2017-08-08 21:52:15 +02:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
class ActivityPub::FetchRemoteAccountService < BaseService
|
|
|
|
include JsonLdHelper
|
2019-07-09 03:27:35 +02:00
|
|
|
include DomainControlHelper
|
2020-05-10 11:41:43 +02:00
|
|
|
include WebfingerHelper
|
2017-08-08 21:52:15 +02:00
|
|
|
|
2018-04-02 02:10:53 +02:00
|
|
|
SUPPORTED_TYPES = %w(Application Group Organization Person Service).freeze
|
|
|
|
|
2019-01-07 21:45:13 +01:00
|
|
|
# Does a WebFinger roundtrip on each call, unless `only_key` is true
|
|
|
|
def call(uri, id: true, prefetched_body: nil, break_on_redirect: false, only_key: false)
|
2019-07-09 03:27:35 +02:00
|
|
|
return if domain_not_allowed?(uri)
|
2018-10-26 23:08:34 +02:00
|
|
|
return ActivityPub::TagManager.instance.uri_to_resource(uri, Account) if ActivityPub::TagManager.instance.local_uri?(uri)
|
|
|
|
|
2019-07-09 03:27:35 +02:00
|
|
|
@json = begin
|
|
|
|
if prefetched_body.nil?
|
|
|
|
fetch_resource(uri, id)
|
|
|
|
else
|
|
|
|
body_to_json(prefetched_body, compare_id: id ? uri : nil)
|
|
|
|
end
|
|
|
|
end
|
2017-08-08 21:52:15 +02:00
|
|
|
|
2018-07-28 23:14:55 +02:00
|
|
|
return if !supported_context? || !expected_type? || (break_on_redirect && @json['movedTo'].present?)
|
2017-08-08 21:52:15 +02:00
|
|
|
|
|
|
|
@uri = @json['id']
|
|
|
|
@username = @json['preferredUsername']
|
2017-10-04 01:13:48 +02:00
|
|
|
@domain = Addressable::URI.parse(@uri).normalized_host
|
2017-08-08 21:52:15 +02:00
|
|
|
|
2019-01-07 21:45:13 +01:00
|
|
|
return unless only_key || verified_webfinger?
|
2017-08-08 21:52:15 +02:00
|
|
|
|
2020-12-18 23:26:26 +01:00
|
|
|
ActivityPub::ProcessAccountService.new.call(@username, @domain, @json, only_key: only_key, verified_webfinger: !only_key)
|
2017-08-08 21:52:15 +02:00
|
|
|
rescue Oj::ParseError
|
|
|
|
nil
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def verified_webfinger?
|
2020-05-10 11:41:43 +02:00
|
|
|
webfinger = webfinger!("acct:#{@username}@#{@domain}")
|
2017-08-08 21:52:15 +02:00
|
|
|
confirmed_username, confirmed_domain = split_acct(webfinger.subject)
|
|
|
|
|
2020-10-08 00:34:57 +02:00
|
|
|
return webfinger.link('self', 'href') == @uri if @username.casecmp(confirmed_username).zero? && @domain.casecmp(confirmed_domain).zero?
|
2017-08-08 21:52:15 +02:00
|
|
|
|
2020-05-10 11:41:43 +02:00
|
|
|
webfinger = webfinger!("acct:#{confirmed_username}@#{confirmed_domain}")
|
2017-10-04 00:33:56 +02:00
|
|
|
@username, @domain = split_acct(webfinger.subject)
|
2017-08-08 21:52:15 +02:00
|
|
|
|
2017-10-04 00:33:56 +02:00
|
|
|
return false unless @username.casecmp(confirmed_username).zero? && @domain.casecmp(confirmed_domain).zero?
|
2020-10-08 00:34:57 +02:00
|
|
|
return false if webfinger.link('self', 'href') != @uri
|
2017-08-08 21:52:15 +02:00
|
|
|
|
|
|
|
true
|
2020-10-08 00:34:57 +02:00
|
|
|
rescue Webfinger::Error
|
2017-08-08 21:52:15 +02:00
|
|
|
false
|
|
|
|
end
|
|
|
|
|
|
|
|
def split_acct(acct)
|
|
|
|
acct.gsub(/\Aacct:/, '').split('@')
|
|
|
|
end
|
|
|
|
|
|
|
|
def supported_context?
|
|
|
|
super(@json)
|
|
|
|
end
|
|
|
|
|
|
|
|
def expected_type?
|
2018-05-02 12:40:24 +02:00
|
|
|
equals_or_includes_any?(@json['type'], SUPPORTED_TYPES)
|
2017-08-08 21:52:15 +02:00
|
|
|
end
|
|
|
|
end
|