social\Service\StreamQueueService;
|
||||
use OCA\Social\Service\StreamService;
|
||||
use OCA\Social\Tools\Traits\TAsync;
|
||||
use OCA\Social\Tools\Traits\TNCDataResponse;
|
||||
use OCA\Social\Tools\Traits\TNCLogger;
|
||||
use OCA\Social\Tools\Traits\TStringTools;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http;
|
||||
use OCP\AppFramework\Http\DataResponse;
|
||||
use OCP\AppFramework\Http\Response;
|
||||
use OCP\IRequest;
|
||||
use Psr\Log\LoggerInterface;
|
||||
|
||||
class ActivityPubController extends Controller {
|
||||
use TNCDataResponse;
|
||||
|
|
@ -75,14 +76,20 @@ class ActivityPubController extends Controller {
|
|||
private FollowService $followService;
|
||||
private StreamService $streamService;
|
||||
private ConfigService $configService;
|
||||
private MiscService $miscService;
|
||||
|
||||
public function __construct(
|
||||
IRequest $request, SocialPubController $socialPubController, FediverseService $fediverseService,
|
||||
CacheActorService $cacheActorService, SignatureService $signatureService,
|
||||
StreamQueueService $streamQueueService, ImportService $importService, AccountService $accountService,
|
||||
FollowService $followService, StreamService $streamService, ConfigService $configService,
|
||||
MiscService $miscService
|
||||
IRequest $request,
|
||||
SocialPubController $socialPubController,
|
||||
FediverseService $fediverseService,
|
||||
CacheActorService $cacheActorService,
|
||||
SignatureService $signatureService,
|
||||
StreamQueueService $streamQueueService,
|
||||
ImportService $importService,
|
||||
AccountService $accountService,
|
||||
FollowService $followService,
|
||||
StreamService $streamService,
|
||||
ConfigService $configService,
|
||||
LoggerInterface $logger
|
||||
) {
|
||||
parent::__construct(Application::APP_NAME, $request);
|
||||
|
||||
|
|
@ -96,7 +103,7 @@ class ActivityPubController extends Controller {
|
|||
$this->followService = $followService;
|
||||
$this->streamService = $streamService;
|
||||
$this->configService = $configService;
|
||||
$this->miscService = $miscService;
|
||||
$this->logger = $logger;
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -165,7 +172,7 @@ class ActivityPubController extends Controller {
|
|||
public function sharedInbox(): Response {
|
||||
try {
|
||||
$body = file_get_contents('php://input');
|
||||
$this->miscService->log('[<<] sharedInbox: ' . $body, 1);
|
||||
$this->logger->debug('[<<] sharedInbox: ' . $body);
|
||||
|
||||
$requestTime = 0;
|
||||
$origin = $this->signatureService->checkRequest($this->request, $body, $requestTime);
|
||||
|
|
@ -187,7 +194,7 @@ class ActivityPubController extends Controller {
|
|||
// or it will feed the logs.
|
||||
exit();
|
||||
} catch (SignatureIsGoneException $e) {
|
||||
return $this->fail($e, [], Http::STATUS_GONE, false);
|
||||
return $this->success();
|
||||
} catch (Exception $e) {
|
||||
return $this->fail($e);
|
||||
}
|
||||
|
|
@ -208,7 +215,7 @@ class ActivityPubController extends Controller {
|
|||
public function inbox(string $username): Response {
|
||||
try {
|
||||
$body = file_get_contents('php://input');
|
||||
$this->debug('[<<] inbox', ['body' => $body]);
|
||||
$this->logger->debug('[<<] inbox', ['body' => $body]);
|
||||
|
||||
$requestTime = 0;
|
||||
$origin = $this->signatureService->checkRequest($this->request, $body, $requestTime);
|
||||
|
|
@ -232,7 +239,7 @@ class ActivityPubController extends Controller {
|
|||
// or it will feed the logs.
