Merge branch 'feature/jobs' into 'develop'

[akkoma] / lib / pleroma / web / websub / websub_controller.ex

diff --git a/lib/pleroma/web/websub/websub_controller.ex b/lib/pleroma/web/websub/websub_controller.ex
index 5d54c6ef5c936c10cf4ba128712f5dab93230c62..ad40f1b9471f5ddbbbf601fa1c5967e55f933a3e 100644 (file)
--- a/lib/pleroma/web/websub/websub_controller.ex
+++ b/lib/pleroma/web/websub/websub_controller.ex
@@ -1,18 +1,99 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Web.Websub.WebsubController do
   use Pleroma.Web, :controller
+
+  alias Pleroma.Repo
   alias Pleroma.User
   alias Pleroma.Web.Websub
+  alias Pleroma.Web.Federator
+  alias Pleroma.Web.Websub.WebsubClientSubscription
+
+  require Logger
+
+  plug(
+    Pleroma.Web.FederatingPlug
+    when action in [
+           :websub_subscription_request,
+           :websub_subscription_confirmation,
+           :websub_incoming
+         ]
+  )
 
   def websub_subscription_request(conn, %{"nickname" => nickname} = params) do
     user = User.get_cached_by_nickname(nickname)
 
-    with {:ok, _websub} <- Websub.incoming_subscription_request(user, params)
-    do
+    with {:ok, _websub} <- Websub.incoming_subscription_request(user, params) do
       conn
       |> send_resp(202, "Accepted")
-    else {:error, reason} ->
+    else
+      {:error, reason} ->
+        conn
+        |> send_resp(500, reason)
+    end
+  end
+
+  # TODO: Extract this into the Websub module
+  def websub_subscription_confirmation(
+        conn,
+        %{
+          "id" => id,
+          "hub.mode" => "subscribe",
+          "hub.challenge" => challenge,
+          "hub.topic" => topic
+        } = params
+      ) do
+    Logger.debug("Got WebSub confirmation")
+    Logger.debug(inspect(params))
+
+    lease_seconds =
+      if params["hub.lease_seconds"] do
+        String.to_integer(params["hub.lease_seconds"])
+      else
+        # Guess 3 days
+        60 * 60 * 24 * 3
+      end
+
+    with %WebsubClientSubscription{} = websub <-
+           Repo.get_by(WebsubClientSubscription, id: id, topic: topic) do
+      valid_until = NaiveDateTime.add(NaiveDateTime.utc_now(), lease_seconds)
+      change = Ecto.Changeset.change(websub, %{state: "accepted", valid_until: valid_until})
+      {:ok, _websub} = Repo.update(change)
+
       conn
-      |> send_resp(500, reason)
+      |> send_resp(200, challenge)
+    else
+      _e ->
+        conn
+        |> send_resp(500, "Error")
+    end
+  end
+
+  def websub_subscription_confirmation(conn, params) do
+    Logger.info("Invalid WebSub confirmation request: #{inspect(params)}")
+
+    conn
+    |> send_resp(500, "Invalid parameters")
+  end
+
+  def websub_incoming(conn, %{"id" => id}) do
+    with "sha1=" <> signature <- hd(get_req_header(conn, "x-hub-signature")),
+         signature <- String.downcase(signature),
+         %WebsubClientSubscription{} = websub <- Repo.get(WebsubClientSubscription, id),
+         {:ok, body, _conn} = read_body(conn),
+         ^signature <- Websub.sign(websub.secret, body) do
+      Federator.incoming_doc(body)
+
+      conn
+      |> send_resp(200, "OK")
+    else
+      _e ->
+        Logger.debug("Can't handle incoming subscription post")
+
+        conn
+        |> send_resp(500, "Error")
     end
   end
 end