misskey/src/queue/processors/http/process-inbox.ts

149 lines
4.3 KiB
TypeScript
Raw Normal View History

2018-07-26 08:11:47 +09:00
import * as bq from 'bee-queue';
import * as httpSignature from 'http-signature';
2018-07-07 19:19:00 +09:00
import parseAcct from '../../../misc/acct/parse';
2018-04-05 01:24:01 +09:00
import User, { IRemoteUser } from '../../../models/user';
2018-04-09 04:08:56 +09:00
import perform from '../../../remote/activitypub/perform';
2018-09-01 17:53:38 +09:00
import { resolvePerson, updatePerson } from '../../../remote/activitypub/models/person';
2018-08-30 20:53:41 +09:00
import { toUnicode } from 'punycode';
import { URL } from 'url';
2018-11-03 11:38:00 +09:00
import { publishApLogStream } from '../../../stream';
import Logger from '../../../misc/logger';
2018-04-04 23:12:35 +09:00
const logger = new Logger('inbox');
2018-04-06 22:40:06 +09:00
2018-04-04 23:12:35 +09:00
// ユーザーのinboxにアクティビティが届いた時の処理
2018-07-26 08:11:47 +09:00
export default async (job: bq.Job, done: any): Promise<void> => {
2018-04-04 23:12:35 +09:00
const signature = job.data.signature;
const activity = job.data.activity;
2018-04-06 22:40:06 +09:00
//#region Log
const info = Object.assign({}, activity);
delete info['@context'];
delete info['signature'];
2019-02-05 14:04:40 +09:00
logger.debug(JSON.stringify(info, null, 2));
2018-04-06 22:40:06 +09:00
//#endregion
2018-04-04 23:12:35 +09:00
const keyIdLower = signature.keyId.toLowerCase();
2018-06-18 14:28:43 +09:00
let user: IRemoteUser;
2018-04-04 23:12:35 +09:00
if (keyIdLower.startsWith('acct:')) {
const { username, host } = parseAcct(keyIdLower.slice('acct:'.length));
if (host === null) {
logger.warn(`request was made by local user: @${username}`);
2018-04-04 23:12:35 +09:00
done();
2018-04-06 14:35:17 +09:00
return;
2018-04-04 23:12:35 +09:00
}
2018-08-30 20:53:41 +09:00
// アクティビティ内のホストの検証
try {
ValidateActivity(activity, host);
} catch (e) {
logger.warn(e.message);
2018-08-30 20:53:41 +09:00
done();
return;
}
user = await User.findOne({ usernameLower: username, host: host.toLowerCase() }) as IRemoteUser;
2018-04-04 23:12:35 +09:00
} else {
2018-08-30 20:53:41 +09:00
// アクティビティ内のホストの検証
const host = toUnicode(new URL(signature.keyId).hostname.toLowerCase());
try {
ValidateActivity(activity, host);
} catch (e) {
logger.warn(e.message);
2018-08-30 20:53:41 +09:00
done();
return;
}
2018-04-04 23:12:35 +09:00
user = await User.findOne({
host: { $ne: null },
2018-04-08 03:58:11 +09:00
'publicKey.id': signature.keyId
2018-04-04 23:12:35 +09:00
}) as IRemoteUser;
2018-09-01 17:53:38 +09:00
}
2018-04-04 23:12:35 +09:00
2018-09-01 17:53:38 +09:00
// Update activityの場合は、ここで署名検証/更新処理まで実施して終了
if (activity.type === 'Update') {
if (activity.object && activity.object.type === 'Person') {
if (user == null) {
logger.warn('Update activity received, but user not registed.');
2018-09-01 17:53:38 +09:00
} else if (!httpSignature.verifySignature(signature, user.publicKey.publicKeyPem)) {
logger.warn('Update activity received, but signature verification failed.');
2018-09-01 17:53:38 +09:00
} else {
updatePerson(activity.actor, null, activity.object);
}
2018-04-04 23:12:35 +09:00
}
2018-09-01 17:53:38 +09:00
done();
return;
}
// アクティビティを送信してきたユーザーがまだMisskeyサーバーに登録されていなかったら登録する
if (user === null) {
user = await resolvePerson(activity.actor) as IRemoteUser;
2018-04-04 23:12:35 +09:00
}
if (user === null) {
done(new Error('failed to resolve user'));
return;
}
2018-04-15 12:51:05 +09:00
if (!httpSignature.verifySignature(signature, user.publicKey.publicKeyPem)) {
logger.error('signature verification failed');
2018-04-06 14:35:17 +09:00
done();
2018-04-04 23:12:35 +09:00
return;
}
2018-11-16 17:04:28 +09:00
2018-11-05 19:40:09 +09:00
//#region Log
publishApLogStream({
direction: 'in',
activity: activity.type,
host: user.host,
actor: user.username
});
//#endregion
2018-04-04 23:12:35 +09:00
// アクティビティを処理
try {
2018-04-09 04:08:56 +09:00
await perform(user, activity);
2018-04-04 23:12:35 +09:00
done();
} catch (e) {
done(e);
}
};
2018-08-30 20:53:41 +09:00
/**
* Validate host in activity
* @param activity Activity
* @param host Expect host
*/
function ValidateActivity(activity: any, host: string) {
// id (if exists)
if (typeof activity.id === 'string') {
const uriHost = toUnicode(new URL(activity.id).hostname.toLowerCase());
2018-08-31 16:46:24 +09:00
if (host !== uriHost) {
const diag = activity.signature ? '. Has LD-Signature. Forwarded?' : '';
throw new Error(`activity.id(${activity.id}) has different host(${host})${diag}`);
}
2018-08-30 20:53:41 +09:00
}
// actor (if exists)
if (typeof activity.actor === 'string') {
const uriHost = toUnicode(new URL(activity.actor).hostname.toLowerCase());
if (host !== uriHost) throw new Error('activity.actor has different host');
}
// For Create activity
if (activity.type === 'Create' && activity.object) {
// object.id (if exists)
if (typeof activity.object.id === 'string') {
const uriHost = toUnicode(new URL(activity.object.id).hostname.toLowerCase());
if (host !== uriHost) throw new Error('activity.object.id has different host');
}
// object.attributedTo (if exists)
if (typeof activity.object.attributedTo === 'string') {
const uriHost = toUnicode(new URL(activity.object.attributedTo).hostname.toLowerCase());
if (host !== uriHost) throw new Error('activity.object.attributedTo has different host');
}
}
}