kopia lustrzana https://github.com/nextcloud/social
refresh keys after 7 days
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>pull/291/head
Maxence Lange
rodzic
43fc850c18
commit
dd30d98cac
|
|
@ -102,6 +102,9 @@ class CacheRefresh extends Base {
|
||||||
*/
|
*/
|
||||||
protected function execute(InputInterface $input, OutputInterface $output) {
|
protected function execute(InputInterface $input, OutputInterface $output) {
|
||||||
|
|
||||||
|
$result = $this->actorService->blindKeyRotation();
|
||||||
|
$output->writeLn($result . ' key pairs refreshed');
|
||||||
|
|
||||||
$result = $this->actorService->manageCacheLocalActors();
|
$result = $this->actorService->manageCacheLocalActors();
|
||||||
$output->writeLn($result . ' local accounts regenerated');
|
$output->writeLn($result . ' local accounts regenerated');
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -94,6 +94,11 @@ class Cache extends TimedJob {
|
||||||
|
|
||||||
|
|
||||||
private function manageCache() {
|
private function manageCache() {
|
||||||
|
try {
|
||||||
|
$this->accountService->blindKeyRotation();
|
||||||
|
} catch (Exception $e) {
|
||||||
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$this->accountService->manageCacheLocalActors();
|
$this->accountService->manageCacheLocalActors();
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
|
|
|
||||||
|
|
@ -30,11 +30,13 @@ declare(strict_types=1);
|
||||||
namespace OCA\Social\Db;
|
namespace OCA\Social\Db;
|
||||||
|
|
||||||
|
|
||||||
|
use DateTime;
|
||||||
use OCA\Social\Exceptions\ActorDoesNotExistException;
|
use OCA\Social\Exceptions\ActorDoesNotExistException;
|
||||||
use OCA\Social\Exceptions\SocialAppConfigException;
|
use OCA\Social\Exceptions\SocialAppConfigException;
|
||||||
use OCA\Social\Model\ActivityPub\Actor\Person;
|
use OCA\Social\Model\ActivityPub\Actor\Person;
|
||||||
use OCA\Social\Service\ConfigService;
|
use OCA\Social\Service\ConfigService;
|
||||||
use OCA\Social\Service\MiscService;
|
use OCA\Social\Service\MiscService;
|
||||||
|
use OCP\DB\QueryBuilder\IQueryBuilder;
|
||||||
use OCP\IDBConnection;
|
use OCP\IDBConnection;
|
||||||
|
|
||||||
class ActorsRequest extends ActorsRequestBuilder {
|
class ActorsRequest extends ActorsRequestBuilder {
|
||||||
|
|
@ -77,7 +79,11 @@ class ActorsRequest extends ActorsRequestBuilder {
|
||||||
'preferred_username', $qb->createNamedParameter($actor->getPreferredUsername())
|
'preferred_username', $qb->createNamedParameter($actor->getPreferredUsername())
|
||||||
)
|
)
|
||||||
->setValue('public_key', $qb->createNamedParameter($actor->getPublicKey()))
|
->setValue('public_key', $qb->createNamedParameter($actor->getPublicKey()))
|
||||||
->setValue('private_key', $qb->createNamedParameter($actor->getPrivateKey()));
|
->setValue('private_key', $qb->createNamedParameter($actor->getPrivateKey()))
|
||||||
|
->setValue(
|
||||||
|
'creation',
|
||||||
|
$qb->createNamedParameter(new DateTime('now'), IQueryBuilder::PARAM_DATE)
|
||||||
|
);
|
||||||
|
|
||||||
$qb->execute();
|
$qb->execute();
|
||||||
|
|
||||||
|
|
@ -85,6 +91,9 @@ class ActorsRequest extends ActorsRequestBuilder {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param Person $actor
|
||||||
|
*/
|
||||||
public function update(Person $actor) {
|
public function update(Person $actor) {
|
||||||
$qb = $this->getActorsUpdateSql();
|
$qb = $this->getActorsUpdateSql();
|
||||||
$qb->set('avatar_version', $qb->createNamedParameter($actor->getAvatarVersion()));
|
$qb->set('avatar_version', $qb->createNamedParameter($actor->getAvatarVersion()));
|
||||||
|
|
@ -94,6 +103,23 @@ class ActorsRequest extends ActorsRequestBuilder {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param Person $actor
|
||||||
|
*/
|
||||||
|
public function refreshKeys(Person $actor) {
