[github/Chocobozzz/PeerTube.git] / server / middlewares / validators / activitypub / activity.ts

import * as express from 'express'
import { isRootActivityValid } from '../../../helpers/custom-validators/activitypub/activity'
import { logger } from '../../../helpers/logger'
import { getServerActor } from '@server/models/application/application'
import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'

async function activityPubValidator (req: express.Request, res: express.Response, next: express.NextFunction) {
  logger.debug('Checking activity pub parameters')

  if (!isRootActivityValid(req.body)) {
    logger.warn('Incorrect activity parameters.', { activity: req.body })
    return res.status(HttpStatusCode.BAD_REQUEST_400)
              .json({ error: 'Incorrect activity.' })
  }

  const serverActor = await getServerActor()
  const remoteActor = res.locals.signature.actor
  if (serverActor.id === remoteActor.id) {
    logger.error('Receiving request in INBOX by ourselves!', req.body)
    return res.status(HttpStatusCode.CONFLICT_409)
              .end()
  }

  return next()
}

// ---------------------------------------------------------------------------

export {
  activityPubValidator
}
Commit	Line	Data
	1	import * as express from 'express'
	2	import { isRootActivityValid } from '../../../helpers/custom-validators/activitypub/activity'
	3	import { logger } from '../../../helpers/logger'
	4	import { getServerActor } from '@server/models/application/application'
	5	import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
	6
	7	async function activityPubValidator (req: express.Request, res: express.Response, next: express.NextFunction) {
	8	logger.debug('Checking activity pub parameters')
	9
	10	if (!isRootActivityValid(req.body)) {
	11	logger.warn('Incorrect activity parameters.', { activity: req.body })
	12	return res.status(HttpStatusCode.BAD_REQUEST_400)
	13	.json({ error: 'Incorrect activity.' })
	14	}
	15
	16	const serverActor = await getServerActor()
	17	const remoteActor = res.locals.signature.actor
	18	if (serverActor.id === remoteActor.id) {
	19	logger.error('Receiving request in INBOX by ourselves!', req.body)
	20	return res.status(HttpStatusCode.CONFLICT_409)
	21	.end()
	22	}
	23
	24	return next()
	25	}
	26
	27	// ---------------------------------------------------------------------------
	28
	29	export {
	30	activityPubValidator
	31	}