|
||||
exit();
|
||||
} catch (SignatureIsGoneException $e) {
|
||||
return $this->fail($e, [], Http::STATUS_GONE);
|
||||
return $this->success();
|
||||
} catch (Exception $e) {
|
||||
return $this->fail($e);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,7 +2,6 @@
|
|||
|
||||
declare(strict_types=1);
|
||||
|
||||
|
||||
/**
|
||||
* Nextcloud - Social Support
|
||||
*
|
||||
|
|
@ -57,7 +56,6 @@ class OAuthController extends Controller {
|
|||
private IURLGenerator $urlGenerator;
|
||||
private InstanceService $instanceService;
|
||||
private AccountService $accountService;
|
||||
private CacheActorService $cacheActorService;
|
||||
private ClientService $clientService;
|
||||
private ConfigService $configService;
|
||||
private LoggerInterface $logger;
|
||||
|
|
@ -69,7 +67,6 @@ class OAuthController extends Controller {
|
|||
IURLGenerator $urlGenerator,
|
||||
InstanceService $instanceService,
|
||||
AccountService $accountService,
|
||||
CacheActorService $cacheActorService,
|
||||
ClientService $clientService,
|
||||
ConfigService $configService,
|
||||
LoggerInterface $logger,
|
||||
|
|
@ -81,7 +78,6 @@ class OAuthController extends Controller {
|
|||
$this->urlGenerator = $urlGenerator;
|
||||
$this->instanceService = $instanceService;
|
||||
$this->accountService = $accountService;
|
||||
$this->cacheActorService = $cacheActorService;
|
||||
$this->clientService = $clientService;
|
||||
$this->configService = $configService;
|
||||
$this->logger = $logger;
|
||||
|
|
|
|||
|
|
@ -31,7 +31,6 @@ declare(strict_types=1);
|
|||
|
||||
namespace OCA\Social\Interfaces\Object;
|
||||
|
||||
use OCA\Social\Tools\Exceptions\MalformedArrayException;
|
||||
use Exception;
|
||||
use OCA\Social\AP;
|
||||
use OCA\Social\Db\FollowsRequest;
|
||||
|
|
@ -41,11 +40,6 @@ use OCA\Social\Exceptions\InvalidResourceException;
|
|||
use OCA\Social\Exceptions\ItemAlreadyExistsException;
|
||||
use OCA\Social\Exceptions\ItemUnknownException;
|
||||
use OCA\Social\Exceptions\RedundancyLimitException;
|
||||
use OCA\Social\Tools\Exceptions\RequestContentException;
|
||||
use OCA\Social\Tools\Exceptions\RequestNetworkException;
|
||||
use OCA\Social\Tools\Exceptions\RequestResultNotJsonException;
|
||||
use OCA\Social\Tools\Exceptions\RequestResultSizeException;
|
||||
use OCA\Social\Tools\Exceptions\RequestServerException;
|
||||
use OCA\Social\Exceptions\SocialAppConfigException;
|
||||
use OCA\Social\Interfaces\Activity\AbstractActivityPubInterface;
|
||||
use OCA\Social\Interfaces\IActivityPubInterface;
|
||||
|
|
@ -61,6 +55,12 @@ use OCA\Social\Service\AccountService;
|
|||
use OCA\Social\Service\ActivityService;
|
||||
use OCA\Social\Service\CacheActorService;
|
||||
use OCA\Social\Service\MiscService;
|
||||
use OCA\Social\Tools\Exceptions\MalformedArrayException;
|
||||
use OCA\Social\Tools\Exceptions\RequestContentException;
|
||||
use OCA\Social\Tools\Exceptions\RequestNetworkException;
|
||||
use OCA\Social\Tools\Exceptions\RequestResultNotJsonException;
|
||||
use OCA\Social\Tools\Exceptions\RequestResultSizeException;
|
||||
use OCA\Social\Tools\Exceptions\RequestServerException;
|
||||
|
||||
/**
|
||||
* Class FollowInterface
|
||||
|
|
@ -77,7 +77,7 @@ class FollowInterface extends AbstractActivityPubInterface implements IActivityP
|
|||
