Optimize signature verification

4 files changed, 28 insertions, 7 deletions

diff --git a/server/helpers/activitypub.ts b/server/helpers/activitypub.ts
index 6f216e106..aff58515a 100644
--- a/server/helpers/activitypub.ts
+++ b/server/helpers/activitypub.ts
@@ -8,7 +8,7 @@ import { ActivityPubActor } from '../../shared/models/activitypub/activitypub-ac
 import { VideoChannelObject } from '../../shared/models/activitypub/objects/video-channel-object'
 import { ResultList } from '../../shared/models/result-list.model'
 import { database as db, REMOTE_SCHEME } from '../initializers'
-import { ACTIVITY_PUB_ACCEPT_HEADER, CONFIG, STATIC_PATHS } from '../initializers/constants'
+import { ACTIVITY_PUB, CONFIG, STATIC_PATHS } from '../initializers/constants'
 import { videoChannelActivityObjectToDBAttributes } from '../lib/activitypub/misc'
 import { sendVideoAnnounce } from '../lib/activitypub/send-request'
 import { sendVideoChannelAnnounce } from '../lib/index'
@@ -99,7 +99,7 @@ async function fetchRemoteAccountAndCreateServer (accountUrl: string) {
     uri: accountUrl,
     method: 'GET',
     headers: {
-      'Accept': ACTIVITY_PUB_ACCEPT_HEADER
+      'Accept': ACTIVITY_PUB.ACCEPT_HEADER
     }
   }
 
@@ -157,7 +157,7 @@ async function fetchRemoteVideoChannel (ownerAccount: AccountInstance, videoChan
     uri: videoChannelUrl,
     method: 'GET',
     headers: {
-      'Accept': ACTIVITY_PUB_ACCEPT_HEADER
+      'Accept': ACTIVITY_PUB.ACCEPT_HEADER
     }
   }
 
diff --git a/server/helpers/custom-jsonld-signature.ts b/server/helpers/custom-jsonld-signature.ts
new file mode 100644
index 000000000..afb960618
--- /dev/null
+++ b/server/helpers/custom-jsonld-signature.ts
@@ -0,0 +1,20 @@
+import * as AsyncLRU from 'async-lru'
+import * as jsonld from 'jsonld'
+import * as jsig from 'jsonld-signatures'
+
+jsig.use('jsonld', jsonld)
+
+const nodeDocumentLoader = jsonld.documentLoaders.node()
+
+const lru = new AsyncLRU({
+  max: 10,
+  load: (key, cb) => {
+    nodeDocumentLoader(key, cb)
+  }
+})
+
+jsonld.documentLoader = (url, cb) => {
+  lru.get(url, cb)
+}
+
+export { jsig }
diff --git a/server/helpers/custom-validators/activitypub/misc.ts b/server/helpers/custom-validators/activitypub/misc.ts
index f09a764b6..1bbfd0fc4 100644
--- a/server/helpers/custom-validators/activitypub/misc.ts
+++ b/server/helpers/custom-validators/activitypub/misc.ts
@@ -28,6 +28,10 @@ function isBaseActivityValid (activity: any, type: string) {
     (
       activity.to === undefined ||
       (Array.isArray(activity.to) && activity.to.every(t => isActivityPubUrlValid(t)))
+    ) &&
+    (
+      activity.cc === undefined ||
+      (Array.isArray(activity.cc) && activity.cc.every(t => isActivityPubUrlValid(t)))
     )
 }
 
diff --git a/server/helpers/peertube-crypto.ts b/server/helpers/peertube-crypto.ts
index 04a8d5681..c61abfa8e 100644
--- a/server/helpers/peertube-crypto.ts
+++ b/server/helpers/peertube-crypto.ts
@@ -1,7 +1,3 @@
-import * as jsonld from 'jsonld'
-import * as jsig from 'jsonld-signatures'
-jsig.use('jsonld', jsonld)
-
 import {
   PRIVATE_RSA_KEY_SIZE,
   BCRYPT_SALT_SIZE
@@ -15,6 +11,7 @@ import {
 } from './core-utils'
 import { logger } from './logger'
 import { AccountInstance } from '../models/account/account-interface'
+import { jsig } from './custom-jsonld-signature'
 
 async function createPrivateAndPublicKeys () {
   logger.info('Generating a RSA key...')