From 4fb7ee760aacdd2d52e8c43b3156fc0ef6deb11e Mon Sep 17 00:00:00 2001 From: rinsuki <428rinsuki+git@gmail.com> Date: Thu, 23 Aug 2018 11:58:44 +0900 Subject: https://misskey.xyz/notes/5b7e20bd248403003019b860 の修正 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/remote/resolve-user.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/remote') diff --git a/src/remote/resolve-user.ts b/src/remote/resolve-user.ts index 1e8fc5d750..e199b6f147 100644 --- a/src/remote/resolve-user.ts +++ b/src/remote/resolve-user.ts @@ -15,7 +15,7 @@ export default async (username: string, _host: string, option?: any): Promise Date: Sat, 25 Aug 2018 06:50:35 +0900 Subject: ActivityPub resolve で 添付のNoteを使用しないように MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/remote/activitypub/models/note.ts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src/remote') diff --git a/src/remote/activitypub/models/note.ts b/src/remote/activitypub/models/note.ts index 02bce6fec7..1dfeebfdf7 100644 --- a/src/remote/activitypub/models/note.ts +++ b/src/remote/activitypub/models/note.ts @@ -131,5 +131,7 @@ export async function resolveNote(value: string | IObject, resolver?: Resolver): //#endregion // リモートサーバーからフェッチしてきて登録 - return await createNote(value, resolver); + // ここでuriの代わりに添付されてきたNote Objectが指定されていると、サーバーフェッチを経ずにノートが生成されるが + // 添付されてきたNote Objectは偽装されている可能性があるため、常にuriを指定してサーバーフェッチを行う。 + return await createNote(uri, resolver); } -- cgit v1.2.3-freya From 1f53d1a149e2f2f3ac37fc332c62dc8f012beb52 Mon Sep 17 00:00:00 2001 From: mei23 Date: Sat, 25 Aug 2018 12:32:31 +0900 Subject: Send Content-Type in ActivityPub request --- src/remote/activitypub/request.ts | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/remote') diff --git a/src/remote/activitypub/request.ts b/src/remote/activitypub/request.ts index 585c1c0ce8..cebce8c48a 100644 --- a/src/remote/activitypub/request.ts +++ b/src/remote/activitypub/request.ts @@ -19,6 +19,9 @@ export default (user: ILocalUser, url: string, object: any) => new Promise((reso port, method: 'POST', path: pathname + search, + headers: { + 'Content-Type': 'application/activity+json' + } }, res => { log(`${url} --> ${res.statusCode}`); -- cgit v1.2.3-freya From edb61e52c5f3619d818c280b0e852368d2fbc09a Mon Sep 17 00:00:00 2001 From: mei23 Date: Sat, 25 Aug 2018 12:46:06 +0900 Subject: Use resolvable ActivityPub keyId --- src/remote/activitypub/request.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/remote') diff --git a/src/remote/activitypub/request.ts b/src/remote/activitypub/request.ts index cebce8c48a..6238d3acb1 100644 --- a/src/remote/activitypub/request.ts +++ b/src/remote/activitypub/request.ts @@ -35,7 +35,7 @@ export default (user: ILocalUser, url: string, object: any) => new Promise((reso sign(req, { authorizationHeaderName: 'Signature', key: user.keypair, - keyId: `acct:${user.username}@${config.host}` + keyId: `${config.url}/users/${user._id}/publickey` }); // Signature: Signature ... => Signature: ... -- cgit v1.2.3-freya From 92828028db28c92d7d36324d445a69d62351df48 Mon Sep 17 00:00:00 2001 From: mei23 Date: Sat, 25 Aug 2018 13:11:54 +0900 Subject: Add Activity id if missing --- src/remote/activitypub/renderer/index.ts | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) (limited to 'src/remote') diff --git a/src/remote/activitypub/renderer/index.ts b/src/remote/activitypub/renderer/index.ts index ee7f496162..55b2801cad 100644 --- a/src/remote/activitypub/renderer/index.ts +++ b/src/remote/activitypub/renderer/index.ts @@ -1,7 +1,16 @@ -export default (x: any) => Object.assign({ - '@context': [ - 'https://www.w3.org/ns/activitystreams', - 'https://w3id.org/security/v1', - { Hashtag: 'as:Hashtag' } - ] -}, x); +import config from '../../../config'; +import * as uuid from 'uuid'; + +export default (x: any) => { + if (x !