aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2019-03-19 09:34:29 +0100
committerChocobozzz <me@florianbigard.com>2019-03-19 09:34:29 +0100
commite65c0c5b1fab9c3d93f51721b2458cf5cf471f20 (patch)
treefbdb8fef45aedf8fcdfbf676f8e5418244901503
parent0f6acda11681de90d38dd18669863c6e270851ee (diff)
downloadPeerTube-e65c0c5b1fab9c3d93f51721b2458cf5cf471f20.tar.gz
PeerTube-e65c0c5b1fab9c3d93f51721b2458cf5cf471f20.tar.zst
PeerTube-e65c0c5b1fab9c3d93f51721b2458cf5cf471f20.zip
Better AP route checker
-rw-r--r--server/controllers/activitypub/client.ts112
-rw-r--r--server/middlewares/activitypub.ts26
2 files changed, 76 insertions, 62 deletions
diff --git a/server/controllers/activitypub/client.ts b/server/controllers/activitypub/client.ts
index f1217f6db..cc2671fc1 100644
--- a/server/controllers/activitypub/client.ts
+++ b/server/controllers/activitypub/client.ts
@@ -45,97 +45,119 @@ import { VideoPlaylistPrivacy } from '../../../shared/models/videos/playlist/vid
45const activityPubClientRouter = express.Router() 45const activityPubClientRouter = express.Router()
46 46
47activityPubClientRouter.get('/accounts?/:name', 47activityPubClientRouter.get('/accounts?/:name',
48 executeIfActivityPub(asyncMiddleware(localAccountValidator)), 48 executeIfActivityPub,
49 executeIfActivityPub(accountController) 49 asyncMiddleware(localAccountValidator),
50 accountController
50) 51)
51activityPubClientRouter.get('/accounts?/:name/followers', 52activityPubClientRouter.get('/accounts?/:name/followers',
52 executeIfActivityPub(asyncMiddleware(localAccountValidator)), 53 executeIfActivityPub,
53 executeIfActivityPub(asyncMiddleware(accountFollowersController)) 54 asyncMiddleware(localAccountValidator),
55 asyncMiddleware(accountFollowersController)
54) 56)
55activityPubClientRouter.get('/accounts?/:name/following', 57activityPubClientRouter.get('/accounts?/:name/following',
56 executeIfActivityPub(asyncMiddleware(localAccountValidator)), 58 executeIfActivityPub,
57 executeIfActivityPub(asyncMiddleware(accountFollowingController)) 59 asyncMiddleware(localAccountValidator),
60 asyncMiddleware(accountFollowingController)
58) 61)
59activityPubClientRouter.get('/accounts?/:name/playlists', 62activityPubClientRouter.get('/accounts?/:name/playlists',
60 executeIfActivityPub(asyncMiddleware(localAccountValidator)), 63 executeIfActivityPub,
61 executeIfActivityPub(asyncMiddleware(accountPlaylistsController)) 64 asyncMiddleware(localAccountValidator),
65 asyncMiddleware(accountPlaylistsController)
62) 66)
63activityPubClientRouter.get('/accounts?/:name/likes/:videoId', 67activityPubClientRouter.get('/accounts?/:name/likes/:videoId',
64 executeIfActivityPub(asyncMiddleware(getAccountVideoRateValidator('like'))), 68 executeIfActivityPub,
65 executeIfActivityPub(getAccountVideoRate('like')) 69 asyncMiddleware(getAccountVideoRateValidator('like')),
70 getAccountVideoRate('like')
66) 71)
67activityPubClientRouter.get('/accounts?/:name/dislikes/:videoId', 72activityPubClientRouter.get('/accounts?/:name/dislikes/:videoId',
68 executeIfActivityPub(asyncMiddleware(getAccountVideoRateValidator('dislike'))), 73 executeIfActivityPub,
69 executeIfActivityPub(getAccountVideoRate('dislike')) 74 asyncMiddleware(getAccountVideoRateValidator('dislike')),
75 getAccountVideoRate('dislike')
70) 76)
71 77
72activityPubClientRouter.get('/videos/watch/:id', 78activityPubClientRouter.get('/videos/watch/:id',
73 executeIfActivityPub(asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.ACTIVITY_PUB.VIDEOS))), 79 executeIfActivityPub,
74 executeIfActivityPub(asyncMiddleware(videosCustomGetValidator('only-video-with-rights'))), 80 asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.ACTIVITY_PUB.VIDEOS)),
75 executeIfActivityPub(asyncMiddleware(videoController)) 81 asyncMiddleware(videosCustomGetValidator('only-video-with-rights')),
82 asyncMiddleware(videoController)
76) 83)
77activityPubClientRouter.get('/videos/watch/:id/activity', 84activityPubClientRouter.get('/videos/watch/:id/activity',
78 executeIfActivityPub(asyncMiddleware(videosCustomGetValidator('only-video-with-rights'))), 85 executeIfActivityPub,
