summaryrefslogtreecommitdiff
path: root/packages/backend/src
diff options
context:
space:
mode:
authorsyuilo <Syuilotan@yahoo.co.jp>2023-02-24 18:18:53 +0900
committersyuilo <Syuilotan@yahoo.co.jp>2023-02-24 18:18:53 +0900
commitc4429ca65e21cd33f67f634f49fb8160859fdfa1 (patch)
tree0c07c146d65eee6f9ec2a5898a35bc99af245cff /packages/backend/src
parentUpdate apple-touch-icon.png (diff)
parentUpdate codecov.yml (diff)
downloadmisskey-c4429ca65e21cd33f67f634f49fb8160859fdfa1.tar.gz
misskey-c4429ca65e21cd33f67f634f49fb8160859fdfa1.tar.bz2
misskey-c4429ca65e21cd33f67f634f49fb8160859fdfa1.zip
Merge branch 'develop' of https://github.com/misskey-dev/misskey into develop
Diffstat (limited to 'packages/backend/src')
-rw-r--r--packages/backend/src/core/activitypub/ApRequestService.ts72
-rw-r--r--packages/backend/src/server/api/endpoints/notes/create.ts10
2 files changed, 44 insertions, 38 deletions
diff --git a/packages/backend/src/core/activitypub/ApRequestService.ts b/packages/backend/src/core/activitypub/ApRequestService.ts
index bfd53dfabf..71fbc29476 100644
--- a/packages/backend/src/core/activitypub/ApRequestService.ts
+++ b/packages/backend/src/core/activitypub/ApRequestService.ts
@@ -28,31 +28,15 @@ type PrivateKey = {
keyId: string;
};
-@Injectable()
-export class ApRequestService {
- private logger: Logger;
-
- constructor(
- @Inject(DI.config)
- private config: Config,
-
- private userKeypairStoreService: UserKeypairStoreService,
- private httpRequestService: HttpRequestService,
- private loggerService: LoggerService,
- ) {
- // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition
- this.logger = this.loggerService?.getLogger('ap-request'); // なぜか TypeError: Cannot read properties of undefined (reading 'getLogger') と言われる
- }
-
- @bindThis
- private createSignedPost(args: { key: PrivateKey, url: string, body: string, additionalHeaders: Record<string, string> }): Signed {
+export class ApRequestCreator {
+ static createSignedPost(args: { key: PrivateKey, url: string, body: string, additionalHeaders: Record<string, string> }): Signed {
const u = new URL(args.url);
const digestHeader = `SHA-256=${crypto.createHash('sha256').update(args.body).digest('base64')}`;
const request: Request = {
url: u.href,
method: 'POST',
- headers: this.objectAssignWithLcKey({
+ headers: this.#objectAssignWithLcKey({
'Date': new Date().toUTCString(),
'Host': u.host,
'Content-Type': 'application/activity+json',
@@ -60,7 +44,7 @@ export class ApRequestService {
}, args.additionalHeaders),
};
- const result = this.signToRequest(request, args.key, ['(request-target)', 'date', 'host', 'digest']);
+ const result = this.#signToRequest(request, args.key, ['(request-target)', 'date', 'host', 'digest']);
return {
request,
@@ -70,21 +54,20 @@ export class ApRequestService {
};
}
- @bindThis
- private createSignedGet(args: { key: PrivateKey, url: string, additionalHeaders: Record<string, string> }): Signed {
+ static createSignedGet(args: { key: PrivateKey, url: string, additionalHeaders: Record<string, string> }): Signed {
const u = new URL(args.url);
const request: Request = {
url: u.href,
method: 'GET',
- headers: this.objectAssignWithLcKey({
+ headers: this.#objectAssignWithLcKey({
'Accept': 'application/activity+json, application/ld+json',
'Date': new Date().toUTCString(),
'Host': new URL(args.url).host,
}, args.additionalHeaders),
};
- const result = this.signToRequest(request, args.key, ['(request-target)', 'date', 'host', 'accept']);
+ const result = this.#signToRequest(request, args.key, ['(request-target)', 'date', 'host', 'accept']);
return {
request,
@@ -94,13 +77,12 @@ export class ApRequestService {
};
}
- @bindThis
- private signToRequest(request: Request, key: PrivateKey, includeHeaders: string[]): Signed {
- const signingString = this.genSigningString(request, includeHeaders);
+ static #signToRequest(request: Request, key: PrivateKey, includeHeaders: string[]): Signed {
+ const signingString = this.#genSigningString(request, includeHeaders);
const signature = crypto.sign('sha256', Buffer.from(signingString), key.privateKeyPem).toString('base64');
const signatureHeader = `keyId="${key.keyId}",algorithm="rsa-sha256",headers="${includeHeaders.join(' ')}",signature="${signature}"`;
- request.headers = this.objectAssignWithLcKey(request.headers, {
+ request.headers = this.#objectAssignWithLcKey(request.headers, {
Signature: signatureHeader,
});
// node-fetch will generate this for us. if we keep 'Host', it won't change with redirects!
