diff options
Diffstat (limited to 'server/middlewares/activitypub.ts')
-rw-r--r-- | server/middlewares/activitypub.ts | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts new file mode 100644 index 000000000..6cf8eea6f --- /dev/null +++ b/server/middlewares/activitypub.ts | |||
@@ -0,0 +1,57 @@ | |||
1 | import { Request, Response, NextFunction } from 'express' | ||
2 | |||
3 | import { database as db } from '../initializers' | ||
4 | import { | ||
5 | logger, | ||
6 | getAccountFromWebfinger, | ||
7 | isSignatureVerified | ||
8 | } from '../helpers' | ||
9 | import { ActivityPubSignature } from '../../shared' | ||
10 | |||
11 | async function checkSignature (req: Request, res: Response, next: NextFunction) { | ||
12 | const signatureObject: ActivityPubSignature = req.body.signature | ||
13 | |||
14 | logger.debug('Checking signature of account %s...', signatureObject.creator) | ||
15 | |||
16 | let account = await db.Account.loadByUrl(signatureObject.creator) | ||
17 | |||
18 | // We don't have this account in our database, fetch it on remote | ||
19 | if (!account) { | ||
20 | account = await getAccountFromWebfinger(signatureObject.creator) | ||
21 | |||
22 | if (!account) { | ||
23 | return res.sendStatus(403) | ||
24 | } | ||
25 | |||
26 | // Save our new account in database | ||
27 | await account.save() | ||
28 | } | ||
29 | |||
30 | const verified = await isSignatureVerified(account, req.body) | ||
31 | if (verified === false) return res.sendStatus(403) | ||
32 | |||
33 | res.locals.signature.account = account | ||
34 | |||
35 | return next() | ||
36 | } | ||
37 | |||
38 | function executeIfActivityPub (fun: any | any[]) { | ||
39 | return (req: Request, res: Response, next: NextFunction) => { | ||
40 | if (req.header('Accept') !== 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"') { | ||
41 | return next() | ||
42 | } | ||
43 | |||
44 | if (Array.isArray(fun) === true) { | ||
45 | fun[0](req, res, next) // FIXME: doesn't work | ||
46 | } | ||
47 | |||
48 | return fun(req, res, next) | ||
49 | } | ||
50 | } | ||
51 | |||
52 | // --------------------------------------------------------------------------- | ||
53 | |||
54 | export { | ||
55 | checkSignature, | ||
56 | executeIfActivityPub | ||
57 | } | ||