kopia lustrzana https://github.com/nextcloud/social
checking origin of actor when retrieving a remove account
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>pull/226/head
Maxence Lange
rodzic
d923faabf3
commit
b7e6609707
|
|
@ -36,6 +36,7 @@ use Exception;
|
|||
use OCA\Social\AP;
|
||||
use OCA\Social\Db\CacheActorsRequest;
|
||||
use OCA\Social\Exceptions\CacheActorDoesNotExistException;
|
||||
use OCA\Social\Exceptions\InvalidOriginException;
|
||||
use OCA\Social\Exceptions\InvalidResourceException;
|
||||
use OCA\Social\Exceptions\RedundancyLimitException;
|
||||
use OCA\Social\Exceptions\Request410Exception;
|
||||
|
|
@ -113,6 +114,7 @@ class CacheActorService {
|
|||
* @throws SocialAppConfigException
|
||||
* @throws RedundancyLimitException
|
||||
* @throws UnknownItemException
|
||||
* @throws InvalidOriginException
|
||||
*/
|
||||
public function getFromId(string $id, bool $refresh = false): Person {
|
||||
|
||||
|
|
@ -133,6 +135,10 @@ class CacheActorService {
|
|||
|
||||
/** @var Person $actor */
|
||||
$actor = AP::$activityPub->getItemFromData($object);
|
||||
if ($id !== $actor->getId()) {
|
||||
throw new InvalidOriginException();
|
||||
}
|
||||
|
||||
$actor->setAccount($actor->getPreferredUsername() . '@' . $this->get('_host', $object));
|
||||
try {
|
||||
$this->save($actor);
|
||||
|
|
@ -170,6 +176,7 @@ class CacheActorService {
|
|||
* @throws RequestException
|
||||
* @throws SocialAppConfigException
|
||||
* @throws UnknownItemException
|
||||
* @throws InvalidOriginException
|
||||
*/
|
||||
public function getFromAccount(string $account, bool $retrieve = true): Person {
|
||||
|
||||
|
|
|
|||
|
|
@ -36,10 +36,15 @@ use daita\MySmallPhpTools\Model\Request;
|
|||
use daita\MySmallPhpTools\Traits\TArrayTools;
|
||||
use daita\MySmallPhpTools\Traits\TPathTools;
|
||||
use Exception;
|
||||
use OCA\Social\AP;
|
||||
use OCA\Social\Exceptions\InvalidOriginException;
|
||||
use OCA\Social\Exceptions\InvalidResourceException;
|
||||
use OCA\Social\Exceptions\RedundancyLimitException;
|
||||
use OCA\Social\Exceptions\Request410Exception;
|
||||
use OCA\Social\Exceptions\RequestException;
|
||||
use OCA\Social\Exceptions\SocialAppConfigException;
|
||||
use OCA\Social\Exceptions\UnknownItemException;
|
||||
use OCA\Social\Model\ActivityPub\Actor\Person;
|
||||
|
||||
class CurlService {
|
||||
|
||||
|
|
@ -75,10 +80,14 @@ class CurlService {
|
|||
* @param string $account
|
||||
*
|
||||
* @return mixed
|
||||
* @throws RequestException
|
||||
* @throws InvalidResourceException
|
||||
* @throws Request410Exception
|
||||
* @throws MalformedArrayException
|
||||
* @throws Request410Exception
|
||||
* @throws RequestException
|
||||
* @throws SocialAppConfigException
|
||||
* @throws RedundancyLimitException
|
||||
* @throws UnknownItemException
|
||||
* @throws InvalidOriginException
|
||||
*/
|
||||
public function retrieveAccount(string $account) {
|
||||
$account = $this->withoutBeginAt($account);
|
||||
|
|
@ -103,7 +112,16 @@ class CurlService {
|
|||
throw new RequestException();
|
||||
}
|
||||
|
||||
return $this->retrieveObject($this->get('href', $link, ''));
|
||||
$data = $this->retrieveObject($this->get('href', $link, ''));
|
||||
$object = AP::$activityPub->getItemFromData($data);
|
||||
|
||||
if ($object->getType() === Person::TYPE) {
|
||||
return $object;
|
||||
}
|
||||
|
||||
$object->checkOrigin($object->getId());
|
||||
|
||||
throw new UnknownItemException();
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
Ładowanie…
Reference in New Issue