@@ -114,9 +96,8 @@ export class ApRequestService {
};
}
- @bindThis
- private genSigningString(request: Request, includeHeaders: string[]): string {
- request.headers = this.lcObjectKey(request.headers);
+ static #genSigningString(request: Request, includeHeaders: string[]): string {
+ request.headers = this.#lcObjectKey(request.headers);
const results: string[] = [];
@@ -131,16 +112,31 @@ export class ApRequestService {
return results.join('\n');
}
- @bindThis
- private lcObjectKey(src: Record<string, string>): Record<string, string> {
+ static #lcObjectKey(src: Record<string, string>): Record<string, string> {
const dst: Record<string, string> = {};
for (const key of Object.keys(src).filter(x => x !== '__proto__' && typeof src[x] === 'string')) dst[key.toLowerCase()] = src[key];
return dst;
}
- @bindThis
- private objectAssignWithLcKey(a: Record<string, string>, b: Record<string, string>): Record<string, string> {
- return Object.assign(this.lcObjectKey(a), this.lcObjectKey(b));
+ static #objectAssignWithLcKey(a: Record<string, string>, b: Record<string, string>): Record<string, string> {
+ return Object.assign(this.#lcObjectKey(a), this.#lcObjectKey(b));
+ }
+}
+
+@Injectable()
+export class ApRequestService {
+ private logger: Logger;
+
+ constructor(
+ @Inject(DI.config)
+ private config: Config,
+
+ private userKeypairStoreService: UserKeypairStoreService,
+ private httpRequestService: HttpRequestService,
+ private loggerService: LoggerService,
+ ) {
+ // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition
+ this.logger = this.loggerService?.getLogger('ap-request'); // なぜか TypeError: Cannot read properties of undefined (reading 'getLogger') と言われる
}
@bindThis
@@ -149,7 +145,7 @@ export class ApRequestService {
const keypair = await this.userKeypairStoreService.getUserKeypair(user.id);
- const req = this.createSignedPost({
+ const req = ApRequestCreator.createSignedPost({
key: {
privateKeyPem: keypair.privateKey,
keyId: `${this.config.url}/users/${user.id}#main-key`,
@@ -176,7 +172,7 @@ export class ApRequestService {
public async signedGet(url: string, user: { id: User['id'] }) {
const keypair = await this.userKeypairStoreService.getUserKeypair(user.id);
- const req = this.createSignedGet({
+ const req = ApRequestCreator.createSignedGet({
key: {
privateKeyPem: keypair.privateKey,
keyId: `${this.config.url}/users/${user.id}#main-key`,
diff --git a/packages/backend/src/server/api/endpoints/notes/create.ts b/packages/backend/src/server/api/endpoints/notes/create.ts
index 593444968e..f4c5a84a4f 100644
--- a/packages/backend/src/server/api/endpoints/notes/create.ts
+++ b/packages/backend/src/server/api/endpoints/notes/create.ts
@@ -79,6 +79,12 @@ export const meta = {
code: 'YOU_HAVE_BEEN_BLOCKED',
id: 'b390d7e1-8a5e-46ed-b625-06271cafd3d3',
},
+
+ noSuchFile: {
+ message: 'Some files are not found.',
+ code: 'NO_SUCH_FILE',
+ id: 'b6992544-63e7-67f0-fa7f-32444b1b5306',
+ },
},
} as const;
@@ -207,6 +213,10 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
.orderBy('array_position(ARRAY[:...fileIds], "id"::text)')
.setParameters({ fileIds })
.getMany();
+
+ if (files.length !== fileIds.length) {
+ throw new ApiError(meta.errors.noSuchFile);
+ }
}
let renote: Note | null = null;
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-27 01:31:22 +0000