Merge branch 'bugfix/http-signatures-misskey' into 'develop'

signature: properly deduce the actor from misskey key IDs

See merge request pleroma/pleroma!1476
This commit is contained in:
Haelwenn 2019-07-23 18:39:01 +00:00
commit 638f772356
2 changed files with 27 additions and 9 deletions

View file

@ -10,9 +10,18 @@ defmodule Pleroma.Signature do
alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.ActivityPub
def key_id_to_actor_id(key_id) do def key_id_to_actor_id(key_id) do
URI.parse(key_id) uri =
|> Map.put(:fragment, nil) URI.parse(key_id)
|> URI.to_string() |> Map.put(:fragment, nil)
uri =
if String.ends_with?(uri.path, "/publickey") do
Map.put(uri, :path, String.replace(uri.path, "/publickey", ""))
else
uri
end
URI.to_string(uri)
end end
def fetch_public_key(conn) do def fetch_public_key(conn) do

View file

@ -48,16 +48,14 @@ defmodule Pleroma.SignatureTest do
test "it returns error when not found user" do test "it returns error when not found user" do
assert capture_log(fn -> assert capture_log(fn ->
assert Signature.fetch_public_key(make_fake_conn("test-ap_id")) == assert Signature.fetch_public_key(make_fake_conn("test-ap_id")) == {:error, :error}
{:error, :error}
end) =~ "[error] Could not decode user" end) =~ "[error] Could not decode user"
end end
test "it returns error if public key is empty" do test "it returns error if public key is empty" do
user = insert(:user, %{info: %{source_data: %{"publicKey" => %{}}}}) user = insert(:user, %{info: %{source_data: %{"publicKey" => %{}}}})
assert Signature.fetch_public_key(make_fake_conn(user.ap_id)) == assert Signature.fetch_public_key(make_fake_conn(user.ap_id)) == {:error, :error}
{:error, :error}
end end
end end
@ -65,8 +63,7 @@ defmodule Pleroma.SignatureTest do
test "it returns key" do test "it returns key" do
ap_id = "https://mastodon.social/users/lambadalambda" ap_id = "https://mastodon.social/users/lambadalambda"
assert Signature.refetch_public_key(make_fake_conn(ap_id)) == assert Signature.refetch_public_key(make_fake_conn(ap_id)) == {:ok, @rsa_public_key}
{:ok, @rsa_public_key}
end end
test "it returns error when not found user" do test "it returns error when not found user" do
@ -105,4 +102,16 @@ defmodule Pleroma.SignatureTest do
) == {:error, []} ) == {:error, []}
end end
end end
describe "key_id_to_actor_id/1" do
test "it properly deduces the actor id for misskey" do
assert Signature.key_id_to_actor_id("https://example.com/users/1234/publickey") ==
"https://example.com/users/1234"
end
test "it properly deduces the actor id for mastodon and pleroma" do
assert Signature.key_id_to_actor_id("https://example.com/users/1234#main-key") ==
"https://example.com/users/1234"
end
end
end end