fixes
This commit is contained in:
parent
516e0f8ecf
commit
487e7ba43c
|
@ -7,6 +7,8 @@ import DbResolver from "@/remote/activitypub/db-resolver.js";
|
|||
import { getApId } from "@/remote/activitypub/type.js";
|
||||
import { shouldBlockInstance } from "@/misc/should-block-instance.js";
|
||||
import type { IncomingMessage } from "http";
|
||||
import type { CacheableRemoteUser } from "@/models/entities/user.js";
|
||||
import type { UserPublickey } from "@/models/entities/user-publickey.js";
|
||||
|
||||
export async function hasSignature(req: IncomingMessage): Promise<string> {
|
||||
const meta = await fetchMeta();
|
||||
|
@ -98,7 +100,10 @@ export async function checkFetch(req: IncomingMessage): Promise<number> {
|
|||
|
||||
export async function getSignatureUser(
|
||||
req: IncomingMessage,
|
||||
): Promise<CacheableRemoteUser> {
|
||||
): Promise<{
|
||||
user: CacheableRemoteUser;
|
||||
key: UserPublickey | null;
|
||||
} | null> {
|
||||
let authUser;
|
||||
const meta = await fetchMeta();
|
||||
if (meta.secureMode || meta.privateMode) {
|
||||
|
@ -114,7 +119,7 @@ export async function getSignatureUser(
|
|||
const host = toPuny(keyId.hostname);
|
||||
|
||||
if (await shouldBlockInstance(host, meta)) {
|
||||
return 403;
|
||||
return null;
|
||||
}
|
||||
|
||||
if (
|
||||
|
@ -137,20 +142,20 @@ export async function getSignatureUser(
|
|||
authUser = await dbResolver.getAuthUserFromKeyId(signature.keyId);
|
||||
|
||||
// keyIdでわからなければ、resolveしてみる
|
||||
if (authUser == null) {
|
||||
if (!authUser) {
|
||||
try {
|
||||
keyId.hash = "";
|
||||
authUser = await dbResolver.getAuthUserFromApId(
|
||||
getApId(keyId.toString()),
|
||||
);
|
||||
} catch (e) {
|
||||
} catch {
|
||||
// できなければ駄目
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
// publicKey がなくても終了
|
||||
if (authUser?.key == null) {
|
||||
if (!authUser?.key) {
|
||||
return null;
|
||||
}
|
||||
|
||||
|
|
|
@ -108,17 +108,23 @@ router.get("/notes/:note", async (ctx, next) => {
|
|||
return;
|
||||
}
|
||||
|
||||
if (note.visibility == "followers") {
|
||||
if (note.visibility === "followers") {
|
||||
serverLogger.debug(
|
||||
"Responding to request for follower-only note, validating access...",
|
||||
);
|
||||
let remoteUser = await getSignatureUser(ctx.req);
|
||||
const remoteUser = await getSignatureUser(ctx.req);
|
||||
serverLogger.debug("Local note author user:");
|
||||
serverLogger.debug(JSON.stringify(note, null, 2));
|
||||
serverLogger.debug("Authenticated remote user:");
|
||||
serverLogger.debug(JSON.stringify(remoteUser, null, 2));
|
||||
|
||||
let relation = await Users.getRelation(remoteUser.user.id, note.userId);
|
||||
if (remoteUser == null) {
|
||||
serverLogger.debug("Rejecting: no user");
|
||||
ctx.status = 401;
|
||||
return;
|
||||
}
|
||||
|
||||
const relation = await Users.getRelation(remoteUser.user.id, note.userId);
|
||||
serverLogger.debug("Relation:");
|
||||
serverLogger.debug(JSON.stringify(relation, null, 2));
|
||||
|
||||
|
|
Loading…
Reference in New Issue