public function __construct(
|
||||
FollowsRequest $followsRequest, CacheActorService $cacheActorService,
|
||||
AccountService $accountService, ActivityService $activityService,
|
||||
MiscService $miscService
|
||||
MiscService $miscService
|
||||
) {
|
||||
$this->followsRequest = $followsRequest;
|
||||
$this->cacheActorService = $cacheActorService;
|
||||
|
|
@ -140,9 +140,7 @@ class FollowInterface extends AbstractActivityPubInterface implements IActivityP
|
|||
$follow->checkOrigin($follow->getActorId());
|
||||
|
||||
try {
|
||||
$knownFollow =
|
||||
$this->followsRequest->getByPersons($follow->getActorId(), $follow->getObjectId());
|
||||
|
||||
$knownFollow = $this->followsRequest->getByPersons($follow->getActorId(), $follow->getObjectId());
|
||||
if ($knownFollow->getId() === $follow->getId() && !$knownFollow->isAccepted()) {
|
||||
$this->confirmFollowRequest($follow);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -43,14 +43,10 @@ use OCA\Social\Model\ActivityPub\ACore;
|
|||
class Follow extends ACore implements JsonSerializable, IQueryRow {
|
||||
public const TYPE = 'Follow';
|
||||
|
||||
|
||||
private string $followId = '';
|
||||
|
||||
private string $followIdPrim = '';
|
||||
|
||||
private bool $accepted = false;
|
||||
|
||||
|
||||
/**
|
||||
* Follow constructor.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -52,6 +52,7 @@ use OCA\Social\Tools\Model\NCRequest;
|
|||
use OCA\Social\Tools\Model\Request;
|
||||
use OCA\Social\Tools\Traits\TArrayTools;
|
||||
use OCA\Social\Tools\Traits\TPathTools;
|
||||
use OCP\AppFramework\Http;
|
||||
use Psr\Log\LoggerInterface;
|
||||
|
||||
class CurlService {
|
||||
|
|
@ -239,17 +240,14 @@ class CurlService {
|
|||
* @throws UnauthorizedFediverseException
|
||||
*/
|
||||
public function retrieveObject($id): array {
|
||||
$this->logger->debug('retrieveObject', ['id' => $id]);
|
||||
$this->logger->debug('retrieveObject id=' . $id);
|
||||
$url = parse_url($id);
|
||||
$this->mustContains(['path', 'host', 'scheme'], $url);
|
||||
$request = new NCRequest($url['path'], Request::TYPE_GET);
|
||||
$request->setHost($url['host']);
|
||||
$request->setProtocol($url['scheme']);
|
||||
|
||||
$this->logger->debug('retrieveObject', ['request' => $request]);
|
||||
|
||||
$result = $this->retrieveJson($request);
|
||||
$this->logger->notice('retrieveObject, request result', ['request' => $request]);
|
||||
|
||||
if (is_array($result)) {
|
||||
$result['_host'] = $request->getHost();
|
||||
|
|
@ -259,24 +257,6 @@ class CurlService {
|
|||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param NCRequest $request
|
||||
*
|
||||
* @return array
|
||||
* @throws RequestContentException
|
||||
* @throws RequestNetworkException
|
||||
*/
|
||||
public function retrieveJson(NCRequest $request): array {
|
||||
try {
|
||||
return $this->retrieveJsonOrig($request);
|
||||
} catch (RequestNetworkException | RequestContentException $e) {
|
||||
$this->logger->notice('during retrieveJson', ['request' => $request, 'exception' => $e]);
|
||||
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param NCRequest $request
|
||||
*
|
||||
|
|
@ -340,8 +320,10 @@ class CurlService {
|
|||
* @throws RequestResultNotJsonException
|
||||
* @throws RequestResultSizeException
|
||||
* @throws RequestServerException
