Unfloyded/Legamunt
0
0
Fork 0
Code Activity

Refactor ActivityPub handling to prepare for non-Account actors (#19212)

Browse source 
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is
specifically required to be an Account

* Refactor SignatureVerification to allow non-Account actors

* fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

* Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors

* Refactor inbound ActivityPub payload processing to accept non-Account actors

* Refactor inbound ActivityPub processing to accept activities relayed through non-Account

* Refactor how Account key URIs are built

* Refactor Request and drop unused key_id_format parameter

* Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
This commit is contained in:
Claire 2022-09-21 22:45:57 +02:00 committed by GitHub
parent 84aff598ea
commit 8cf7006d4e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
41 changed files with 436 additions and 180 deletions
Download patch file Download diff file Expand all files Collapse all files

14
spec/lib/activitypub/linked_data_signature_spec.rb
View file

@ -20,7 +20,7 @@ RSpec.describe ActivityPub::LinkedDataSignature do
stub_jsonld_contexts!
end
describe '#verify_account!' do
describe '#verify_actor!' do
context 'when signature matches' do
let(:raw_signature) do
{
@ -32,7 +32,7 @@ RSpec.describe ActivityPub::LinkedDataSignature do
let(:signature) { raw_signature.merge('type' => 'RsaSignature2017', 'signatureValue' => sign(sender, raw_signature, raw_json)) }
it 'returns creator' do
expect(subject.verify_account!).to eq sender
expect(subject.verify_actor!).to eq sender
end
end
@ -40,7 +40,7 @@ RSpec.describe ActivityPub::LinkedDataSignature do
let(:signature) { nil }
it 'returns nil' do
expect(subject.verify_account!).to be_nil
expect(subject.verify_actor!).to be_nil
end
end
@ -55,7 +55,7 @@ RSpec.describe ActivityPub::LinkedDataSignature do
let(:signature) { raw_signature.merge('type' => 'RsaSignature2017', 'signatureValue' => 's69F3mfddd99dGjmvjdjjs81e12jn121Gkm1') }
it 'returns nil' do
expect(subject.verify_account!).to be_nil
expect(subject.verify_actor!).to be_nil
end
end
end
@ -73,14 +73,14 @@ RSpec.describe ActivityPub::LinkedDataSignature do
end
it 'can be verified again' do
expect(described_class.new(subject).verify_account!).to eq sender
expect(described_class.new(subject).verify_actor!).to eq sender
end
end
def sign(from_account, options, document)
def sign(from_actor, options, document)
options_hash = Digest::SHA256.hexdigest(canonicalize(options.merge('@context' => ActivityPub::LinkedDataSignature::CONTEXT)))
document_hash = Digest::SHA256.hexdigest(canonicalize(document))
to_be_verified = options_hash + document_hash
Base64.strict_encode64(from_account.keypair.sign(OpenSSL::Digest.new('SHA256'), to_be_verified))
Base64.strict_encode64(from_actor.keypair.sign(OpenSSL::Digest.new('SHA256'), to_be_verified))
end
end