summaryrefslogtreecommitdiff
path: root/src/remote
diff options
context:
space:
mode:
Diffstat (limited to 'src/remote')
-rw-r--r--src/remote/activitypub/models/note.ts4
-rw-r--r--src/remote/activitypub/models/person.ts70
-rw-r--r--src/remote/activitypub/renderer/announce.ts1
-rw-r--r--src/remote/activitypub/renderer/create.ts21
-rw-r--r--src/remote/activitypub/renderer/delete.ts6
-rw-r--r--src/remote/activitypub/renderer/index.ts23
-rw-r--r--src/remote/activitypub/renderer/undo.ts6
-rw-r--r--src/remote/activitypub/request.ts5
-rw-r--r--src/remote/resolve-user.ts2
9 files changed, 100 insertions, 38 deletions
diff --git a/src/remote/activitypub/models/note.ts b/src/remote/activitypub/models/note.ts
index 02bce6fec7..1dfeebfdf7 100644
--- a/src/remote/activitypub/models/note.ts
+++ b/src/remote/activitypub/models/note.ts
@@ -131,5 +131,7 @@ export async function resolveNote(value: string | IObject, resolver?: Resolver):
//#endregion
// リモートサーバーからフェッチしてきて登録
- return await createNote(value, resolver);
+ // ここでuriの代わりに添付されてきたNote Objectが指定されていると、サーバーフェッチを経ずにノートが生成されるが
+ // 添付されてきたNote Objectは偽装されている可能性があるため、常にuriを指定してサーバーフェッチを行う。
+ return await createNote(uri, resolver);
}
diff --git a/src/remote/activitypub/models/person.ts b/src/remote/activitypub/models/person.ts
index 61bcf77c43..3bd4e16763 100644
--- a/src/remote/activitypub/models/person.ts
+++ b/src/remote/activitypub/models/person.ts
@@ -4,18 +4,25 @@ import * as debug from 'debug';
import config from '../../../config';
import User, { validateUsername, isValidName, IUser, IRemoteUser } from '../../../models/user';
-import webFinger from '../../webfinger';
import Resolver from '../resolver';
import { resolveImage } from './image';
-import { isCollectionOrOrderedCollection, IObject, IPerson } from '../type';
+import { isCollectionOrOrderedCollection, IPerson } from '../type';
import { IDriveFile } from '../../../models/drive-file';
import Meta from '../../../models/meta';
import htmlToMFM from '../../../mfm/html-to-mfm';
import { updateUserStats } from '../../../services/update-chart';
+import { URL } from 'url';
const log = debug('misskey:activitypub');
-function validatePerson(x: any) {
+/**
+ * Validate Person object
+ * @param x Fetched person object
+ * @param uri Fetch target URI
+ */
+function validatePerson(x: any, uri: string) {
+ const expectHost = toUnicode(new URL(uri).hostname.toLowerCase());
+
if (x == null) {
return new Error('invalid person: object is null');
}
@@ -40,6 +47,24 @@ function validatePerson(x: any) {
return new Error('invalid person: invalid name');
}
+ if (typeof x.id !== 'string') {
+ return new Error('invalid person: id is not a string');
+ }
+
+ const idHost = toUnicode(new URL(x.id).hostname.toLowerCase());
+ if (idHost !== expectHost) {
+ return new Error('invalid person: id has different host');
+ }
+
+ if (typeof x.publicKey.id !== 'string') {
+ return new Error('invalid person: publicKey.id is not a string');
+ }
+
+ const publicKeyIdHost = toUnicode(new URL(x.publicKey.id).hostname.toLowerCase());
+ if (publicKeyIdHost !== expectHost) {
+ return new Error('invalid person: publicKey.id has different host');
+ }
+
return null;
}
@@ -48,8 +73,8 @@ function validatePerson(x: any) {
*
* Misskeyに対象のPersonが登録されていればそれを返します。
*/
-export async function fetchPerson(value: string | IObject, resolver?: Resolver): Promise<IUser> {
- const uri = typeof value == 'string' ? value : value.id;
+export async function fetchPerson(uri: string, resolver?: Resolver): Promise<IUser> {
+ if (typeof uri !== 'string') throw 'uri is not string';
// URIがこのサーバーを指しているならデータベースからフェッチ
if (uri.startsWith(config.url + '/')) {
@@ -71,12 +96,14 @@ export async function fetchPerson(value: string | IObject, resolver?: Resolver):
/**
* Personを作成します。
*/
-export async function createPerson(value: any, resolver?: Resolver): Promise<IUser> {
+export async function createPerson(uri: string, resolver?: Resolver): Promise<IUser> {
+ if (typeof uri !== 'string') throw 'uri is not string';
+
if (resolver == null) resolver = new Resolver();
- const object = await resolver.resolve(value) as any;
+ const object = await resolver.resolve(uri) as any;
