mirror of
https://github.com/lunaisnotaboy/mastodon.git
synced 2024-11-16 20:03:24 +00:00
8cf7006d4e
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is specifically required to be an Account * Refactor SignatureVerification to allow non-Account actors * fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService * Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors * Refactor inbound ActivityPub payload processing to accept non-Account actors * Refactor inbound ActivityPub processing to accept activities relayed through non-Account * Refactor how Account key URIs are built * Refactor Request and drop unused key_id_format parameter * Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
83 lines
3 KiB
Ruby
83 lines
3 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class FetchResourceService < BaseService
|
|
include JsonLdHelper
|
|
|
|
ACCEPT_HEADER = 'application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams", text/html;q=0.1'
|
|
|
|
attr_reader :response_code
|
|
|
|
def call(url)
|
|
return if url.blank?
|
|
|
|
process(url)
|
|
rescue HTTP::Error, OpenSSL::SSL::SSLError, Addressable::URI::InvalidURIError, Mastodon::HostValidationError, Mastodon::LengthValidationError => e
|
|
Rails.logger.debug "Error fetching resource #{@url}: #{e}"
|
|
nil
|
|
end
|
|
|
|
private
|
|
|
|
def process(url, terminal = false)
|
|
@url = url
|
|
|
|
perform_request { |response| process_response(response, terminal) }
|
|
end
|
|
|
|
def perform_request(&block)
|
|
Request.new(:get, @url).tap do |request|
|
|
request.add_headers('Accept' => ACCEPT_HEADER)
|
|
|
|
# In a real setting we want to sign all outgoing requests,
|
|
# in case the remote server has secure mode enabled and requires
|
|
# authentication on all resources. However, during development,
|
|
# sending request signatures with an inaccessible host is useless
|
|
# and prevents even public resources from being fetched, so
|
|
# don't do it
|
|
|
|
request.on_behalf_of(Account.representative) unless Rails.env.development?
|
|
end.perform(&block)
|
|
end
|
|
|
|
def process_response(response, terminal = false)
|
|
@response_code = response.code
|
|
return nil if response.code != 200
|
|
|
|
if ['application/activity+json', 'application/ld+json'].include?(response.mime_type)
|
|
body = response.body_with_limit
|
|
json = body_to_json(body)
|
|
|
|
[json['id'], { prefetched_body: body, id: true }] if supported_context?(json) && (equals_or_includes_any?(json['type'], ActivityPub::FetchRemoteActorService::SUPPORTED_TYPES) || expected_type?(json))
|
|
elsif !terminal
|
|
link_header = response['Link'] && parse_link_header(response)
|
|
|
|
if link_header&.find_link(%w(rel alternate))
|
|
process_link_headers(link_header)
|
|
elsif response.mime_type == 'text/html'
|
|
process_html(response)
|
|
end
|
|
end
|
|
end
|
|
|
|
def expected_type?(json)
|
|
equals_or_includes_any?(json['type'], ActivityPub::Activity::Create::SUPPORTED_TYPES + ActivityPub::Activity::Create::CONVERTED_TYPES)
|
|
end
|
|
|
|
def process_html(response)
|
|
page = Nokogiri::HTML(response.body_with_limit)
|
|
json_link = page.xpath('//link[@rel="alternate"]').find { |link| ['application/activity+json', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'].include?(link['type']) }
|
|
|
|
process(json_link['href'], terminal: true) unless json_link.nil?
|
|
end
|
|
|
|
def process_link_headers(link_header)
|
|
json_link = link_header.find_link(%w(rel alternate), %w(type application/activity+json)) || link_header.find_link(%w(rel alternate), ['type', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'])
|
|
|
|
process(json_link.href, terminal: true) unless json_link.nil?
|
|
end
|
|
|
|
def parse_link_header(response)
|
|
LinkHeader.parse(response['Link'].is_a?(Array) ? response['Link'].first : response['Link'])
|
|
end
|
|
end
|