mirror of
https://github.com/mastodon/mastodon.git
synced 2024-11-10 09:29:18 +00:00
1618b68bfa
* Add Request class with HTTP signature generator Spec: https://tools.ietf.org/html/draft-cavage-http-signatures-06 * Add HTTP signature verification concern * Add test for SignatureVerification concern * Add basic test for Request class * Make PuSH subscribe/unsubscribe requests use new Request class Accidentally fix lease_seconds not being set and sent properly, and change the new minimum subscription duration to 1 day * Make all PuSH workers use new Request class * Make Salmon sender use new Request class * Make FetchLinkService use new Request class * Make FetchAtomService use the new Request class * Make Remotable use the new Request class * Make ResolveRemoteAccountService use the new Request class * Add more tests * Allow +-30 seconds window for signed request to remain valid * Disable time window validation for signed requests, restore 7 days as PuSH subscription duration (which was previous default due to a bug)
56 lines
1.5 KiB
Ruby
56 lines
1.5 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class SubscribeService < BaseService
|
|
def call(account)
|
|
@account = account
|
|
@account.secret = SecureRandom.hex
|
|
@response = build_request.perform
|
|
|
|
if response_failed_permanently?
|
|
# We're not allowed to subscribe. Fail and move on.
|
|
@account.secret = ''
|
|
@account.save!
|
|
elsif response_successful?
|
|
# The subscription will be confirmed asynchronously.
|
|
@account.save!
|
|
else
|
|
# The response was either a 429 rate limit, or a 5xx error.
|
|
# We need to retry at a later time. Fail loudly!
|
|
raise "Subscription attempt failed for #{@account.acct} (#{@account.hub_url}): HTTP #{@response.code}"
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def build_request
|
|
request = Request.new(:post, @account.hub_url, form: subscription_params)
|
|
request.on_behalf_of(some_local_account) if some_local_account
|
|
request
|
|
end
|
|
|
|
def subscription_params
|
|
{
|
|
'hub.topic': @account.remote_url,
|
|
'hub.mode': 'subscribe',
|
|
'hub.callback': api_subscription_url(@account.id),
|
|
'hub.verify': 'async',
|
|
'hub.secret': @account.secret,
|
|
'hub.lease_seconds': 7.days.seconds,
|
|
}
|
|
end
|
|
|
|
def some_local_account
|
|
@some_local_account ||= Account.local.first
|
|
end
|
|
|
|
# Any response in the 3xx or 4xx range, except for 429 (rate limit)
|
|
def response_failed_permanently?
|
|
(@response.status.redirect? || @response.status.client_error?) && !@response.status.too_many_requests?
|
|
end
|
|
|
|
# Any response in the 2xx range
|
|
def response_successful?
|
|
@response.status.success?
|
|
end
|
|
end
|