From 4d2c6707c2f5f7723f1fcf03cdbf9476f2d5b3ad Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 19 May 2018 07:03:53 +0000 Subject: [PATCH] activitypub: normalize the actor to ensure we have its URI --- lib/pleroma/plugs/http_signature.ex | 3 ++- lib/pleroma/web/activity_pub/utils.ex | 16 ++++++++++++++++ lib/pleroma/web/federator/federator.ex | 3 +++ .../web/http_signatures/http_signatures.ex | 6 +++--- 4 files changed, 24 insertions(+), 4 deletions(-) diff --git a/lib/pleroma/plugs/http_signature.ex b/lib/pleroma/plugs/http_signature.ex index efde652f5..2d0e10cad 100644 --- a/lib/pleroma/plugs/http_signature.ex +++ b/lib/pleroma/plugs/http_signature.ex @@ -1,5 +1,6 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do alias Pleroma.Web.HTTPSignatures + alias Pleroma.Web.ActivityPub.Utils import Plug.Conn require Logger @@ -12,7 +13,7 @@ def call(%{assigns: %{valid_signature: true}} = conn, _opts) do end def call(conn, _opts) do - user = conn.params["actor"] + user = Utils.normalize_actor(conn.params["actor"]) Logger.debug("Checking sig for #{user}") [signature | _] = get_req_header(conn, "signature") diff --git a/lib/pleroma/web/activity_pub/utils.ex b/lib/pleroma/web/activity_pub/utils.ex index f98545336..d92db0d5f 100644 --- a/lib/pleroma/web/activity_pub/utils.ex +++ b/lib/pleroma/web/activity_pub/utils.ex @@ -5,6 +5,22 @@ defmodule Pleroma.Web.ActivityPub.Utils do alias Ecto.{Changeset, UUID} import Ecto.Query + # Some implementations send the actor URI as the actor field, others send the entire actor object, + # so figure out what the actor's URI is based on what we have. + def normalize_actor(actor) do + cond do + is_binary(actor) -> + actor + + is_map(actor) -> + actor["id"] + end + end + + def normalize_params(params) do + Map.put(params, "actor", normalize_actor(params["actor"])) + end + def make_json_ld_header do %{ "@context" => [ diff --git a/lib/pleroma/web/federator/federator.ex b/lib/pleroma/web/federator/federator.ex index f84af2f15..8ca530031 100644 --- a/lib/pleroma/web/federator/federator.ex +++ b/lib/pleroma/web/federator/federator.ex @@ -5,6 +5,7 @@ defmodule Pleroma.Web.Federator do alias Pleroma.Web.{WebFinger, Websub} alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.Transmogrifier + alias Pleroma.Web.ActivityPub.Utils require Logger @websub Application.get_env(:pleroma, :websub) @@ -91,6 +92,8 @@ def handle(:incoming_doc, doc) do def handle(:incoming_ap_doc, params) do Logger.info("Handling incoming AP activity") + params = Utils.normalize_params(params) + with {:ok, _user} <- ap_enabled_actor(params["actor"]), nil <- Activity.get_by_ap_id(params["id"]), {:ok, _activity} <- Transmogrifier.handle_incoming(params) do diff --git a/lib/pleroma/web/http_signatures/http_signatures.ex b/lib/pleroma/web/http_signatures/http_signatures.ex index 9035f5eb6..dd3f825db 100644 --- a/lib/pleroma/web/http_signatures/http_signatures.ex +++ b/lib/pleroma/web/http_signatures/http_signatures.ex @@ -1,7 +1,7 @@ # https://tools.ietf.org/html/draft-cavage-http-signatures-08 defmodule Pleroma.Web.HTTPSignatures do alias Pleroma.User - alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.ActivityPub.Utils require Logger def split_signature(sig) do @@ -31,14 +31,14 @@ def validate(headers, signature, public_key) do def validate_conn(conn) do # TODO: How to get the right key and see if it is actually valid for that request. # For now, fetch the key for the actor. - with actor_id <- conn.params["actor"], + with actor_id <- Utils.normalize_actor(conn.params["actor"]), {:ok, public_key} <- User.get_public_key_for_ap_id(actor_id) do if validate_conn(conn, public_key) do true else Logger.debug("Could not validate, re-fetching user and trying one more time") # Fetch user anew and try one more time - with actor_id <- conn.params["actor"], + with actor_id <- Utils.normalize_actor(conn.params["actor"]), {:ok, _user} <- ActivityPub.make_user_from_ap_id(actor_id), {:ok, public_key} <- User.get_public_key_for_ap_id(actor_id) do validate_conn(conn, public_key)