aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares')
-rw-r--r--server/middlewares/activitypub.ts32
-rw-r--r--server/middlewares/validators/account.ts10
-rw-r--r--server/middlewares/validators/activitypub/activity.ts7
-rw-r--r--server/middlewares/validators/index.ts1
-rw-r--r--server/middlewares/validators/webfinger.ts42
5 files changed, 67 insertions, 25 deletions
diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts
index 6cf8eea6f..bed2bfeab 100644
--- a/server/middlewares/activitypub.ts
+++ b/server/middlewares/activitypub.ts
@@ -1,12 +1,9 @@
1import { Request, Response, NextFunction } from 'express' 1import { NextFunction, Request, Response, RequestHandler } from 'express'
2
3import { database as db } from '../initializers'
4import {
5 logger,
6 getAccountFromWebfinger,
7 isSignatureVerified
8} from '../helpers'
9import { ActivityPubSignature } from '../../shared' 2import { ActivityPubSignature } from '../../shared'
3import { isSignatureVerified, logger } from '../helpers'
4import { fetchRemoteAccountAndCreatePod } from '../helpers/activitypub'
5import { database as db, ACTIVITY_PUB_ACCEPT_HEADER } from '../initializers'
6import { each, eachSeries, waterfall } from 'async'
10 7
11async function checkSignature (req: Request, res: Response, next: NextFunction) { 8async function checkSignature (req: Request, res: Response, next: NextFunction) {
12 const signatureObject: ActivityPubSignature = req.body.signature 9 const signatureObject: ActivityPubSignature = req.body.signature
@@ -17,35 +14,40 @@ async function checkSignature (req: Request, res: Response, next: NextFunction)
17 14
18 // We don't have this account in our database, fetch it on remote 15 // We don't have this account in our database, fetch it on remote
19 if (!account) { 16 if (!account) {
20 account = await getAccountFromWebfinger(signatureObject.creator) 17 const accountResult = await fetchRemoteAccountAndCreatePod(signatureObject.creator)
21 18
22 if (!account) { 19 if (!accountResult) {
23 return res.sendStatus(403) 20 return res.sendStatus(403)
24 } 21 }
25 22
26 // Save our new account in database 23 // Save our new account in database
24 account = accountResult.account
27 await account.save() 25 await account.save()
28 } 26 }
29 27
30 const verified = await isSignatureVerified(account, req.body) 28 const verified = await isSignatureVerified(account, req.body)
31 if (verified === false) return res.sendStatus(403) 29 if (verified === false) return res.sendStatus(403)
32 30
33 res.locals.signature.account = account 31 res.locals.signature = {
32 account
33 }
34 34
35 return next() 35 return next()
36} 36}
37 37
38function executeIfActivityPub (fun: any | any[]) { 38function executeIfActivityPub (fun: RequestHandler | RequestHandler[]) {
39 return (req: Request, res: Response, next: NextFunction) => { 39 return (req: Request, res: Response, next: NextFunction) => {
40 if (req.header('Accept') !== 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"') { 40 if (req.header('Accept') !== ACTIVITY_PUB_ACCEPT_HEADER) {
41 return next() 41 return next()
42 } 42 }
43 43
44 if (Array.isArray(fun) === true) { 44 if (Array.isArray(fun) === true) {
45 fun[0](req, res, next) // FIXME: doesn't work 45 return eachSeries(fun as RequestHandler[], (f, cb) => {
46 f(req, res, cb)
47 }, next)
46 } 48 }
47 49
48 return fun(req, res, next) 50 return (fun as RequestHandler)(req, res, next)
49 } 51 }
50} 52}
51 53
diff --git a/server/middlewares/validators/account.ts b/server/middlewares/validators/account.ts
index 3ccf2ea21..58eeed3cc 100644
--- a/server/middlewares/validators/account.ts
+++ b/server/middlewares/validators/account.ts
@@ -8,13 +8,13 @@ import {
8 isUserVideoQuotaValid, 8 isUserVideoQuotaValid,
9 logger 9 logger
10} from '../../helpers' 10} from '../../helpers'
11import { isAccountNameWithHostValid } from '../../helpers/custom-validators/video-accounts' 11import { isAccountNameValid } from '../../helpers/custom-validators/accounts'
12import { database as db } from '../../initializers/database' 12import { database as db } from '../../initializers/database'
13import { AccountInstance } from '../../models' 13import { AccountInstance } from '../../models'
14import { checkErrors } from './utils' 14import { checkErrors } from './utils'
15 15
16const localAccountValidator = [ 16const localAccountValidator = [