- const err = validatePerson(object);
+ const err = validatePerson(object, uri);
if (err) {
throw err;
@@ -86,7 +113,7 @@ export async function createPerson(value: any, resolver?: Resolver): Promise<IUs
log(`Creating the Person: ${person.id}`);
- const [followersCount = 0, followingCount = 0, notesCount = 0, finger] = await Promise.all([
+ const [followersCount = 0, followingCount = 0, notesCount = 0] = await Promise.all([
resolver.resolve(person.followers).then(
resolved => isCollectionOrOrderedCollection(resolved) ? resolved.totalItems : undefined,
() => undefined
@@ -98,11 +125,10 @@ export async function createPerson(value: any, resolver?: Resolver): Promise<IUs
resolver.resolve(person.outbox).then(
resolved => isCollectionOrOrderedCollection(resolved) ? resolved.totalItems : undefined,
() => undefined
- ),
- webFinger(person.id)
+ )
]);
- const host = toUnicode(finger.subject.replace(/^.*?@/, '')).toLowerCase();
+ const host = toUnicode(new URL(object.id).hostname.toLowerCase());
const isBot = object.type == 'Service';
@@ -166,8 +192,8 @@ export async function createPerson(value: any, resolver?: Resolver): Promise<IUs
const avatarId = avatar ? avatar._id : null;
const bannerId = banner ? banner._id : null;
- const avatarUrl = avatar && avatar.metadata.url ? avatar.metadata.url : null;
- const bannerUrl = banner && banner.metadata.url ? banner.metadata.url : null;
+ const avatarUrl = (avatar && avatar.metadata.thumbnailUrl) ? avatar.metadata.thumbnailUrl : (avatar && avatar.metadata.url) ? avatar.metadata.url : null;
+ const bannerUrl = (banner && banner.metadata.url) ? banner.metadata.url : null;
await User.update({ _id: user._id }, {
$set: {
@@ -192,8 +218,8 @@ export async function createPerson(value: any, resolver?: Resolver): Promise<IUs
*
* Misskeyに対象のPersonが登録されていなければ無視します。
*/
-export async function updatePerson(value: string | IObject, resolver?: Resolver): Promise<void> {
- const uri = typeof value == 'string' ? value : value.id;
+export async function updatePerson(uri: string, resolver?: Resolver): Promise<void> {
+ if (typeof uri !== 'string') throw 'uri is not string';
// URIがこのサーバーを指しているならスキップ
if (uri.startsWith(config.url + '/')) {
@@ -210,9 +236,9 @@ export async function updatePerson(value: string | IObject, resolver?: Resolver)
if (resolver == null) resolver = new Resolver();
- const object = await resolver.resolve(value) as any;
+ const object = await resolver.resolve(uri) as any;
- const err = validatePerson(object);
+ const err = validatePerson(object, uri);
if (err) {
throw err;
@@ -255,7 +281,7 @@ export async function updatePerson(value: string | IObject, resolver?: Resolver)
sharedInbox: person.sharedInbox,
avatarId: avatar ? avatar._id : null,
bannerId: banner ? banner._id : null,
- avatarUrl: avatar && avatar.metadata.url ? avatar.metadata.url : null,
+ avatarUrl: (avatar && avatar.metadata.thumbnailUrl) ? avatar.metadata.thumbnailUrl : (avatar && avatar.metadata.url) ? avatar.metadata.url : null,
bannerUrl: banner && banner.metadata.url ? banner.metadata.url : null,
description: htmlToMFM(person.summary),
followersCount,
@@ -275,8 +301,8 @@ export async function updatePerson(value: string | IObject, resolver?: Resolver)
* Misskeyに対象のPersonが登録されていればそれを返し、そうでなければ
* リモートサーバーからフェッチしてMisskeyに登録しそれを返します。
*/
-export async function resolvePerson(value: string | IObject, verifier?: string): Promise<IUser> {
- const uri = typeof value == 'string' ? value : value.id;
+export async function resolvePerson(uri: string, verifier?: string): Promise<IUser> {
+ if (typeof uri !== 'string') throw 'uri is not string';
//#region このサーバーに既に登録されていたらそれを返す
const exist = await fetchPerson(uri);
@@ -287,5 +313,5 @@ export async function resolvePerson(value: string | IObject, verifier?: string):
//#endregion
// リモートサーバーからフェッチしてきて登録
- return await createPerson(value);
+ return await createPerson(uri);
}
diff --git a/src/remote/activitypub/renderer/announce.ts b/src/remote/activitypub/renderer/announce.ts
index 6d5a67b5c3..f6276ade04 100644
--- a/src/remote/activitypub/renderer/announce.ts
+++ b/src/remote/activitypub/renderer/announce.ts
@@ -6,6 +6,7 @@ export default (object: any, note: INote) => {
