refactor: simplify getSignatureUser

This commit is contained in:
Namekuji 2023-06-27 22:44:16 -07:00 committed by Namekuji
parent 487e7ba43c
commit 89e4e3ea5b
No known key found for this signature in database
GPG Key ID: 1D62332C07FBA532
1 changed files with 12 additions and 72 deletions

View File

@ -98,81 +98,21 @@ export async function checkFetch(req: IncomingMessage): Promise<number> {
return 200; return 200;
} }
export async function getSignatureUser( export async function getSignatureUser(req: IncomingMessage): Promise<{
req: IncomingMessage,
): Promise<{
user: CacheableRemoteUser; user: CacheableRemoteUser;
key: UserPublickey | null; key: UserPublickey | null;
} | null> { } | null> {
let authUser; const signature = httpSignature.parseRequest(req, { headers: [] });
const meta = await fetchMeta();
if (meta.secureMode || meta.privateMode) {
let signature;
try {
signature = httpSignature.parseRequest(req, { headers: [] });
} catch (e) {
return null;
}
const keyId = new URL(signature.keyId); const keyId = new URL(signature.keyId);
const host = toPuny(keyId.hostname);
if (await shouldBlockInstance(host, meta)) {
return null;
}
if (
meta.privateMode &&
host !== config.host &&
!meta.allowedHosts.includes(host)
) {
return null;
}
const keyIdLower = signature.keyId.toLowerCase();
if (keyIdLower.startsWith("acct:")) {
// Old keyId is no longer supported.
return null;
}
const dbResolver = new DbResolver(); const dbResolver = new DbResolver();
// HTTP-Signature keyIdを元にDBから取得 // Retrieve from DB by HTTP-Signature keyId
authUser = await dbResolver.getAuthUserFromKeyId(signature.keyId); const authUser = await dbResolver.getAuthUserFromKeyId(signature.keyId);
if (authUser) {
// keyIdでわからなければ、resolveしてみる
if (!authUser) {
try {
keyId.hash = "";
authUser = await dbResolver.getAuthUserFromApId(
getApId(keyId.toString()),
);
} catch {
// できなければ駄目
return null;
}
}
// publicKey がなくても終了
if (!authUser?.key) {
return null;
}
// もう一回チェック
if (authUser.user.host !== host) {
return null;
}
// HTTP-Signatureの検証
const httpSignatureValidated = httpSignature.verifySignature(
signature,
authUser.key.keyPem,
);
if (!httpSignatureValidated) {
return null;
}
}
return authUser; return authUser;
} }
// Resolve if failed to retrieve by keyId
keyId.hash = "";
return await dbResolver.getAuthUserFromApId(getApId(keyId.toString()));
}