Improvements to signature verification (#9667)

* Refactor signature verification a bit * Rescue signature verification if recorded public key is invalid Fixes #8822 * Always re-fetch AP signing key when HTTP Signature verification fails But when the account is not marked as stale, avoid fetching collections and media, and avoid webfinger round-trip. * Apply stoplight to key/account update as well as initial key retrieval
2019-01-07 21:45:13 +01:00 · 2019-01-07 21:45:13 +01:00 · 28b482874a
commit 28b482874a
parent cf3c0fc38c
3 changed files with 41 additions and 22 deletions
--- a/app/services/activitypub/fetch_remote_account_service.rb
+++ b/app/services/activitypub/fetch_remote_account_service.rb
@ -5,8 +5,8 @@ class ActivityPub::FetchRemoteAccountService < BaseService

  SUPPORTED_TYPES = %w(Application Group Organization Person Service).freeze

-  # Does a WebFinger roundtrip on each call
-  def call(uri, id: true, prefetched_body: nil, break_on_redirect: false)
+  # Does a WebFinger roundtrip on each call, unless `only_key` is true
+  def call(uri, id: true, prefetched_body: nil, break_on_redirect: false, only_key: false)
    return ActivityPub::TagManager.instance.uri_to_resource(uri, Account) if ActivityPub::TagManager.instance.local_uri?(uri)

    @json = if prefetched_body.nil?
@ -21,9 +21,9 @@ class ActivityPub::FetchRemoteAccountService < BaseService
    @username = @json['preferredUsername']
    @domain   = Addressable::URI.parse(@uri).normalized_host

-    return unless verified_webfinger?
+    return unless only_key || verified_webfinger?

-    ActivityPub::ProcessAccountService.new.call(@username, @domain, @json)
+    ActivityPub::ProcessAccountService.new.call(@username, @domain, @json, only_key: only_key)
  rescue Oj::ParseError
    nil
  end