X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=server%2Fmiddlewares%2Factivitypub.ts;h=12d5c22c54acb15965538cd99bb9573d27e632d5;hb=019e47507212072a7b91fb18dd31b4170d9cb40c;hp=489396447cbaa9a52fabdb8198291a35437b9d1c;hpb=3fd3ab2d34d512b160a5e6084d7609be7b4f4452;p=oweals%2Fpeertube.git diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts index 489396447..12d5c22c5 100644 --- a/server/middlewares/activitypub.ts +++ b/server/middlewares/activitypub.ts @@ -1,35 +1,32 @@ import { eachSeries } from 'async' import { NextFunction, Request, RequestHandler, Response } from 'express' import { ActivityPubSignature } from '../../shared' -import { isSignatureVerified, logger } from '../helpers' +import { logger } from '../helpers/logger' +import { isSignatureVerified } from '../helpers/peertube-crypto' import { ACCEPT_HEADERS, ACTIVITY_PUB } from '../initializers' -import { fetchRemoteAccount, saveAccountAndServerIfNotExist } from '../lib/activitypub' -import { AccountModel } from '../models/account/account' +import { getOrCreateActorAndServerAndModel } from '../lib/activitypub' +import { ActorModel } from '../models/activitypub/actor' async function checkSignature (req: Request, res: Response, next: NextFunction) { const signatureObject: ActivityPubSignature = req.body.signature - logger.debug('Checking signature of account %s...', signatureObject.creator) + const [ creator ] = signatureObject.creator.split('#') - let account = await AccountModel.loadByUrl(signatureObject.creator) + logger.debug('Checking signature of actor %s...', creator) - // We don't have this account in our database, fetch it on remote - if (!account) { - account = await fetchRemoteAccount(signatureObject.creator) - - if (!account) { - return res.sendStatus(403) - } - - // Save our new account and its server in database - await saveAccountAndServerIfNotExist(account) + let actor: ActorModel + try { + actor = await getOrCreateActorAndServerAndModel(creator) + } catch (err) { + logger.error('Cannot create remote actor and check signature.', { err }) + return res.sendStatus(403) } - const verified = await isSignatureVerified(account, req.body) + const verified = await isSignatureVerified(actor, req.body) if (verified === false) return res.sendStatus(403) res.locals.signature = { - account + actor } return next()