== null && typeof x === 'object' && x.id == null) { + x.id = `${config.url}/${uuid.v4()}`; + } + + return Object.assign({ + '@context': [ + 'https://www.w3.org/ns/activitystreams', + 'https://w3id.org/security/v1', + { Hashtag: 'as:Hashtag' } + ] + }, x); +}; -- cgit v1.2.3-freya From ffcb2f755c2d20e62272212905c7d2ca795e4c3d Mon Sep 17 00:00:00 2001 From: mei23 Date: Sat, 25 Aug 2018 14:12:44 +0900 Subject: Send actor in CreateNote, Announce --- src/remote/activitypub/renderer/announce.ts | 1 + src/remote/activitypub/renderer/create.ts | 16 ++++++++++++---- src/services/note/create.ts | 2 +- 3 files changed, 14 insertions(+), 5 deletions(-) (limited to 'src/remote') diff --git a/src/remote/activitypub/renderer/announce.ts b/src/remote/activitypub/renderer/announce.ts index 6d5a67b5c3..f6276ade04 100644 --- a/src/remote/activitypub/renderer/announce.ts +++ b/src/remote/activitypub/renderer/announce.ts @@ -6,6 +6,7 @@ export default (object: any, note: INote) => { return { id: `${config.url}/notes/${note._id}`, + actor: `${config.url}/users/${note.userId}`, type: 'Announce', published: note.createdAt.toISOString(), to: ['https://www.w3.org/ns/activitystreams#Public'], diff --git a/src/remote/activitypub/renderer/create.ts b/src/remote/activitypub/renderer/create.ts index b8bf98a655..42b36195ff 100644 --- a/src/remote/activitypub/renderer/create.ts +++ b/src/remote/activitypub/renderer/create.ts @@ -1,4 +1,12 @@ -export default (object: any) => ({ - type: 'Create', - object -}); +import config from '../../../config'; +import { INote } from '../../../models/note'; + +export default (object: any, note: INote) => { + return { + id: `${config.url}/notes/${note._id}/activity`, + actor: `${config.url}/users/${note.userId}`, + type: 'Create', + published: note.createdAt.toISOString(), + object + }; +}; diff --git a/src/services/note/create.ts b/src/services/note/create.ts index 268bfa5bbe..63e3557828 100644 --- a/src/services/note/create.ts +++ b/src/services/note/create.ts @@ -240,7 +240,7 @@ export default async (user: IUser, data: Option, silent = false) => new Promise< async function renderActivity(data: Option, note: INote) { const content = data.renote && data.text == null ? renderAnnounce(data.renote.uri ? data.renote.uri : `${config.url}/notes/${data.renote._id}`, note) - : renderCreate(await renderNote(note, false)); + : renderCreate(await renderNote(note, false), note); return packAp(content); } -- cgit v1.2.3-freya From 68a7661f08b851999bb0c7deff1d7553af904fb4 Mon Sep 17 00:00:00 2001 From: mei23 Date: Sat, 25 Aug 2018 14:23:51 +0900 Subject: Create Note activity にも toとcc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/remote/activitypub/renderer/create.ts | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'src/remote') diff --git a/src/remote/activitypub/renderer/create.ts b/src/remote/activitypub/renderer/create.ts index 42b36195ff..1ee1418fce 100644 --- a/src/remote/activitypub/renderer/create.ts +++ b/src/remote/activitypub/renderer/create.ts @@ -2,11 +2,16 @@ import config from '../../../config'; import { INote } from '../../../models/note'; export default (object: any, note: INote) => { - return { + const activity = { id: `${config.url}/notes/${note._id}/activity`, actor: `${config.url}/users/${note.userId}`, type: 'Create', published: note.createdAt.toISOString(), object - }; + } as any; + + if (object.to) activity.to = object.to; + if (object.cc) activity.cc = object.cc; + + return activity; }; -- cgit v1.2.3-freya From a39aaf6eb1fb4da308f6a187aec42fce035574af Mon Sep 17 00:00:00 2001 From: mei23 Date: Sat, 25 Aug 2018 14:46:47 +0900 Subject: Send actor in Undo Follow --- src/remote/activitypub/renderer/undo.ts | 6 +++++- src/services/following/delete.ts | 2 +- src/services/following/requests/cancel.ts | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) (limited to 'src/remote') diff --git a/src/remote/activitypub/renderer/undo.ts b/src/remote/activitypub/renderer/undo.ts index 4498409a57..bf90a3f281 100644 --- a/src/remote/activitypub/renderer/undo.ts +++ b/src/remote/activitypub/renderer/undo.ts @@ -1,4 +1,8 @@ -export default (object: any) => ({ +import config from '../../../config'; +import { ILocalUser, IUser } from "../../../models/user"; + +export default (object: any, user: ILocalUser | IUser) => ({ type: 'Undo', + actor: `${config.url}/users/${user._id}`, object }); diff --git a/src/services/following/delete.ts b/src/services/following/delete.ts index 8a9f739bd4..7c285e9eac 100644 --- a/src/services/following/delete.ts +++ b/src/services/following/delete.ts @@ -56,7 +56,7 @@ export default async function(follower: IUser, followee: IUser) { } if (isLocalUser(follower) && isRemoteUser(followee)) { - const content = pack(renderUndo(renderFollow(follower, followee))); + const