diff options
| author | Rigel Kent <sendmemail@rigelk.eu> | 2020-12-07 14:32:36 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-07 14:32:36 +0100 |
| commit | 2d53be0267acc49cda46707b885096193a1f4e9c (patch) | |
| tree | 887061a34bc67f40acbb96a6278f9544bf83caeb /server/middlewares/activitypub.ts | |
| parent | adc1f09c0dbd997f34028c1c82d1c118dc8ead80 (diff) | |
| download | PeerTube-2d53be0267acc49cda46707b885096193a1f4e9c.tar.gz PeerTube-2d53be0267acc49cda46707b885096193a1f4e9c.tar.zst PeerTube-2d53be0267acc49cda46707b885096193a1f4e9c.zip | |
replace numbers with typed http status codes (#3409)
Diffstat (limited to 'server/middlewares/activitypub.ts')
| -rw-r--r-- | server/middlewares/activitypub.ts | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts index d00594059..ce94a2129 100644 --- a/server/middlewares/activitypub.ts +++ b/server/middlewares/activitypub.ts | |||
| @@ -7,6 +7,7 @@ import { getOrCreateActorAndServerAndModel } from '../lib/activitypub/actor' | |||
| 7 | import { loadActorUrlOrGetFromWebfinger } from '../helpers/webfinger' | 7 | import { loadActorUrlOrGetFromWebfinger } from '../helpers/webfinger' |
| 8 | import { isActorDeleteActivityValid } from '@server/helpers/custom-validators/activitypub/actor' | 8 | import { isActorDeleteActivityValid } from '@server/helpers/custom-validators/activitypub/actor' |
| 9 | import { getAPId } from '@server/helpers/activitypub' | 9 | import { getAPId } from '@server/helpers/activitypub' |
| 10 | import { HttpStatusCode } from '../../shared/core-utils/miscs/http-error-codes' | ||
| 10 | 11 | ||
| 11 | async function checkSignature (req: Request, res: Response, next: NextFunction) { | 12 | async function checkSignature (req: Request, res: Response, next: NextFunction) { |
| 12 | try { | 13 | try { |
| @@ -28,11 +29,11 @@ async function checkSignature (req: Request, res: Response, next: NextFunction) | |||
| 28 | const activity: ActivityDelete = req.body | 29 | const activity: ActivityDelete = req.body |
| 29 | if (isActorDeleteActivityValid(activity) && activity.object === activity.actor) { | 30 | if (isActorDeleteActivityValid(activity) && activity.object === activity.actor) { |
| 30 | logger.debug('Handling signature error on actor delete activity', { err }) | 31 | logger.debug('Handling signature error on actor delete activity', { err }) |
| 31 | return res.sendStatus(204) | 32 | return res.sendStatus(HttpStatusCode.NO_CONTENT_204) |
| 32 | } | 33 | } |
| 33 | 34 | ||
| 34 | logger.warn('Error in ActivityPub signature checker.', { err }) | 35 | logger.warn('Error in ActivityPub signature checker.', { err }) |
| 35 | return res.sendStatus(403) | 36 | return res.sendStatus(HttpStatusCode.FORBIDDEN_403) |
| 36 | } | 37 | } |
| 37 | } | 38 | } |
| 38 | 39 | ||
| @@ -70,13 +71,13 @@ async function checkHttpSignature (req: Request, res: Response) { | |||
| 70 | } catch (err) { | 71 | } catch (err) { |
| 71 | logger.warn('Invalid signature because of exception in signature parser', { reqBody: req.body, err }) | 72 | logger.warn('Invalid signature because of exception in signature parser', { reqBody: req.body, err }) |
| 72 | 73 | ||
| 73 | res.status(403).json({ error: err.message }) | 74 | res.status(HttpStatusCode.FORBIDDEN_403).json({ error: err.message }) |
| 74 | return false | 75 | return false |
| 75 | } | 76 | } |
| 76 | 77 | ||
| 77 | const keyId = parsed.keyId | 78 | const keyId = parsed.keyId |
| 78 | if (!keyId) { | 79 | if (!keyId) { |
| 79 | res.sendStatus(403) | 80 | res.sendStatus(HttpStatusCode.FORBIDDEN_403) |
| 80 | return false | 81 | return false |
| 81 | } | 82 | } |
| 82 | 83 | ||
| @@ -93,7 +94,7 @@ async function checkHttpSignature (req: Request, res: Response) { | |||
| 93 | if (verified !== true) { | 94 | if (verified !== true) { |
| 94 | logger.warn('Signature from %s is invalid', actorUrl, { parsed }) | 95 | logger.warn('Signature from %s is invalid', actorUrl, { parsed }) |
| 95 | 96 | ||
| 96 | res.sendStatus(403) | 97 | res.sendStatus(HttpStatusCode.FORBIDDEN_403) |
| 97 | return false | 98 | return false |
| 98 | } | 99 | } |
| 99 | 100 | ||
| @@ -106,7 +107,7 @@ async function checkJsonLDSignature (req: Request, res: Response) { | |||
| 106 | const signatureObject: ActivityPubSignature = req.body.signature | 107 | const signatureObject: ActivityPubSignature = req.body.signature |
| 107 | 108 | ||
| 108 | if (!signatureObject || !signatureObject.creator) { | 109 | if (!signatureObject || !signatureObject.creator) { |
| 109 | res.sendStatus(403) | 110 | res.sendStatus(HttpStatusCode.FORBIDDEN_403) |
| 110 | return false | 111 | return false |
| 111 | } | 112 | } |
| 112 | 113 | ||
| @@ -120,7 +121,7 @@ async function checkJsonLDSignature (req: Request, res: Response) { | |||
| 120 | if (verified !== true) { | 121 | if (verified !== true) { |
| 121 | logger.warn('Signature not verified.', req.body) | 122 | logger.warn('Signature not verified.', req.body) |
| 122 | 123 | ||
| 123 | res.sendStatus(403) | 124 | res.sendStatus(HttpStatusCode.FORBIDDEN_403) |
| 124 | return false | 125 | return false |
| 125 | } | 126 | } |
| 126 | 127 | ||