X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Factivitypub.ts;h=580606a68387067186565384432261e91d3f8f5d;hb=923ff87da2761fd88a8ca269ac1ef403abb583d2;hp=c6d8466acda03abe664ab89a739f83d05053e0f7;hpb=99849607a67ff8dd3bef75b347ce39716e46f090;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts
index c6d8466ac..580606a68 100644
--- a/server/middlewares/activitypub.ts
+++ b/server/middlewares/activitypub.ts
@@ -1,10 +1,12 @@
 import { NextFunction, Request, Response } from 'express'
-import { ActivityPubSignature } from '../../shared'
+import { ActivityDelete, ActivityPubSignature } from '../../shared'
 import { logger } from '../helpers/logger'
 import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../helpers/peertube-crypto'
 import { ACCEPT_HEADERS, ACTIVITY_PUB, HTTP_SIGNATURE } from '../initializers/constants'
-import { getOrCreateActorAndServerAndModel } from '../lib/activitypub'
+import { getOrCreateActorAndServerAndModel } from '../lib/activitypub/actor'
 import { loadActorUrlOrGetFromWebfinger } from '../helpers/webfinger'
+import { isActorDeleteActivityValid } from '@server/helpers/custom-validators/activitypub/actor'
+import { getAPId } from '@server/helpers/activitypub'
 
 async function checkSignature (req: Request, res: Response, next: NextFunction) {
   try {
@@ -15,7 +17,7 @@ async function checkSignature (req: Request, res: Response, next: NextFunction)
 
     // Forwarded activity
     const bodyActor = req.body.actor
-    const bodyActorId = bodyActor && bodyActor.id ? bodyActor.id : bodyActor
+    const bodyActorId = getAPId(bodyActor)
     if (bodyActorId && bodyActorId !== actor.url) {
       const jsonLDSignatureChecked = await checkJsonLDSignature(req, res)
       if (jsonLDSignatureChecked !== true) return
@@ -23,14 +25,20 @@ async function checkSignature (req: Request, res: Response, next: NextFunction)
 
     return next()
   } catch (err) {
-    logger.error('Error in ActivityPub signature checker.', err)
+    const activity: ActivityDelete = req.body
+    if (isActorDeleteActivityValid(activity) && activity.object === activity.actor) {
+      logger.debug('Handling signature error on actor delete activity', { err })
+      return res.sendStatus(204)
+    }
+
+    logger.warn('Error in ActivityPub signature checker.', { err })
     return res.sendStatus(403)
   }
 }
 
 function executeIfActivityPub (req: Request, res: Response, next: NextFunction) {
   const accepted = req.accepts(ACCEPT_HEADERS)
-  if (accepted === false || ACTIVITY_PUB.POTENTIAL_ACCEPT_HEADERS.indexOf(accepted) === -1) {
+  if (accepted === false || ACTIVITY_PUB.POTENTIAL_ACCEPT_HEADERS.includes(accepted) === false) {
     // Bypass this route
     return next('route')
   }