diff options
Diffstat (limited to 'src/processor/http')
| -rw-r--r-- | src/processor/http/index.ts | 2 | ||||
| -rw-r--r-- | src/processor/http/perform-activitypub.ts | 2 | ||||
| -rw-r--r-- | src/processor/http/process-inbox.ts | 38 |
3 files changed, 41 insertions, 1 deletions
diff --git a/src/processor/http/index.ts b/src/processor/http/index.ts index a001cf11f7..b3161cb992 100644 --- a/src/processor/http/index.ts +++ b/src/processor/http/index.ts @@ -1,10 +1,12 @@ import follow from './follow'; import performActivityPub from './perform-activitypub'; +import processInbox from './process-inbox'; import reportGitHubFailure from './report-github-failure'; const handlers = { follow, performActivityPub, + processInbox, reportGitHubFailure, }; diff --git a/src/processor/http/perform-activitypub.ts b/src/processor/http/perform-activitypub.ts index d8981ea126..420ed9ec75 100644 --- a/src/processor/http/perform-activitypub.ts +++ b/src/processor/http/perform-activitypub.ts @@ -2,5 +2,5 @@ import User from '../../models/user'; import act from '../../remote/activitypub/act'; export default ({ data }, done) => User.findOne({ _id: data.actor }) - .then(actor => act(actor, data.outbox, data.distribute)) + .then(actor => act(actor, data.outbox, false)) .then(() => done(), done); diff --git a/src/processor/http/process-inbox.ts b/src/processor/http/process-inbox.ts new file mode 100644 index 0000000000..78c20f8a7e --- /dev/null +++ b/src/processor/http/process-inbox.ts @@ -0,0 +1,38 @@ +import { verifySignature } from 'http-signature'; +import parseAcct from '../../acct/parse'; +import User, { IRemoteUser } from '../../models/user'; +import act from '../../remote/activitypub/act'; +import resolvePerson from '../../remote/activitypub/resolve-person'; + +export default ({ data }, done) => (async () => { + const keyIdLower = data.signature.keyId.toLowerCase(); + let user; + + if (keyIdLower.startsWith('acct:')) { + const { username, host } = parseAcct(keyIdLower.slice('acct:'.length)); + if (host === null) { + throw 'request was made by local user'; + } + + user = await User.findOne({ usernameLower: username, hostLower: host }) as IRemoteUser; + } else { + user = await User.findOne({ + host: { $ne: null }, + 'account.publicKey.id': data.signature.keyId + }) as IRemoteUser; + + if (user === null) { + user = await resolvePerson(data.signature.keyId); + } + } + + if (user === null) { + throw 'failed to resolve user'; + } + + if (!verifySignature(data.signature, user.account.publicKey.publicKeyPem)) { + throw 'signature verification failed'; + } + + await act(user, data.inbox, true); +})().then(done, done); |