[#534] Federation publish requests status control (enforced 2xx response code check).

[akkoma] / lib / pleroma / web / websub / websub.ex

diff --git a/lib/pleroma/web/websub/websub.ex b/lib/pleroma/web/websub/websub.ex
index e494811f9f700cd5ee941f4f230942ff7da7552a..9ceb5fbf7dcf431f6063530e8b2d986661c3e310 100644 (file)
--- a/lib/pleroma/web/websub/websub.ex
+++ b/lib/pleroma/web/websub/websub.ex
@@ -1,6 +1,11 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Web.Websub do
   alias Ecto.Changeset
   alias Pleroma.Repo
+  alias Pleroma.Instances
   alias Pleroma.Web.Websub.{WebsubServerSubscription, WebsubClientSubscription}
   alias Pleroma.Web.OStatus.FeedRepresenter
   alias Pleroma.Web.{XML, Endpoint, OStatus}
@@ -117,6 +122,12 @@ defmodule Pleroma.Web.Websub do
     end
   end
 
+  def incoming_subscription_request(user, params) do
+    Logger.info("Unhandled WebSub request for #{user.nickname}: #{inspect(params)}")
+
+    {:error, "Invalid WebSub request"}
+  end
+
   defp get_subscription(topic, callback) do
     Repo.get_by(WebsubServerSubscription, topic: topic, callback: callback) ||
       %WebsubServerSubscription{}
@@ -146,7 +157,7 @@ defmodule Pleroma.Web.Websub do
   end
 
   def subscribe(subscriber, subscribed, requester \\ &request_subscription/1) do
-    topic = subscribed.info["topic"]
+    topic = subscribed.info.topic
     # FIXME: Race condition, use transactions
     {:ok, subscription} =
       with subscription when not is_nil(subscription) <-
@@ -158,7 +169,7 @@ defmodule Pleroma.Web.Websub do
         _e ->
           subscription = %WebsubClientSubscription{
             topic: topic,
-            hub: subscribed.info["hub"],
+            hub: subscribed.info.hub,
             subscribers: [subscriber.ap_id],
             state: "requested",
             secret: :crypto.strong_rand_bytes(8) |> Base.url_encode64(),
@@ -173,7 +184,7 @@ defmodule Pleroma.Web.Websub do
 
   def gather_feed_data(topic, getter \\ &@httpoison.get/1) do
     with {:ok, response} <- getter.(topic),
-         status_code when status_code in 200..299 <- response.status_code,
+         status when status in 200..299 <- response.status,
          body <- response.body,
          doc <- XML.parse_document(body),
          uri when not is_nil(uri) <- XML.string_from_xpath("/feed/author[1]/uri", doc),
@@ -221,7 +232,7 @@ defmodule Pleroma.Web.Websub do
 
     task = Task.async(websub_checker)
 
-    with {:ok, %{status_code: 202}} <-
+    with {:ok, %{status: 202}} <-
            poster.(websub.hub, {:form, data}, "Content-type": "application/x-www-form-urlencoded"),
          {:ok, websub} <- Task.yield(task, timeout) do
       {:ok, websub}
@@ -252,4 +263,33 @@ defmodule Pleroma.Web.Websub do
       Pleroma.Web.Federator.enqueue(:request_subscription, sub)
     end)
   end
+
+  def publish_one(%{xml: xml, topic: topic, callback: callback, secret: secret}) do
+    signature = sign(secret || "", xml)
+    Logger.info(fn -> "Pushing #{topic} to #{callback}" end)
+
+    with {:reachable, true} <- {:reachable, Instances.reachable?(callback)},
+         {:ok, %{status: code}} when code in 200..299 <-
+           @httpoison.post(
+             callback,
+             xml,
+             [
+               {"Content-Type", "application/atom+xml"},
+               {"X-Hub-Signature", "sha1=#{signature}"}
+             ]
+           ) do
+      Instances.set_reachable(callback)
+      Logger.info(fn -> "Pushed to #{callback}, code #{code}" end)
+      {:ok, code}
+    else
+      {:reachable, false} ->
+        Logger.debug(fn -> "Pushing to #{callback} skipped as marked unreachable)" end)
+        {:error, :noop}
+
+      e ->
+        Instances.set_unreachable(callback)
+        Logger.debug(fn -> "Couldn't push to #{callback}, #{inspect(e)}" end)
+        {:error, e}
+    end
+  end
 end