1
0
Fork 0
forked from fedi/mastodon

Upgrade to PubSubHubbub 0.4 (removing verify_token)

This commit is contained in:
Eugen Rochko 2016-09-20 02:43:20 +02:00
parent a86f21cf90
commit 608a2bfffc
9 changed files with 19 additions and 19 deletions

View file

@ -171,7 +171,7 @@ GEM
pkg-config (~> 1.1.7)
oj (2.17.3)
orm_adapter (0.5.0)
ostatus2 (0.2.1)
ostatus2 (0.3)
addressable (~> 2.4)
http (~> 1.0)
nokogiri (~> 1.6)

View file

@ -3,7 +3,7 @@ class Api::SubscriptionsController < ApiController
respond_to :txt
def show
if @account.subscription(api_subscription_url(@account.id)).valid?(params['hub.topic'], params['hub.verify_token'])
if @account.subscription(api_subscription_url(@account.id)).valid?(params['hub.topic'])
@account.update(subscription_expires_at: Time.now + (params['hub.lease_seconds'].to_i).seconds)
render plain: HTMLEntities.new.encode(params['hub.challenge']), status: 200
else

View file

@ -66,7 +66,7 @@ class Account < ApplicationRecord
end
def subscribed?
!(self.secret.blank? || self.verify_token.blank?)
!self.subscription_expires_at.nil?
end
def favourited?(status)
@ -82,7 +82,7 @@ class Account < ApplicationRecord
end
def subscription(webhook_url)
OStatus2::Subscription.new(self.remote_url, secret: self.secret, token: self.verify_token, webhook: webhook_url, hub: self.hub_url)
OStatus2::Subscription.new(self.remote_url, secret: self.secret, lease_seconds: 86400 * 30, webhook: webhook_url, hub: self.hub_url)
end
def ping!(atom_url, hubs)

View file

@ -1,15 +1,12 @@
class SubscribeService < BaseService
def call(account)
account.secret = SecureRandom.hex
account.verify_token = SecureRandom.hex
subscription = account.subscription(api_subscription_url(account.id))
response = subscription.subscribe
unless response.successful?
account.secret = ''
account.verify_token = ''
Rails.logger.debug "PuSH subscription request for #{account.acct} failed: #{response.message}"
end

View file

@ -0,0 +1,5 @@
class RemoveVerifyTokenFromAccounts < ActiveRecord::Migration[5.0]
def change
remove_column :accounts, :verify_token, :string, null: false, default: ''
end
end

View file

@ -10,7 +10,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20160919221059) do
ActiveRecord::Schema.define(version: 20160920003904) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
@ -18,7 +18,6 @@ ActiveRecord::Schema.define(version: 20160919221059) do
create_table "accounts", force: :cascade do |t|
t.string "username", default: "", null: false
t.string "domain"
t.string "verify_token", default: "", null: false
t.string "secret", default: "", null: false
t.text "private_key"
t.text "public_key", default: "", null: false

View file

@ -13,12 +13,13 @@ namespace :mastodon do
task clear: :environment do
Account.remote.without_followers.find_each do |a|
Rails.logger.debug "PuSH unsubscribing from #{a.acct}"
begin
a.subscription('').unsubscribe
rescue HTTP::Error, OpenSSL::SSL::SSLError
Rails.logger.debug "PuSH unsubscribing from #{a.acct} failed due to an HTTP or SSL error"
ensure
a.update!(verify_token: '', secret: '', subscription_expires_at: nil)
a.update!(secret: '', subscription_expires_at: nil)
end
end
end

View file

@ -3,11 +3,11 @@ require 'rails_helper'
RSpec.describe Api::SubscriptionsController, type: :controller do
render_views
let(:account) { Fabricate(:account, username: 'gargron', domain: 'quitter.no', verify_token: '123', remote_url: 'topic_url', secret: 'abc') }
let(:account) { Fabricate(:account, username: 'gargron', domain: 'quitter.no', remote_url: 'topic_url', secret: 'abc') }
describe 'GET #show' do
before do
get :show, params: { :id => account.id, 'hub.topic' => 'topic_url', 'hub.verify_token' => 123, 'hub.challenge' => '456' }
get :show, params: { :id => account.id, 'hub.topic' => 'topic_url', 'hub.challenge' => '456', 'hub.lease_seconds' => "#{86400 * 30}" }
end
it 'returns http success' do

View file

@ -66,14 +66,12 @@ RSpec.describe Account, type: :model do
end
describe '#subscribed?' do
it 'returns false when no secrets and tokens have been set' do
it 'returns false when no subscription expiration information is present' do
expect(subject.subscribed?).to be false
end
it 'returns true when the secret and token have been set' do
subject.secret = 'a'
subject.verify_token = 'b'
it 'returns true when subscription expiration has been set' do
subject.subscription_expires_at = 30.days.from_now
expect(subject.subscribed?).to be true
end
end