git.squeep.com Git - akkoma/blob - lib/pleroma/object/containment.ex

   1 defmodule Pleroma.Object.Containment do
   2   @moduledoc """
   3   # Object Containment
   4
   5   This module contains some useful functions for containing objects to specific
   6   origins and determining those origins.  They previously lived in the
   7   ActivityPub `Transmogrifier` module.
   8
   9   Object containment is an important step in validating remote objects to prevent
  10   spoofing, therefore removal of object containment functions is NOT recommended.
  11   """
  12
  13   require Logger
  14
  15   def get_actor(%{"actor" => actor}) when is_binary(actor) do
  16     actor
  17   end
  18
  19   def get_actor(%{"actor" => actor}) when is_list(actor) do
  20     if is_binary(Enum.at(actor, 0)) do
  21       Enum.at(actor, 0)
  22     else
  23       Enum.find(actor, fn %{"type" => type} -> type in ["Person", "Service", "Application"] end)
  24       |> Map.get("id")
  25     end
  26   end
  27
  28   def get_actor(%{"actor" => %{"id" => id}}) when is_bitstring(id) do
  29     id
  30   end
  31
  32   def get_actor(%{"actor" => nil, "attributedTo" => actor}) when not is_nil(actor) do
  33     get_actor(%{"actor" => actor})
  34   end
  35
  36   @doc """
  37   Checks that an imported AP object's actor matches the domain it came from.
  38   """
  39   def contain_origin(id, %{"actor" => nil}), do: :error
  40
  41   def contain_origin(id, %{"actor" => actor} = params) do
  42     id_uri = URI.parse(id)
  43     actor_uri = URI.parse(get_actor(params))
  44
  45     if id_uri.host == actor_uri.host do
  46       :ok
  47     else
  48       :error
  49     end
  50   end
  51
  52   def contain_origin_from_id(id, %{"id" => nil}), do: :error
  53
  54   def contain_origin_from_id(id, %{"id" => other_id} = params) do
  55     id_uri = URI.parse(id)
  56     other_uri = URI.parse(other_id)
  57
  58     if id_uri.host == other_uri.host do
  59       :ok
  60     else
  61       :error
  62     end
  63   end
  64 end