mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-11-26 00:03:16 +00:00
Updaet InboxPipelines, improve handling of missing signature validation headers
This commit is contained in:
Daniel Supernault
parent
da38b33a24
commit
419c0fb0fb
3 changed files with 357 additions and 328 deletions
|
|
@ -126,6 +126,11 @@ class DeleteWorker implements ShouldQueue
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$signatureData = HttpSignature::parseSignatureHeader($signature);
|
$signatureData = HttpSignature::parseSignatureHeader($signature);
|
||||||
|
|
||||||
|
if(!isset($signatureData['keyId'], $signatureData['signature'], $signatureData['headers']) || isset($signatureData['error'])) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
$keyId = Helpers::validateUrl($signatureData['keyId']);
|
$keyId = Helpers::validateUrl($signatureData['keyId']);
|
||||||
$id = Helpers::validateUrl($bodyDecoded['id']);
|
$id = Helpers::validateUrl($bodyDecoded['id']);
|
||||||
$keyDomain = parse_url($keyId, PHP_URL_HOST);
|
$keyDomain = parse_url($keyId, PHP_URL_HOST);
|
||||||
|
|
@ -186,6 +191,11 @@ class DeleteWorker implements ShouldQueue
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
$signatureData = HttpSignature::parseSignatureHeader($signature);
|
$signatureData = HttpSignature::parseSignatureHeader($signature);
|
||||||
|
|
||||||
|
if(!isset($signatureData['keyId'], $signatureData['signature'], $signatureData['headers']) || isset($signatureData['error'])) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
$keyId = Helpers::validateUrl($signatureData['keyId']);
|
$keyId = Helpers::validateUrl($signatureData['keyId']);
|
||||||
$actor = Profile::whereKeyId($keyId)->whereNotNull('remote_url')->first();
|
$actor = Profile::whereKeyId($keyId)->whereNotNull('remote_url')->first();
|
||||||
if(!$actor) {
|
if(!$actor) {
|
||||||
|
|
|
||||||
|
|
@ -113,6 +113,11 @@ class InboxValidator implements ShouldQueue
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$signatureData = HttpSignature::parseSignatureHeader($signature);
|
$signatureData = HttpSignature::parseSignatureHeader($signature);
|
||||||
|
|
||||||
|
if(!isset($signatureData['keyId'], $signatureData['signature'], $signatureData['headers']) || isset($signatureData['error'])) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
$keyId = Helpers::validateUrl($signatureData['keyId']);
|
$keyId = Helpers::validateUrl($signatureData['keyId']);
|
||||||
$id = Helpers::validateUrl($bodyDecoded['id']);
|
$id = Helpers::validateUrl($bodyDecoded['id']);
|
||||||
$keyDomain = parse_url($keyId, PHP_URL_HOST);
|
$keyDomain = parse_url($keyId, PHP_URL_HOST);
|
||||||
|
|
@ -173,6 +178,11 @@ class InboxValidator implements ShouldQueue
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
$signatureData = HttpSignature::parseSignatureHeader($signature);
|
$signatureData = HttpSignature::parseSignatureHeader($signature);
|
||||||
|
|
||||||
|
if(!isset($signatureData['keyId'], $signatureData['signature'], $signatureData['headers']) || isset($signatureData['error'])) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
$keyId = Helpers::validateUrl($signatureData['keyId']);
|
$keyId = Helpers::validateUrl($signatureData['keyId']);
|
||||||
$actor = Profile::whereKeyId($keyId)->whereNotNull('remote_url')->first();
|
$actor = Profile::whereKeyId($keyId)->whereNotNull('remote_url')->first();
|
||||||
if(!$actor) {
|
if(!$actor) {
|
||||||
|
|
|
||||||
|
|
@ -94,6 +94,11 @@ class InboxWorker implements ShouldQueue
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$signatureData = HttpSignature::parseSignatureHeader($signature);
|
$signatureData = HttpSignature::parseSignatureHeader($signature);
|
||||||
|
|
||||||
|
if(!isset($signatureData['keyId'], $signatureData['signature'], $signatureData['headers']) || isset($signatureData['error'])) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
$keyId = Helpers::validateUrl($signatureData['keyId']);
|
$keyId = Helpers::validateUrl($signatureData['keyId']);
|
||||||
$id = Helpers::validateUrl($bodyDecoded['id']);
|
$id = Helpers::validateUrl($bodyDecoded['id']);
|
||||||
$keyDomain = parse_url($keyId, PHP_URL_HOST);
|
$keyDomain = parse_url($keyId, PHP_URL_HOST);
|
||||||
|
|
@ -154,6 +159,10 @@ class InboxWorker implements ShouldQueue
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
$signatureData = HttpSignature::parseSignatureHeader($signature);
|
$signatureData = HttpSignature::parseSignatureHeader($signature);
|
||||||
|
if(!isset($signatureData['keyId'], $signatureData['signature'], $signatureData['headers']) || isset($signatureData['error'])) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
$keyId = Helpers::validateUrl($signatureData['keyId']);
|
$keyId = Helpers::validateUrl($signatureData['keyId']);
|
||||||
$actor = Profile::whereKeyId($keyId)->whereNotNull('remote_url')->first();
|
$actor = Profile::whereKeyId($keyId)->whereNotNull('remote_url')->first();
|
||||||
if(!$actor) {
|
if(!$actor) {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue