Home Explore Help
Register Sign In
RISCI_ATOM
/
mastodon
mirror of https://github.com/tootsuite/mastodon.git
1
0
Fork 0
Files Issues 8 Wiki
Tree: 24552b5160
Branches Tags
mastodon
/
app
/
services
/
activitypub
/
fetch_remote_account_service.rb

fetch_remote_account_service.rb 2.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 
  1. # frozen_string_literal: true
    2. 

  2. 

  3. class ActivityPub::FetchRemoteAccountService < BaseService
    4. 

  4.   include JsonLdHelper
    5. 

  5.   include DomainControlHelper
    6. 

  6. 

  7.   SUPPORTED_TYPES = %w(Application Group Organization Person Service).freeze
    8. 

  8. 

  9.   # Does a WebFinger roundtrip on each call, unless `only_key` is true
    10. 

  10.   def call(uri, id: true, prefetched_body: nil, break_on_redirect: false, only_key: false)
    11. 

  11.     return if domain_not_allowed?(uri)
    12. 

  12.     return ActivityPub::TagManager.instance.uri_to_resource(uri, Account) if ActivityPub::TagManager.instance.local_uri?(uri)
    13. 

  13. 

  14.     @json = begin
    15. 

  15.       if prefetched_body.nil?
    16. 

  16.         fetch_resource(uri, id)
    17. 

  17.       else
    18. 

  18.         body_to_json(prefetched_body, compare_id: id ? uri : nil)
    19. 

  19.       end
    20. 

  20.     end
    21. 

  21. 

  22.     return if !supported_context? || !expected_type? || (break_on_redirect && @json['movedTo'].present?)
    23. 

  23. 

  24.     @uri      = @json['id']
    25. 

  25.     @username = @json['preferredUsername']
    26. 

  26.     @domain   = Addressable::URI.parse(@uri).normalized_host
    27. 

  27. 

  28.     return unless only_key || verified_webfinger?
    29. 

  29. 

  30.     ActivityPub::ProcessAccountService.new.call(@username, @domain, @json, only_key: only_key)
    31. 

  31.   rescue Oj::ParseError
    32. 

  32.     nil
    33. 

  33.   end
    34. 

  34. 

  35.   private
    36. 

  36. 

  37.   def verified_webfinger?
    38. 

  38.     webfinger                            = Goldfinger.finger("acct:#{@username}@#{@domain}")
    39. 

  39.     confirmed_username, confirmed_domain = split_acct(webfinger.subject)
    40. 

  40. 

  41.     return webfinger.link('self')&.href == @uri if @username.casecmp(confirmed_username).zero? && @domain.casecmp(confirmed_domain).zero?
    42. 

  42. 

  43.     webfinger                            = Goldfinger.finger("acct:#{confirmed_username}@#{confirmed_domain}")
    44. 

  44.     @username, @domain                   = split_acct(webfinger.subject)
    45. 

  45.     self_reference                       = webfinger.link('self')
    46. 

  46. 

  47.     return false unless @username.casecmp(confirmed_username).zero? && @domain.casecmp(confirmed_domain).zero?
    48. 

  48.     return false if self_reference&.href != @uri
    49. 

  49. 

  50.     true
    51. 

  51.   rescue Goldfinger::Error
    52. 

  52.     false
    53. 

  53.   end
    54. 

  54. 

  55.   def split_acct(acct)
    56. 

  56.     acct.gsub(/\Aacct:/, '').split('@')
    57. 

  57.   end
    58. 

  58. 

  59.   def supported_context?
    60. 

  60.     super(@json)
    61. 

  61.   end
    62. 

  62. 

  63.   def expected_type?
    64. 

  64.     equals_or_includes_any?(@json['type'], SUPPORTED_TYPES)
    65. 

  65.   end
    66. 

  66. end
    67.