diff options
| author | Akihiko Odaki <nekomanma@pixiv.co.jp> | 2018-04-02 00:36:36 +0900 |
|---|---|---|
| committer | Akihiko Odaki <nekomanma@pixiv.co.jp> | 2018-04-02 00:36:36 +0900 |
| commit | 111e5d569c94bc8f182a7b944da1272943b1da33 (patch) | |
| tree | 1ffb965a327d59a38be86c49d405b85cbfde99b3 /src/server | |
| parent | Update README.md (diff) | |
| download | sharkey-111e5d569c94bc8f182a7b944da1272943b1da33.tar.gz sharkey-111e5d569c94bc8f182a7b944da1272943b1da33.tar.bz2 sharkey-111e5d569c94bc8f182a7b944da1272943b1da33.zip | |
Make inbox signature verification compatible with Mastodon
Diffstat (limited to 'src/server')
| -rw-r--r-- | src/server/activitypub/inbox.ts | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/src/server/activitypub/inbox.ts b/src/server/activitypub/inbox.ts index 9151297487..6d092e66bf 100644 --- a/src/server/activitypub/inbox.ts +++ b/src/server/activitypub/inbox.ts @@ -11,16 +11,32 @@ app.use(bodyParser.json()); app.post('/@:user/inbox', async (req, res) => { let parsed; + req.headers.authorization = 'Signature ' + req.headers.signature; + try { parsed = parseRequest(req); } catch (exception) { return res.sendStatus(401); } - const user = await User.findOne({ - host: { $ne: null }, - 'account.publicKey.id': parsed.keyId - }); + const keyIdLower = parsed.keyId.toLowerCase(); + let query; + + if (keyIdLower.startsWith('acct:')) { + const { username, host } = parseAcct(keyIdLower.slice('acct:'.length)); + if (host === null) { + return res.sendStatus(401); + } + + query = { usernameLower: username, hostLower: host }; + } else { + query = { + host: { $ne: null }, + 'account.publicKey.id': parsed.keyId + }; + } + + const user = await User.findOne(query); if (user === null) { return res.sendStatus(401); |