diff --git a/CHANGELOG.md b/CHANGELOG.md index 11033743a..c12af2682 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,9 @@ - Update ActivityPubFetchService, fix Friendica bug ([e4edc6f1](https://github.com/pixelfed/pixelfed/commit/e4edc6f1)) - Update ProfileController, fix atom feed cache ttl. Fixes #5093 ([921e2965](https://github.com/pixelfed/pixelfed/commit/921e2965)) - Update CollectionsController, add new self route ([bc2495c6](https://github.com/pixelfed/pixelfed/commit/bc2495c6)) +- Update FederationController, add webfinger support for actor uri. Fixes #5068 ([24194f7d](https://github.com/pixelfed/pixelfed/commit/24194f7d)) +- ([](https://github.com/pixelfed/pixelfed/commit/)) +- ([](https://github.com/pixelfed/pixelfed/commit/)) - ([](https://github.com/pixelfed/pixelfed/commit/)) ## [v0.12.1 (2024-05-07)](https://github.com/pixelfed/pixelfed/compare/v0.12.0...v0.12.1) diff --git a/app/Http/Controllers/FederationController.php b/app/Http/Controllers/FederationController.php index 54ad03227..9155e9aed 100644 --- a/app/Http/Controllers/FederationController.php +++ b/app/Http/Controllers/FederationController.php @@ -45,8 +45,11 @@ class FederationController extends Controller $resource = $request->input('resource'); $domain = config('pixelfed.domain.app'); - if (config('federation.activitypub.sharedInbox') && - $resource == 'acct:'.$domain.'@'.$domain) { + // Instance Actor + if ( + config('federation.activitypub.sharedInbox') && + $resource == 'acct:'.$domain.'@'.$domain + ) { $res = [ 'subject' => 'acct:'.$domain.'@'.$domain, 'aliases' => [ @@ -68,6 +71,33 @@ class FederationController extends Controller return response()->json($res, 200, [], JSON_UNESCAPED_SLASHES); } + + if(str_starts_with($resource, 'https://')) { + if(str_starts_with($resource, 'https://' . $domain . '/users/')) { + $username = str_replace('https://' . $domain . '/users/', '', $resource); + if(strlen($username) > 15) { + return response('', 400); + } + $stripped = str_replace(['_', '.', '-'], '', $username); + if(!ctype_alnum($stripped)) { + return response('', 400); + } + $key = 'federation:webfinger:sha256:url-username:'.$username; + if ($cached = Cache::get($key)) { + return response()->json($cached, 200, [], JSON_UNESCAPED_SLASHES); + } + $profile = Profile::whereUsername($username)->first(); + if (! $profile || $profile->status !== null || $profile->domain) { + return response('', 400); + } + $webfinger = (new Webfinger($profile))->generate(); + Cache::put($key, $webfinger, 1209600); + return response()->json($webfinger, 200, [], JSON_UNESCAPED_SLASHES) + ->header('Access-Control-Allow-Origin', '*'); + } else { + return response('', 400); + } + } $hash = hash('sha256', $resource); $key = 'federation:webfinger:sha256:'.$hash; if ($cached = Cache::get($key)) { @@ -81,8 +111,8 @@ class FederationController extends Controller return response('', 400); } $username = $parsed['username']; - $profile = Profile::whereNull('domain')->whereUsername($username)->first(); - if (! $profile || $profile->status !== null) { + $profile = Profile::whereUsername($username)->first(); + if (! $profile || $profile->status !== null || $profile->domain) { return response('', 400); } $webfinger = (new Webfinger($profile))->generate();