79 executeIfActivityPub(asyncMiddleware(videoController)) 86 asyncMiddleware(videosCustomGetValidator('only-video-with-rights')),
87 asyncMiddleware(videoController)
80) 88)
81activityPubClientRouter.get('/videos/watch/:id/announces', 89activityPubClientRouter.get('/videos/watch/:id/announces',
82 executeIfActivityPub(asyncMiddleware(videosCustomGetValidator('only-video'))), 90 executeIfActivityPub,
83 executeIfActivityPub(asyncMiddleware(videoAnnouncesController)) 91 asyncMiddleware(videosCustomGetValidator('only-video')),
92 asyncMiddleware(videoAnnouncesController)
84) 93)
85activityPubClientRouter.get('/videos/watch/:id/announces/:actorId', 94activityPubClientRouter.get('/videos/watch/:id/announces/:actorId',
86 executeIfActivityPub(asyncMiddleware(videosShareValidator)), 95 executeIfActivityPub,
87 executeIfActivityPub(asyncMiddleware(videoAnnounceController)) 96 asyncMiddleware(videosShareValidator),
97 asyncMiddleware(videoAnnounceController)
88) 98)
89activityPubClientRouter.get('/videos/watch/:id/likes', 99activityPubClientRouter.get('/videos/watch/:id/likes',
90 executeIfActivityPub(asyncMiddleware(videosCustomGetValidator('only-video'))), 100 executeIfActivityPub,
91 executeIfActivityPub(asyncMiddleware(videoLikesController)) 101 asyncMiddleware(videosCustomGetValidator('only-video')),
102 asyncMiddleware(videoLikesController)
92) 103)
93activityPubClientRouter.get('/videos/watch/:id/dislikes', 104activityPubClientRouter.get('/videos/watch/:id/dislikes',
94 executeIfActivityPub(asyncMiddleware(videosCustomGetValidator('only-video'))), 105 executeIfActivityPub,
95 executeIfActivityPub(asyncMiddleware(videoDislikesController)) 106 asyncMiddleware(videosCustomGetValidator('only-video')),
107 asyncMiddleware(videoDislikesController)
96) 108)
97activityPubClientRouter.get('/videos/watch/:id/comments', 109activityPubClientRouter.get('/videos/watch/:id/comments',
98 executeIfActivityPub(asyncMiddleware(videosCustomGetValidator('only-video'))), 110 executeIfActivityPub,
99 executeIfActivityPub(asyncMiddleware(videoCommentsController)) 111 asyncMiddleware(videosCustomGetValidator('only-video')),
112 asyncMiddleware(videoCommentsController)
100) 113)
101activityPubClientRouter.get('/videos/watch/:videoId/comments/:commentId', 114activityPubClientRouter.get('/videos/watch/:videoId/comments/:commentId',
102 executeIfActivityPub(asyncMiddleware(videoCommentGetValidator)), 115 executeIfActivityPub,
103 executeIfActivityPub(asyncMiddleware(videoCommentController)) 116 asyncMiddleware(videoCommentGetValidator),
117 asyncMiddleware(videoCommentController)
104) 118)
105activityPubClientRouter.get('/videos/watch/:videoId/comments/:commentId/activity', 119activityPubClientRouter.get('/videos/watch/:videoId/comments/:commentId/activity',
106 executeIfActivityPub(asyncMiddleware(videoCommentGetValidator)), 120 executeIfActivityPub,
107 executeIfActivityPub(asyncMiddleware(videoCommentController)) 121 asyncMiddleware(videoCommentGetValidator),
122 asyncMiddleware(videoCommentController)
108) 123)
109 124
110activityPubClientRouter.get('/video-channels/:name', 125activityPubClientRouter.get('/video-channels/:name',
111 executeIfActivityPub(asyncMiddleware(localVideoChannelValidator)), 126 executeIfActivityPub,
112 executeIfActivityPub(asyncMiddleware(videoChannelController)) 127 asyncMiddleware(localVideoChannelValidator),
128 asyncMiddleware(videoChannelController)
113) 129)
114activityPubClientRouter.get('/video-channels/:name/followers', 130activityPubClientRouter.get('/video-channels/:name/followers',
115 executeIfActivityPub(asyncMiddleware(localVideoChannelValidator)), 131 executeIfActivityPub,
116 executeIfActivityPub(asyncMiddleware(videoChannelFollowersController)) 132 asyncMiddleware(localVideoChannelValidator),
133 asyncMiddleware(videoChannelFollowersController)
117) 134)
118activityPubClientRouter.get('/video-channels/:name/following', 135activityPubClientRouter.get('/video-channels/:name/following',
119 executeIfActivityPub(asyncMiddleware(localVideoChannelValidator)), 136 executeIfActivityPub,
120 executeIfActivityPub(asyncMiddleware(videoChannelFollowingController)) 137 asyncMiddleware(localVideoChannelValidator),
138 asyncMiddleware(videoChannelFollowingController)
121) 139)
122 140
123activityPubClientRouter.get('/redundancy/videos/:videoId/:resolution([0-9]+)(-:fps([0-9]+))?', 141activityPubClientRouter.get('/redundancy/videos/:videoId/:resolution([0-9]+)(-:fps([0-9]+))?',
124 executeIfActivityPub(asyncMiddleware(videoFileRedundancyGetValidator)), 142 executeIfActivityPub,
125 executeIfActivityPub(asyncMiddleware(videoRedundancyController)) 143 asyncMiddleware(videoFileRedundancyGetValidator),
144 asyncMiddleware(videoRedundancyController)
126) 145)
127activityPubClientRouter.get('/redundancy/streaming-playlists/:streamingPlaylistType/:videoId', 146activityPubClientRouter.get('/redundancy/streaming-playlists/:streamingPlaylistType/:videoId',
128 executeIfActivityPub(asyncMiddleware(videoPlaylistRedundancyGetValidator)), 147 executeIfActivityPub,
129 executeIfActivityPub(asyncMiddleware(videoRedundancyController)) 148 asyncMiddleware(videoPlaylistRedundancyGetValidator),
149 asyncMiddleware(videoRedundancyController)
130) 150)
131 151
132activityPubClientRouter.get('/video-playlists/:playlistId', 152activityPubClientRouter.get('/video-playlists/:playlistId',
133 executeIfActivityPub(asyncMiddleware(videoPlaylistsGetValidator)), 153 executeIfActivityPub,
134 executeIfActivityPub(asyncMiddleware(videoPlaylistController)) 154 asyncMiddleware(videoPlaylistsGetValidator),
155 asyncMiddleware(videoPlaylistController)
135) 156)
136activityPubClientRouter.get('/video-playlists/:playlistId/:videoId', 157activityPubClientRouter.get('/video-playlists/:playlistId/:videoId',
137 executeIfActivityPub(asyncMiddleware(videoPlaylistElementAPGetValidator)), 158 executeIfActivityPub,
138 executeIfActivityPub(asyncMiddleware(videoPlaylistElementController)) 159 asyncMiddleware(videoPlaylistElementAPGetValidator),
160 asyncMiddleware(videoPlaylistElementController)
139) 161)
140 162
141// --------------------------------------------------------------------------- 163// ---------------------------------------------------------------------------
diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts
index 01e5dd24e..5fa10cbfd 100644
--- a/server/middlewares/activitypub.ts
+++ b/server/middlewares/activitypub.ts
@@ -1,5 +1,4 @@
1import { eachSeries } from 'async' 1import { NextFunction, Request, Response } from 'express'
2import { NextFunction, Request, RequestHandler, Response } from 'express'
3import { ActivityPubSignature } from '../../shared' 2import { ActivityPubSignature } from '../../shared'
4import { logger } from '../helpers/logger' 3import { logger } from '../helpers/logger'
5import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../helpers/peertube-crypto' 4import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../helpers/peertube-crypto'
@@ -30,23 +29,16 @@ async function checkSignature (req: Request, res: Response, next: NextFunction)
30 } 29 }
31} 30}
32 31
33function executeIfActivityPub (fun: RequestHandler | RequestHandler[]) { 32function executeIfActivityPub (req: Request, res: Response, next: NextFunction) {
34 return (req: Request, res: Response, next: NextFunction) => { 33 const accepted = req.accepts(ACCEPT_HEADERS)
35 const accepted = req.accepts(ACCEPT_HEADERS) 34 if (accepted === false || ACTIVITY_PUB.POTENTIAL_ACCEPT_HEADERS.indexOf(accepted) === -1) {
36 if (accepted === false || ACTIVITY_PUB.POTENTIAL_ACCEPT_HEADERS.indexOf(accepted) === -1) { 35 // Bypass this route
37 return next() 36 return next('route')
38 } 37 }
39 38
40 logger.debug('ActivityPub request for %s.', req.url) 39 logger.debug('ActivityPub request for %s.', req.url)
41 40
42 if (Array.isArray(fun) === true) { 41 return next()
43 return eachSeries(fun as RequestHandler[], (f, cb) => {
44 f(req, res, cb)
45 }, next)
46 }
47
48 return (fun as RequestHandler)(req, res, next)
49 }
50} 42}
51 43
52// --------------------------------------------------------------------------- 44// ---------------------------------------------------------------------------