|
||||
* @throws SocialAppConfigException
|
||||
* @throws UnauthorizedFediverseException
|
||||
*/
|
||||
public function retrieveJsonOrig(NCRequest $request): array {
|
||||
public function retrieveJson(NCRequest $request): array {
|
||||
$result = $this->doRequest($request);
|
||||
|
||||
if (strpos($request->getContentType(), 'application/xrd') === 0) {
|
||||
|
|
@ -388,6 +370,9 @@ class CurlService {
|
|||
}
|
||||
|
||||
$this->parseRequestResult($curl, $request);
|
||||
if ($request->getResultCode() >= 300) {
|
||||
throw new RequestContentException(json_encode($request), $request->getResultCode());
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
@ -513,10 +498,6 @@ class CurlService {
|
|||
$contentType = curl_getinfo($curl, CURLINFO_CONTENT_TYPE);
|
||||
$request->setContentType((!is_string($contentType)) ? '' : $contentType);
|
||||
$request->setResultCode($code);
|
||||
|
||||
$this->parseRequestResultCode301($code, $request);
|
||||
$this->parseRequestResultCode4xx($code, $request);
|
||||
$this->parseRequestResultCode5xx($code, $request);
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -536,49 +517,4 @@ class CurlService {
|
|||
);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param int $code
|
||||
* @param Request $request
|
||||
*
|
||||
* @throws RequestContentException
|
||||
*/
|
||||
private function parseRequestResultCode301(int $code, Request $request) {
|
||||
if ($code === 301) {
|
||||
throw new RequestContentException(
|
||||
'301 - ' . json_encode($request, JSON_UNESCAPED_SLASHES)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param int $code
|
||||
* @param Request $request
|
||||
*
|
||||
* @throws RequestContentException
|
||||
*/
|
||||
private function parseRequestResultCode4xx(int $code, Request $request) {
|
||||
if ($code === 404 || $code === 410) {
|
||||
throw new RequestContentException(
|
||||
$code . ' - ' . json_encode($request, JSON_UNESCAPED_SLASHES)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param int $code
|
||||
* @param Request $request
|
||||
*
|
||||
* @throws RequestServerException
|
||||
*/
|
||||
private function parseRequestResultCode5xx(int $code, Request $request) {
|
||||
if ($code === 500) {
|
||||
throw new RequestServerException(
|
||||
$code . ' - ' . json_encode($request, JSON_UNESCAPED_SLASHES)
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -30,15 +30,6 @@ declare(strict_types=1);
|
|||
|
||||
namespace OCA\Social\Service;
|
||||
|
||||
use OCA\Social\Tools\Exceptions\DateTimeException;
|
||||
use OCA\Social\Tools\Exceptions\MalformedArrayException;
|
||||
use OCA\Social\Tools\Exceptions\RequestContentException;
|
||||
use OCA\Social\Tools\Exceptions\RequestNetworkException;
|
||||
use OCA\Social\Tools\Exceptions\RequestResultNotJsonException;
|
||||
use OCA\Social\Tools\Exceptions\RequestResultSizeException;
|
||||
use OCA\Social\Tools\Exceptions\RequestServerException;
|
||||
use OCA\Social\Tools\Model\NCRequest;
|
||||
use OCA\Social\Tools\Traits\TArrayTools;
|
||||
use DateTime;
|
||||
use Exception;
|
||||
use JsonLdException;
|
||||
|
|
@ -58,6 +49,16 @@ use OCA\Social\Model\ActivityPub\ACore;
|
|||
use OCA\Social\Model\ActivityPub\Actor\Person;
|
||||
use OCA\Social\Model\LinkedDataSignature;
|
||||
use OCA\Social\Model\RequestQueue;