|
||||||
|
$qb = $this->getActorsUpdateSql();
|
||||||
|
$qb->set('public_key', $qb->createNamedParameter($actor->getPublicKey()))
|
||||||
|
->set('private_key', $qb->createNamedParameter($actor->getPrivateKey()))
|
||||||
|
->set(
|
||||||
|
'creation',
|
||||||
|
$qb->createNamedParameter(new DateTime('now'), IQueryBuilder::PARAM_DATE)
|
||||||
|
);
|
||||||
|
$this->limitToIdString($qb, $actor->getId());
|
||||||
|
|
||||||
|
$qb->execute();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* return Actor from database based on the username
|
* return Actor from database based on the username
|
||||||
*
|
*
|
||||||
|
|
|
||||||
|
|
@ -31,6 +31,7 @@ declare(strict_types=1);
|
||||||
namespace OCA\Social\Model\ActivityPub\Actor;
|
namespace OCA\Social\Model\ActivityPub\Actor;
|
||||||
|
|
||||||
|
|
||||||
|
use DateTime;
|
||||||
use JsonSerializable;
|
use JsonSerializable;
|
||||||
use OCA\Social\Exceptions\UrlCloudException;
|
use OCA\Social\Exceptions\UrlCloudException;
|
||||||
use OCA\Social\Model\ActivityPub\ACore;
|
use OCA\Social\Model\ActivityPub\ACore;
|
||||||
|
|
@ -474,7 +475,12 @@ class Person extends ACore implements JsonSerializable {
|
||||||
*/
|
*/
|
||||||
public function importFromDatabase(array $data) {
|
public function importFromDatabase(array $data) {
|
||||||
parent::importFromDatabase($data);
|
parent::importFromDatabase($data);
|
||||||
$this->setPreferredUsername($this->validate(self::AS_USERNAME, 'preferred_username', $data, ''))
|
|
||||||
|
$dTime = new DateTime($this->get('creation', $data, 'yesterday'));
|
||||||
|
|
||||||
|
$this->setPreferredUsername(
|
||||||
|
$this->validate(self::AS_USERNAME, 'preferred_username', $data, '')
|
||||||
|
)
|
||||||
->setName($this->validate(self::AS_USERNAME, 'name', $data, ''))
|
->setName($this->validate(self::AS_USERNAME, 'name', $data, ''))
|
||||||
->setAccount($this->validate(self::AS_ACCOUNT, 'account', $data, ''))
|
->setAccount($this->validate(self::AS_ACCOUNT, 'account', $data, ''))
|
||||||
->setPublicKey($this->get('public_key', $data, ''))
|
->setPublicKey($this->get('public_key', $data, ''))
|
||||||
|
|
@ -486,7 +492,7 @@ class Person extends ACore implements JsonSerializable {
|
||||||
->setSharedInbox($this->validate(self::AS_URL, 'shared_inbox', $data, ''))
|
->setSharedInbox($this->validate(self::AS_URL, 'shared_inbox', $data, ''))
|
||||||
->setFeatured($this->validate(self::AS_URL, 'featured', $data, ''))
|
->setFeatured($this->validate(self::AS_URL, 'featured', $data, ''))
|
||||||
->setDetails($this->getArray('details', $data, []))
|
->setDetails($this->getArray('details', $data, []))
|
||||||
->setCreation($this->getInt('creation', $data, 0));
|
->setCreation($dTime->getTimestamp());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -53,6 +53,9 @@ use OCP\IUserManager;
|
||||||
class AccountService {
|
class AccountService {
|
||||||
|
|
||||||
|
|
||||||
|
const KEY_PAIR_LIFESPAN = 7;
|
||||||
|
|
||||||
|
|
||||||
use TArrayTools;
|
use TArrayTools;
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -310,4 +313,26 @@ class AccountService {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @throws Exception
|
||||||
|
* @return int
|
||||||
|
*/
|
||||||
|
public function blindKeyRotation(): int {
|
||||||
|
$update = $this->actorsRequest->getAll();
|
||||||
|
$count = 0;
|
||||||
|
foreach ($update as $actor) {
|
||||||
|
try {
|
||||||
|
if ($actor->getCreation() < (time() - (self::KEY_PAIR_LIFESPAN * 3600 * 24))) {
|
||||||
|
$this->signatureService->generateKeys($actor);
|
||||||
|
$this->actorsRequest->refreshKeys($actor);
|
||||||
|
$count++;
|
||||||
|
}
|
||||||
|
} catch (Exception $e) {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $count;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Ładowanie…
Reference in New Issue