Merge pull request #4005 from pixelfed/staging

Update AP Inbox
This commit is contained in:
daniel 2022-12-24 05:35:52 -07:00 committed by GitHub
commit 80bef4ecc9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -69,47 +69,43 @@ class DeleteWorker implements ShouldQueue
)) ))
) { ) {
$actor = $payload['actor']; $actor = $payload['actor'];
$hash = strlen($actor) <= 48 ? if($this->verifySignature($headers, $payload) == true) {
'b:' . base64_encode($actor) : $actorDelete = Profile::whereRemoteUrl($actor)->exists();
'h:' . hash('sha256', $actor); if($actorDelete) {
if($this->verifySignature($headers, $payload) == true) {
$key = 'ap:inbox:actor-delete-exists:' . $hash; Cache::set($key, false);
$actorDelete = Cache::remember($key, now()->addMinutes(15), function() use($actor) { $profile = Profile::whereNotNull('domain')
return Profile::whereRemoteUrl($actor) ->whereNull('status')
->whereNotNull('domain') ->whereRemoteUrl($actor)
->exists(); ->first();
}); if($profile) {
if($actorDelete) { DeleteRemoteProfilePipeline::dispatch($profile)->onQueue('inbox');
if($this->verifySignature($headers, $payload) == true) { }
Cache::set($key, false); return 1;
$profile = Profile::whereNotNull('domain') } else {
->whereNull('status') // Signature verification failed, exit.
->whereRemoteUrl($actor) return 1;
->first();
if($profile) {
DeleteRemoteProfilePipeline::dispatch($profile)->onQueue('delete');
} }
return 1;
} else { } else {
// Signature verification failed, exit. // Remote user doesn't exist, exit early.
return 1; return 1;
} }
return 1;
} else { } else {
// Remote user doesn't exist, exit early.
return 1; return 1;
} }
return 1;
}
$profile = null;
if($this->verifySignature($headers, $payload) == true) {
ActivityHandler::dispatch($headers, $profile, $payload)->onQueue('delete');
return 1;
} else { } else {
return 1; $profile = null;
if($this->verifySignature($headers, $payload) == true) {
ActivityHandler::dispatch($headers, $profile, $payload)->onQueue('delete');
return 1;
} else {
return 1;
}
} }
} }
protected function verifySignature($headers, $payload) protected function verifySignature($headers, $payload)
@ -138,17 +134,17 @@ class DeleteWorker implements ShouldQueue
&& is_array($bodyDecoded['object']) && is_array($bodyDecoded['object'])
&& isset($bodyDecoded['object']['attributedTo']) && isset($bodyDecoded['object']['attributedTo'])
) { ) {
$attr = Helpers::pluckval($bodyDecoded['object']['attributedTo']); $attr = Helpers::pluckval($bodyDecoded['object']['attributedTo']);
if(is_array($attr)) { if(is_array($attr)) {
if(isset($attr['id'])) { if(isset($attr['id'])) {
$attr = $attr['id']; $attr = $attr['id'];
} else { } else {
$attr = ""; $attr = "";
} }
} }
if(parse_url($attr, PHP_URL_HOST) !== $keyDomain) { if(parse_url($attr, PHP_URL_HOST) !== $keyDomain) {
return false; return false;
} }
} }
if(!$keyDomain || !$idDomain || $keyDomain !== $idDomain) { if(!$keyDomain || !$idDomain || $keyDomain !== $idDomain) {
return false; return false;
@ -199,18 +195,18 @@ class DeleteWorker implements ShouldQueue
return; return;
} }
try { try {
$res = Http::timeout(20)->withHeaders([ $res = Http::timeout(20)->withHeaders([
'Accept' => 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"', 'Accept' => 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
'User-Agent' => 'PixelfedBot v0.1 - https://pixelfed.org', 'User-Agent' => 'PixelfedBot v0.1 - https://pixelfed.org',
])->get($actor->remote_url); ])->get($actor->remote_url);
} catch (ConnectionException $e) { } catch (ConnectionException $e) {
return false; return false;
} }
if(!$res->ok()) { if(!$res->ok()) {
return false; return false;
} }
$res = json_decode($res->body(), true, 8); $res = json_decode($res->body(), true, 8);
if(!isset($res['publicKey'], $res['publicKey']['id'])) { if(!isset($res['publicKey'], $res['publicKey']['id'])) {