content = pack(renderUndo(renderFollow(follower, followee), follower)); deliver(follower, content, followee.inbox); } } diff --git a/src/services/following/requests/cancel.ts b/src/services/following/requests/cancel.ts index 26e4544d5c..9655a95f04 100644 --- a/src/services/following/requests/cancel.ts +++ b/src/services/following/requests/cancel.ts @@ -8,7 +8,7 @@ import { publishUserStream } from '../../../stream'; export default async function(followee: IUser, follower: IUser) { if (isRemoteUser(followee)) { - const content = pack(renderUndo(renderFollow(follower, followee))); + const content = pack(renderUndo(renderFollow(follower, followee), follower)); deliver(follower as ILocalUser, content, followee.inbox); } -- cgit v1.2.3-freya From ac474f388439ec09cd4429e4ebba9b89365a2b79 Mon Sep 17 00:00:00 2001 From: mei23 Date: Sat, 25 Aug 2018 14:52:35 +0900 Subject: Send actor in Delete --- src/remote/activitypub/renderer/delete.ts | 6 +++++- src/services/note/delete.ts | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'src/remote') diff --git a/src/remote/activitypub/renderer/delete.ts b/src/remote/activitypub/renderer/delete.ts index f468a22e24..2a4e70e25e 100644 --- a/src/remote/activitypub/renderer/delete.ts +++ b/src/remote/activitypub/renderer/delete.ts @@ -1,4 +1,8 @@ -export default (object: any) => ({ +import config from '../../../config'; +import { ILocalUser } from "../../../models/user"; + +export default (object: any, user: ILocalUser) => ({ type: 'Delete', + actor: `${config.url}/users/${user._id}`, object }); diff --git a/src/services/note/delete.ts b/src/services/note/delete.ts index d444b13a8b..d0e2b12b41 100644 --- a/src/services/note/delete.ts +++ b/src/services/note/delete.ts @@ -32,7 +32,7 @@ export default async function(user: IUser, note: INote) { //#region ローカルの投稿なら削除アクティビティを配送 if (isLocalUser(user)) { - const content = pack(renderDelete(await renderNote(note))); + const content = pack(renderDelete(await renderNote(note), user)); const followings = await Following.find({ followeeId: user._id, -- cgit v1.2.3-freya From 08754609747266b0c24037860b44e11c662ea885 Mon Sep 17 00:00:00 2001 From: syuilo Date: Sat, 25 Aug 2018 19:44:47 +0900 Subject: ユーザーのアイコンにサムネイルを使うように MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2365 --- src/remote/activitypub/models/person.ts | 6 +++--- src/server/api/endpoints/i/update.ts | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'src/remote') diff --git a/src/remote/activitypub/models/person.ts b/src/remote/activitypub/models/person.ts index 61bcf77c43..4a7b505a9f 100644 --- a/src/remote/activitypub/models/person.ts +++ b/src/remote/activitypub/models/person.ts @@ -166,8 +166,8 @@ export async function createPerson(value: any, resolver?: Resolver): Promise new Promise(a if (avatar == null) return rej('avatar not found'); - updates.avatarUrl = avatar.metadata.url || `${config.drive_url}/${avatar._id}`; + updates.avatarUrl = avatar.metadata.thumbnailUrl || avatar.metadata.url || `${config.drive_url}/${avatar._id}`; if (avatar.metadata.properties.avgColor) { updates.avatarColor = avatar.metadata.properties.avgColor; -- cgit v1.2.3-freya From 6e3bf26cad3d9e4e7ff17b30f5ce5b6459d1196e Mon Sep 17 00:00:00 2001 From: mei23 Date: Wed, 29 Aug 2018 16:10:03 +0900 Subject: Validate host on Person --- src/remote/activitypub/models/person.ts | 64 +++++++++++++++++++++++---------- 1 file changed, 45 insertions(+), 19 deletions(-) (limited to 'src/remote') diff --git a/src/remote/activitypub/models/person.ts b/src/remote/activitypub/models/person.ts index 4a7b505a9f..3bd4e16763 100644 --- a/src/remote/activitypub/models/person.ts +++ b/src/remote/activitypub/models/person.ts @@ -4,18 +4,25 @@ import * as debug from 'debug'; import config from '../../../config'; import User, { validateUsername, isValidName, IUser, IRemoteUser } from '../../../models/user'; -import webFinger from '../../webfinger'; import Resolver from '../resolver'; import { resolveImage } from './image'; -import { isCollectionOrOrderedCollection, IObject, IPerson } from '../type'; +import { isCollectionOrOrderedCollection, IPerson } from '../type'; import { IDriveFile } from '../../../models/drive-file'; import Meta from '../../../models/meta'; import htmlToMFM from '../../../mfm/html-to-mfm'; import { updateUserStats } from '../../../services/update-chart'; +import { URL } from 'url'; const log = debug('misskey:activitypub'); -function validatePerson(x: any) { +/** + * Validate Person object + * @param x Fetched person object + * @param uri Fetch target URI + */ +function validatePerson(x: any, uri: string) { + const expectHost = toUnicode(new URL(uri).hostname.toLowerCase()); + if (x == null) { return new Error('invalid person: object is null'); } @@ -40,6 +47,24 @@ function validatePerson(x: any) { return new Error('invalid person: invalid name'); } + if (typeof x.id !== 'string') { + return new Error('invalid person: id is not a string'); + } + + const idHost = toUnicode(new URL(x.id).hostname.toLowerCase()); + if (idHost !== expectHost) { + return new Error('invalid person: id has different host'); + } + + if (typeof x.publicKey.id !== 'string') { + return new Error('invalid person: publicKey.id is not a string'); + } + + const publicKeyIdHost = toUnicode(new URL(x.publicKey.id).hostname.toLowerCase()); + if (publicKeyIdHost !== expectHost) { + return new Error('invalid person: publicKey.id has different host'); + } + return null; } @@ -48,8 +73,8 @@ function validatePerson(x: any) { * * Misskeyに対象のPersonが登録されていればそれを返します。 */ -export async function fetchPerson(value: string | IObject, resolver?: Resolver): Promise { - const uri = typeof value == 'string' ? value : value.id; +export async function fetchPerson(uri: string, resolver?: Resolver): Promise { + if (typeof uri !== 'string') throw 'uri is not string'; // URIがこのサーバーを指しているならデータベースからフェッチ if (uri.startsWith(config.url + '/')) { @@ -71,12 +96,14 @@ export async function fetchPerson(value: string | IObject, resolver?: Resolver): /** * Personを作成します。 */ -export async function createPerson(value: any, resolver?: Resolver): Promise { +export async function createPerson(uri: string, resolver?: Resolver): Promise { + if (typeof uri !== 'string') throw 'uri is not string'; + if (resolver == null) resolver = new Resolver(); - const object = await resolver.resolve(value) as any; + const object = await resolver.resolve(uri) as any; - const err = validatePerson(object); + const err = validatePerson(object, uri); if (err) { throw err; @@ -86,7 +113,7 @@ export async function createPerson(value: any, resolver?: Resolver): Promise isCollectionOrOrderedCollection(resolved) ? resolved.totalItems : undefined, () => undefined @@ -98,11 +125,10 @@ export async function createPerson(value: any, resolver?: Resolver): Promise isCollectionOrOrderedCollection(resolved) ? resolved.totalItems : undefined, () => undefined - ), - webFinger(person.id) + ) ]); - const host = toUnicode(finger.subject.replace(/^.*?@/, '')).toLowerCase(); + const host = toUnicode(new URL(object.id).hostname.toLowerCase()); const isBot = object.type == 'Service'; @@ -192,8 +218,8 @@ export async function createPerson(value: any, resolver?: Resolver): Promise { - const uri = typeof value == 'string' ? value : value.id; +export async function updatePerson(uri: string, resolver?: Resolver): Promise { + if (typeof uri !== 'string') throw 'uri is not string'; // URIがこのサーバーを指しているならスキップ if (uri.startsWith(config.url + '/')) { @@ -210,9 +236,9 @@ export async function updatePerson(value: string | IObject, resolver?: Resolver) if (resolver == null) resolver = new Resolver(); - const object = await resolver.resolve(value) as any; + const object = await resolver.resolve(uri) as any; - const err = validatePerson(object); + const err = validatePerson(object, uri); if (err) { throw err; @@ -275,8 +301,8 @@ export async function updatePerson(value: string | IObject, resolver?: Resolver) * Misskeyに対象のPersonが登録されていればそれを返し、そうでなければ * リモートサーバーからフェッチしてMisskeyに登録しそれを返します。 */ -export async function resolvePerson(value: string | IObject, verifier?: string): Promise { - const uri = typeof value == 'string' ? value : value.id; +export async function resolvePerson(uri: string, verifier?: string): Promise { + if (typeof uri !== 'string') throw 'uri is not string'; //#region このサーバーに既に登録されていたらそれを返す const exist = await fetchPerson(uri); @@ -287,5 +313,5 @@ export async function resolvePerson(value: string | IObject, verifier?: string): //#endregion // リモートサーバーからフェッチしてきて登録 - return await createPerson(value); + return await createPerson(uri); } -- cgit v1.2.3-freya