X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fplugs%2Fhttp_signature_plug.ex;h=4ffaa6e982a142f59f896205c425f8a7d5cf591d;hb=4a78c431cfe1373ba09a3c02bc56502063975890;hp=79030be5f1f5b25697e8697d2a981c818f449dec;hpb=21ec1edbb630a9bc1c0df7d69ef13074ac2b320b;p=akkoma diff --git a/lib/pleroma/web/plugs/http_signature_plug.ex b/lib/pleroma/web/plugs/http_signature_plug.ex index 79030be5f..4ffaa6e98 100644 --- a/lib/pleroma/web/plugs/http_signature_plug.ex +++ b/lib/pleroma/web/plugs/http_signature_plug.ex @@ -4,11 +4,15 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do import Plug.Conn - import Phoenix.Controller, only: [get_format: 1, text: 2] + import Phoenix.Controller, only: [get_format: 1] alias Pleroma.Activity alias Pleroma.Web.Router + alias Pleroma.Signature + alias Pleroma.Instances require Logger + @cachex Pleroma.Config.get([:cachex, :provider], Cachex) + def init(options) do options end @@ -18,7 +22,7 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do end def call(conn, _opts) do - if get_format(conn) == "activity+json" do + if get_format(conn) in ["json", "activity+json"] do conn |> maybe_assign_valid_signature() |> maybe_require_signature() @@ -27,11 +31,11 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do end end - def route_aliases(%{path_info: ["objects", id]} = conn) do + def route_aliases(%{path_info: ["objects", id], query_string: query_string}) do ap_id = Router.Helpers.o_status_url(Pleroma.Web.Endpoint, :object, id) with %Activity{} = activity <- Activity.get_by_object_ap_id_with_object(ap_id) do - ["/notice/#{activity.id}"] + ["/notice/#{activity.id}", "/notice/#{activity.id}?#{query_string}"] else _ -> [] end @@ -57,6 +61,7 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do conn |> assign(:valid_signature, HTTPSignatures.validate_conn(conn)) + |> assign(:signature_actor_id, signature_host(conn)) |> assign_valid_signature_on_route_aliases(rest) end @@ -64,7 +69,9 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do if has_signature_header?(conn) do # set (request-target) header to the appropriate value # we also replace the digest header with the one we computed - possible_paths = route_aliases(conn) ++ [conn.request_path] + possible_paths = + route_aliases(conn) ++ [conn.request_path, conn.request_path <> "?#{conn.query_string}"] + assign_valid_signature_on_route_aliases(conn, possible_paths) else Logger.debug("No signature header!") @@ -76,16 +83,45 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do conn |> get_req_header("signature") |> Enum.at(0, false) end - defp maybe_require_signature(%{assigns: %{valid_signature: true}} = conn), do: conn + defp maybe_require_signature( + %{assigns: %{valid_signature: true, signature_actor_id: actor_id}} = conn + ) do + # inboxes implicitly need http signatures for authentication + # so we don't really know if the instance will have broken federation after + # we turn on authorized_fetch_mode. + # + # to "check" this is a signed fetch, verify if method is GET + if conn.method == "GET" do + actor_host = URI.parse(actor_id).host + + case @cachex.get(:request_signatures_cache, actor_host) do + {:ok, nil} -> + Logger.debug("Successful signature from #{actor_host}") + Instances.set_request_signatures(actor_host) + @cachex.put(:request_signatures_cache, actor_host, true) + + {:ok, true} -> + :noop + + any -> + Logger.warn( + "expected request signature cache to return a boolean, instead got #{inspect(any)}" + ) + end + end - defp maybe_require_signature(conn) do - if Pleroma.Config.get([:activitypub, :authorized_fetch_mode], false) do - conn - |> put_status(:unauthorized) - |> text("Request not signed") - |> halt() + conn + end + + defp maybe_require_signature(conn), do: conn + + defp signature_host(conn) do + with %{"keyId" => kid} <- HTTPSignatures.signature_for_conn(conn), + {:ok, actor_id} <- Signature.key_id_to_actor_id(kid) do + actor_id else - conn + e -> + {:error, e} end end end