1
0
Fork 1
forked from fedi/mastodon
mastodon/app/services/activitypub/fetch_remote_account_service.rb
Eugen Rochko c743b5e1fd Fix possible acct: uri usurpation in ActivityPub account discovery (#5208)
Signed-off-by: Eugen Rochko <eugen@zeonfederated.com>
2017-10-04 00:33:56 +02:00

56 lines
1.6 KiB
Ruby

# frozen_string_literal: true
class ActivityPub::FetchRemoteAccountService < BaseService
include JsonLdHelper
# Should be called when uri has already been checked for locality
# Does a WebFinger roundtrip on each call
def call(uri, prefetched_json = nil)
@json = body_to_json(prefetched_json) || fetch_resource(uri)
return unless supported_context? && expected_type?
@uri = @json['id']
@username = @json['preferredUsername']
@domain = Addressable::URI.parse(uri).normalized_host
return unless verified_webfinger?
ActivityPub::ProcessAccountService.new.call(@username, @domain, @json)
rescue Oj::ParseError
nil
end
private
def verified_webfinger?
webfinger = Goldfinger.finger("acct:#{@username}@#{@domain}")
confirmed_username, confirmed_domain = split_acct(webfinger.subject)
return true if @username.casecmp(confirmed_username).zero? && @domain.casecmp(confirmed_domain).zero?
webfinger = Goldfinger.finger("acct:#{confirmed_username}@#{confirmed_domain}")
@username, @domain = split_acct(webfinger.subject)
self_reference = webfinger.link('self')
return false unless @username.casecmp(confirmed_username).zero? && @domain.casecmp(confirmed_domain).zero?
return false if self_reference&.href != @uri
true
rescue Goldfinger::Error
false
end
def split_acct(acct)
acct.gsub(/\Aacct:/, '').split('@')
end
def supported_context?
super(@json)
end
def expected_type?
@json['type'] == 'Person'
end
end