|
||||
use OCA\Social\Tools\Exceptions\DateTimeException;
|
||||
use OCA\Social\Tools\Exceptions\MalformedArrayException;
|
||||
use OCA\Social\Tools\Exceptions\RequestContentException;
|
||||
use OCA\Social\Tools\Exceptions\RequestNetworkException;
|
||||
use OCA\Social\Tools\Exceptions\RequestResultNotJsonException;
|
||||
use OCA\Social\Tools\Exceptions\RequestResultSizeException;
|
||||
use OCA\Social\Tools\Exceptions\RequestServerException;
|
||||
use OCA\Social\Tools\Model\NCRequest;
|
||||
use OCA\Social\Tools\Traits\TArrayTools;
|
||||
use OCP\AppFramework\Http;
|
||||
use OCP\Files\AppData\IAppDataFactory;
|
||||
use OCP\Files\NotFoundException;
|
||||
use OCP\Files\NotPermittedException;
|
||||
|
|
@ -65,6 +66,7 @@ use OCP\Files\SimpleFS\ISimpleFile;
|
|||
use OCP\Files\SimpleFS\ISimpleFolder;
|
||||
use OCP\IRequest;
|
||||
use OCP\Server;
|
||||
use Psr\Log\LoggerInterface;
|
||||
use stdClass;
|
||||
|
||||
class SignatureService {
|
||||
|
|
@ -83,20 +85,20 @@ class SignatureService {
|
|||
private ActorsRequest $actorsRequest;
|
||||
private CurlService $curlService;
|
||||
private ConfigService $configService;
|
||||
private MiscService $miscService;
|
||||
private LoggerInterface $logger;
|
||||
|
||||
public function __construct(
|
||||
ActorsRequest $actorsRequest,
|
||||
CacheActorService $cacheActorService,
|
||||
CurlService $curlService,
|
||||
ConfigService $configService,
|
||||
MiscService $miscService
|
||||
LoggerInterface $logger
|
||||
) {
|
||||
$this->actorsRequest = $actorsRequest;
|
||||
$this->cacheActorService = $cacheActorService;
|
||||
$this->curlService = $curlService;
|
||||
$this->configService = $configService;
|
||||
$this->miscService = $miscService;
|
||||
$this->logger = $logger;
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -195,7 +197,7 @@ class SignatureService {
|
|||
* @return string
|
||||
*/
|
||||
private function generateDigest(string $data): string {
|
||||
$encoded = hash("sha256", utf8_encode($data), true);
|
||||
$encoded = hash("sha256", $data, true);
|
||||
|
||||
return 'SHA-256=' . base64_encode($encoded);
|
||||
}
|
||||
|
|
@ -242,14 +244,19 @@ class SignatureService {
|
|||
}
|
||||
|
||||
if ($this->generateDigest($data) !== $request->getHeader('digest')) {
|
||||
throw new SignatureException('issue with digest');
|
||||
throw new SignatureException(
|
||||
'issue with digest -- sent: ' .
|
||||
$request->getHeader('digest') . ', expected: ' . $this->generateDigest($data)
|
||||
);
|
||||
}
|
||||
|
||||
try {
|
||||
return $this->checkRequestSignature($request, $data);
|
||||
} catch (RequestContentException $e) {
|
||||
throw new SignatureIsGoneException();
|
||||
} catch (SignatureException $e) {
|
||||
} catch (RequestContentException $e) {
|
||||
if ($e->getCode() === Http::STATUS_GONE) {
|
||||
throw new SignatureIsGoneException();
|
||||
}
|
||||
}
|
||||
|
||||
return '';
|
||||
|
|
@ -304,10 +311,6 @@ class SignatureService {
|
|||
|
||||
return true;
|
||||
} catch (LinkedDataSignatureMissingException $e) {
|
||||
$this->miscService->log(
|
||||
'Notice: LinkedDataSignatureMissingException while checkObject : ' . $e->getMessage()
|
||||
. ' --- ' . json_encode($object), 1
|
||||
);
|
||||
}
|
||||
|
||||
return false;
|
||||
|
|
|
|||
Ładowanie…
Reference in New Issue