Fix bugs which OStatus accounts may detected as ActivityPub ready (#4662)

* Fallback to OStatus in FetchAtomService

* Skip activity+json link if that activity is Person without inbox
* If unsupported activity was detected and all other URLs failed, retry with ActivityPub-less Accept header

* Allow mention to OStatus account in ActivityPub

* Don't update profile with inbox-less Person object
remotes/1727458204337373841/tmp_refs/heads/signup-info-prompt
unarist 2017-08-23 01:30:15 +09:00 committed by Eugen Rochko
parent 72bb3e03fd
commit d63de55ef8
4 changed files with 67 additions and 24 deletions

View File

@ -68,7 +68,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
def process_mention(tag, status) def process_mention(tag, status)
account = account_from_uri(tag['href']) account = account_from_uri(tag['href'])
account = ActivityPub::FetchRemoteAccountService.new.call(tag['href']) if account.nil? account = FetchRemoteAccountService.new.call(tag['href']) if account.nil?
return if account.nil? return if account.nil?
account.mentions.create(status: status) account.mentions.create(status: status)
end end

View File

@ -6,6 +6,8 @@ class ActivityPub::ProcessAccountService < BaseService
# Should be called with confirmed valid JSON # Should be called with confirmed valid JSON
# and WebFinger-resolved username and domain # and WebFinger-resolved username and domain
def call(username, domain, json) def call(username, domain, json)
return unless json['inbox'].present?
@json = json @json = json
@uri = @json['id'] @uri = @json['id']
@username = username @username = username

View File

@ -1,13 +1,17 @@
# frozen_string_literal: true # frozen_string_literal: true
class FetchAtomService < BaseService class FetchAtomService < BaseService
include JsonLdHelper
def call(url) def call(url)
return if url.blank? return if url.blank?
@url = url result = process(url)
perform_request # retry without ActivityPub
process_response result ||= process(url) if @unsupported_activity
result
rescue OpenSSL::SSL::SSLError => e rescue OpenSSL::SSL::SSLError => e
Rails.logger.debug "SSL error: #{e}" Rails.logger.debug "SSL error: #{e}"
nil nil
@ -18,9 +22,18 @@ class FetchAtomService < BaseService
private private
def process(url, terminal = false)
@url = url
perform_request
process_response(terminal)
end
def perform_request def perform_request
accept = 'text/html'
accept = 'application/activity+json, application/ld+json, application/atom+xml, ' + accept unless @unsupported_activity
@response = Request.new(:get, @url) @response = Request.new(:get, @url)
.add_headers('Accept' => 'application/activity+json, application/ld+json, application/atom+xml, text/html') .add_headers('Accept' => accept)
.perform .perform
end end
@ -30,7 +43,12 @@ class FetchAtomService < BaseService
if @response.mime_type == 'application/atom+xml' if @response.mime_type == 'application/atom+xml'
[@url, @response.to_s, :ostatus] [@url, @response.to_s, :ostatus]
elsif ['application/activity+json', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'].include?(@response.mime_type) elsif ['application/activity+json', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'].include?(@response.mime_type)
if supported_activity?(@response.to_s)
[@url, @response.to_s, :activitypub] [@url, @response.to_s, :activitypub]
else
@unsupported_activity = true
nil
end
elsif @response['Link'] && !terminal elsif @response['Link'] && !terminal
process_headers process_headers
elsif @response.mime_type == 'text/html' && !terminal elsif @response.mime_type == 'text/html' && !terminal
@ -44,15 +62,10 @@ class FetchAtomService < BaseService
json_link = page.xpath('//link[@rel="alternate"]').find { |link| ['application/activity+json', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'].include?(link['type']) } json_link = page.xpath('//link[@rel="alternate"]').find { |link| ['application/activity+json', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'].include?(link['type']) }
atom_link = page.xpath('//link[@rel="alternate"]').find { |link| link['type'] == 'application/atom+xml' } atom_link = page.xpath('//link[@rel="alternate"]').find { |link| link['type'] == 'application/atom+xml' }
if !json_link.nil? result ||= process(json_link.href, terminal: true) unless json_link.nil? || @unsupported_activity
@url = json_link['href'] result ||= process(atom_link.href, terminal: true) unless atom_link.nil?
perform_request
process_response(true) result
elsif !atom_link.nil?
@url = atom_link['href']
perform_request
process_response(true)
end
end end
def process_headers def process_headers
@ -61,14 +74,15 @@ class FetchAtomService < BaseService
json_link = link_header.find_link(%w(rel alternate), %w(type application/activity+json)) || link_header.find_link(%w(rel alternate), ['type', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"']) json_link = link_header.find_link(%w(rel alternate), %w(type application/activity+json)) || link_header.find_link(%w(rel alternate), ['type', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'])
atom_link = link_header.find_link(%w(rel alternate), %w(type application/atom+xml)) atom_link = link_header.find_link(%w(rel alternate), %w(type application/atom+xml))
if !json_link.nil? result ||= process(json_link.href, terminal: true) unless json_link.nil? || @unsupported_activity
@url = json_link.href result ||= process(atom_link.href, terminal: true) unless atom_link.nil?
perform_request
process_response(true) result
elsif !atom_link.nil?
@url = atom_link.href
perform_request
process_response(true)
end end
def supported_activity?(body)
json = body_to_json(body)
return false if json.nil? || !supported_context?(json)
json['type'] == 'Person' ? json['inbox'].present? : true
end end
end end

View File

@ -11,6 +11,7 @@ RSpec.describe ActivityPub::FetchRemoteAccountService do
preferredUsername: 'alice', preferredUsername: 'alice',
name: 'Alice', name: 'Alice',
summary: 'Foo bar', summary: 'Foo bar',
inbox: 'http://example.com/alice/inbox',
} }
end end
@ -35,6 +36,32 @@ RSpec.describe ActivityPub::FetchRemoteAccountService do
end end
end end
context 'when the account does not have a inbox' do
let!(:webfinger) { { subject: 'acct:alice@example.com', links: [{ rel: 'self', href: 'https://example.com/alice' }] } }
before do
actor[:inbox] = nil
stub_request(:get, 'https://example.com/alice').to_return(body: Oj.dump(actor))
stub_request(:get, 'https://example.com/.well-known/webfinger?resource=acct:alice@example.com').to_return(body: Oj.dump(webfinger), headers: { 'Content-Type': 'application/jrd+json' })
end
it 'fetches resource' do
account
expect(a_request(:get, 'https://example.com/alice')).to have_been_made.once
end
it 'looks up webfinger' do
account
expect(a_request(:get, 'https://example.com/.well-known/webfinger?resource=acct:alice@example.com')).to have_been_made.once
end
it 'returns nil' do
expect(account).to be_nil
end
end
context 'when URI and WebFinger share the same host' do context 'when URI and WebFinger share the same host' do
let!(:webfinger) { { subject: 'acct:alice@example.com', links: [{ rel: 'self', href: 'https://example.com/alice' }] } } let!(:webfinger) { { subject: 'acct:alice@example.com', links: [{ rel: 'self', href: 'https://example.com/alice' }] } }