17 param('nameWithHost').custom(isAccountNameWithHostValid).withMessage('Should have a valid account with domain name (myuser@domain.tld)'), 17 param('name').custom(isAccountNameValid).withMessage('Should have a valid account name'),
18 18
19 (req: express.Request, res: express.Response, next: express.NextFunction) => { 19 (req: express.Request, res: express.Response, next: express.NextFunction) => {
20 logger.debug('Checking localAccountValidator parameters', { parameters: req.params }) 20 logger.debug('Checking localAccountValidator parameters', { parameters: req.params })
@@ -33,10 +33,8 @@ export {
33 33
34// --------------------------------------------------------------------------- 34// ---------------------------------------------------------------------------
35 35
36function checkLocalAccountExists (nameWithHost: string, res: express.Response, callback: (err: Error, account: AccountInstance) => void) { 36function checkLocalAccountExists (name: string, res: express.Response, callback: (err: Error, account: AccountInstance) => void) {
37 const [ name, host ] = nameWithHost.split('@') 37 db.Account.loadLocalByName(name)
38
39 db.Account.loadLocalAccountByNameAndPod(name, host)
40 .then(account => { 38 .then(account => {
41 if (!account) { 39 if (!account) {
42 return res.status(404) 40 return res.status(404)
diff --git a/server/middlewares/validators/activitypub/activity.ts b/server/middlewares/validators/activitypub/activity.ts
index 78a6d1444..0de8b2d85 100644
--- a/server/middlewares/validators/activitypub/activity.ts
+++ b/server/middlewares/validators/activitypub/activity.ts
@@ -1,11 +1,10 @@
1import { body } from 'express-validator/check'
2import * as express from 'express' 1import * as express from 'express'
3 2import { body } from 'express-validator/check'
4import { logger, isRootActivityValid } from '../../../helpers' 3import { isRootActivityValid, logger } from '../../../helpers'
5import { checkErrors } from '../utils' 4import { checkErrors } from '../utils'
6 5
7const activityPubValidator = [ 6const activityPubValidator = [
8 body('data').custom(isRootActivityValid), 7 body('').custom((value, { req }) => isRootActivityValid(req.body)),
9 8
10 (req: express.Request, res: express.Response, next: express.NextFunction) => { 9 (req: express.Request, res: express.Response, next: express.NextFunction) => {
11 logger.debug('Checking activity pub parameters', { parameters: req.body }) 10 logger.debug('Checking activity pub parameters', { parameters: req.body })
diff --git a/server/middlewares/validators/index.ts b/server/middlewares/validators/index.ts
index 46c00d679..92a4bad28 100644
--- a/server/middlewares/validators/index.ts
+++ b/server/middlewares/validators/index.ts
@@ -8,3 +8,4 @@ export * from './users'
8export * from './videos' 8export * from './videos'
9export * from './video-blacklist' 9export * from './video-blacklist'
10export * from './video-channels' 10export * from './video-channels'
11export * from './webfinger'
diff --git a/server/middlewares/validators/webfinger.ts b/server/middlewares/validators/webfinger.ts
new file mode 100644
index 000000000..068e03ad7
--- /dev/null
+++ b/server/middlewares/validators/webfinger.ts
@@ -0,0 +1,42 @@
1import { query } from 'express-validator/check'
2import * as express from 'express'
3
4import { checkErrors } from './utils'
5import { logger, isWebfingerResourceValid } from '../../helpers'
6import { database as db } from '../../initializers'
7
8const webfingerValidator = [
9 query('resource').custom(isWebfingerResourceValid).withMessage('Should have a valid webfinger resource'),
10
11 (req: express.Request, res: express.Response, next: express.NextFunction) => {
12 logger.debug('Checking webfinger parameters', { parameters: req.query })
13
14 checkErrors(req, res, () => {
15 // Remove 'acct:' from the beginning of the string
16 const nameWithHost = req.query.resource.substr(5)
17 const [ name, ] = nameWithHost.split('@')
18
19 db.Account.loadLocalByName(name)
20 .then(account => {
21 if (!account) {
22 return res.status(404)
23 .send({ error: 'Account not found' })
24 .end()
25 }
26
27 res.locals.account = account
28 return next()
29 })
30 .catch(err => {
31 logger.error('Error in webfinger validator.', err)
32 return res.sendStatus(500)
33 })
34 })
35 }
36]
37
38// ---------------------------------------------------------------------------
39
40export {
41 webfingerValidator
42}