return {
id: `${config.url}/notes/${note._id}`,
+ actor: `${config.url}/users/${note.userId}`,
type: 'Announce',
published: note.createdAt.toISOString(),
to: ['https://www.w3.org/ns/activitystreams#Public'],
diff --git a/src/remote/activitypub/renderer/create.ts b/src/remote/activitypub/renderer/create.ts
index b8bf98a655..1ee1418fce 100644
--- a/src/remote/activitypub/renderer/create.ts
+++ b/src/remote/activitypub/renderer/create.ts
@@ -1,4 +1,17 @@
-export default (object: any) => ({
- type: 'Create',
- object
-});
+import config from '../../../config';
+import { INote } from '../../../models/note';
+
+export default (object: any, note: INote) => {
+ const activity = {
+ id: `${config.url}/notes/${note._id}/activity`,
+ actor: `${config.url}/users/${note.userId}`,
+ type: 'Create',
+ published: note.createdAt.toISOString(),
+ object
+ } as any;
+
+ if (object.to) activity.to = object.to;
+ if (object.cc) activity.cc = object.cc;
+
+ return activity;
+};
diff --git a/src/remote/activitypub/renderer/delete.ts b/src/remote/activitypub/renderer/delete.ts
index f468a22e24..2a4e70e25e 100644
--- a/src/remote/activitypub/renderer/delete.ts
+++ b/src/remote/activitypub/renderer/delete.ts
@@ -1,4 +1,8 @@
-export default (object: any) => ({
+import config from '../../../config';
+import { ILocalUser } from "../../../models/user";
+
+export default (object: any, user: ILocalUser) => ({
type: 'Delete',
+ actor: `${config.url}/users/${user._id}`,
object
});
diff --git a/src/remote/activitypub/renderer/index.ts b/src/remote/activitypub/renderer/index.ts
index ee7f496162..55b2801cad 100644
--- a/src/remote/activitypub/renderer/index.ts
+++ b/src/remote/activitypub/renderer/index.ts
@@ -1,7 +1,16 @@
-export default (x: any) => Object.assign({
- '@context': [
- 'https://www.w3.org/ns/activitystreams',
- 'https://w3id.org/security/v1',
- { Hashtag: 'as:Hashtag' }
- ]
-}, x);
+import config from '../../../config';
+import * as uuid from 'uuid';
+
+export default (x: any) => {
+ if (x !== null && typeof x === 'object' && x.id == null) {
+ x.id = `${config.url}/${uuid.v4()}`;
+ }
+
+ return Object.assign({
+ '@context': [
+ 'https://www.w3.org/ns/activitystreams',
+ 'https://w3id.org/security/v1',
+ { Hashtag: 'as:Hashtag' }
+ ]
+ }, x);
+};
diff --git a/src/remote/activitypub/renderer/undo.ts b/src/remote/activitypub/renderer/undo.ts
index 4498409a57..bf90a3f281 100644
--- a/src/remote/activitypub/renderer/undo.ts
+++ b/src/remote/activitypub/renderer/undo.ts
@@ -1,4 +1,8 @@
-export default (object: any) => ({
+import config from '../../../config';
+import { ILocalUser, IUser } from "../../../models/user";
+
+export default (object: any, user: ILocalUser | IUser) => ({
type: 'Undo',
+ actor: `${config.url}/users/${user._id}`,
object
});
diff --git a/src/remote/activitypub/request.ts b/src/remote/activitypub/request.ts
index 585c1c0ce8..6238d3acb1 100644
--- a/src/remote/activitypub/request.ts
+++ b/src/remote/activitypub/request.ts
@@ -19,6 +19,9 @@ export default (user: ILocalUser, url: string, object: any) => new Promise((reso
port,
method: 'POST',
path: pathname + search,
+ headers: {
+ 'Content-Type': 'application/activity+json'
+ }
}, res => {
log(`${url} --> ${res.statusCode}`);
@@ -32,7 +35,7 @@ export default (user: ILocalUser, url: string, object: any) => new Promise((reso
sign(req, {
authorizationHeaderName: 'Signature',
key: user.keypair,
- keyId: `acct:${user.username}@${config.host}`
+ keyId: `${config.url}/users/${user._id}/publickey`
});
// Signature: Signature ... => Signature: ...
diff --git a/src/remote/resolve-user.ts b/src/remote/resolve-user.ts
index 1e8fc5d750..e199b6f147 100644
--- a/src/remote/resolve-user.ts
+++ b/src/remote/resolve-user.ts
@@ -15,7 +15,7 @@ export default async (username: string, _host: string, option?: any): Promise<IU
const host = toUnicode(hostAscii);
if (config.host == host) {
- return await User.findOne({ usernameLower });
+ return await User.findOne({ usernameLower, host: null });
}
let user = await User.findOne({ usernameLower, host }, option);
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-04-12 15:03:28 +0000