diff options
Diffstat (limited to 'server/middlewares/activitypub.ts')
| -rw-r--r-- | server/middlewares/activitypub.ts | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts index c6d8466ac..ab7d04d25 100644 --- a/server/middlewares/activitypub.ts +++ b/server/middlewares/activitypub.ts | |||
| @@ -1,10 +1,12 @@ | |||
| 1 | import { NextFunction, Request, Response } from 'express' | 1 | import { NextFunction, Request, Response } from 'express' |
| 2 | import { ActivityPubSignature } from '../../shared' | 2 | import { ActivityDelete, ActivityPubSignature } from '../../shared' |
| 3 | import { logger } from '../helpers/logger' | 3 | import { logger } from '../helpers/logger' |
| 4 | import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../helpers/peertube-crypto' | 4 | import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../helpers/peertube-crypto' |
| 5 | import { ACCEPT_HEADERS, ACTIVITY_PUB, HTTP_SIGNATURE } from '../initializers/constants' | 5 | import { ACCEPT_HEADERS, ACTIVITY_PUB, HTTP_SIGNATURE } from '../initializers/constants' |
| 6 | import { getOrCreateActorAndServerAndModel } from '../lib/activitypub' | 6 | import { getOrCreateActorAndServerAndModel } from '../lib/activitypub' |
| 7 | import { loadActorUrlOrGetFromWebfinger } from '../helpers/webfinger' | 7 | import { loadActorUrlOrGetFromWebfinger } from '../helpers/webfinger' |
| 8 | import { isActorDeleteActivityValid } from '@server/helpers/custom-validators/activitypub/actor' | ||
| 9 | import { getAPId } from '@server/helpers/activitypub' | ||
| 8 | 10 | ||
| 9 | async function checkSignature (req: Request, res: Response, next: NextFunction) { | 11 | async function checkSignature (req: Request, res: Response, next: NextFunction) { |
| 10 | try { | 12 | try { |
| @@ -15,7 +17,7 @@ async function checkSignature (req: Request, res: Response, next: NextFunction) | |||
| 15 | 17 | ||
| 16 | // Forwarded activity | 18 | // Forwarded activity |
| 17 | const bodyActor = req.body.actor | 19 | const bodyActor = req.body.actor |
| 18 | const bodyActorId = bodyActor && bodyActor.id ? bodyActor.id : bodyActor | 20 | const bodyActorId = getAPId(bodyActor) |
| 19 | if (bodyActorId && bodyActorId !== actor.url) { | 21 | if (bodyActorId && bodyActorId !== actor.url) { |
| 20 | const jsonLDSignatureChecked = await checkJsonLDSignature(req, res) | 22 | const jsonLDSignatureChecked = await checkJsonLDSignature(req, res) |
| 21 | if (jsonLDSignatureChecked !== true) return | 23 | if (jsonLDSignatureChecked !== true) return |
| @@ -23,7 +25,13 @@ async function checkSignature (req: Request, res: Response, next: NextFunction) | |||
| 23 | 25 | ||
| 24 | return next() | 26 | return next() |
| 25 | } catch (err) { | 27 | } catch (err) { |
| 26 | logger.error('Error in ActivityPub signature checker.', err) | 28 | const activity: ActivityDelete = req.body |
| 29 | if (isActorDeleteActivityValid(activity) && activity.object === activity.actor) { | ||
| 30 | logger.debug('Handling signature error on actor delete activity', { err }) | ||
| 31 | return res.sendStatus(204) | ||
| 32 | } | ||
| 33 | |||
| 34 | logger.warn('Error in ActivityPub signature checker.', { err }) | ||
| 27 | return res.sendStatus(403) | 35 | return res.sendStatus(403) |
| 28 | } | 36 | } |
| 29 | } | 37 | } |