activitypub-federation-rust/src/utils/mod.rs

105 lines
3.3 KiB
Rust
Raw Normal View History

use crate::{
request_data::RequestData,
utils::reqwest_shim::ResponseExt,
Error,
APUB_JSON_CONTENT_TYPE,
};
use http::{header::HeaderName, HeaderValue, StatusCode};
2022-06-02 11:17:12 +00:00
use serde::de::DeserializeOwned;
use std::{collections::BTreeMap, sync::atomic::Ordering};
use tracing::info;
2022-06-02 11:17:12 +00:00
use url::Url;
pub(crate) mod reqwest_shim;
/// Fetch a remote object over HTTP and convert to `Kind`.
///
/// [crate::core::object_id::ObjectId::dereference] wraps this function to add caching and
/// conversion to database type. Only use this function directly in exceptional cases where that
/// behaviour is undesired.
///
/// Every time an object is fetched via HTTP, [RequestData.request_counter] is incremented by one.
/// If the value exceeds [FederationSettings.http_fetch_limit], the request is aborted with
/// [Error::RequestLimit]. This prevents denial of service attacks where an attack triggers
/// infinite, recursive fetching of data.
pub async fn fetch_object_http<T: Clone, Kind: DeserializeOwned>(
2022-06-02 11:17:12 +00:00
url: &Url,
data: &RequestData<T>,
2022-06-02 11:17:12 +00:00
) -> Result<Kind, Error> {
let config = &data.config;
2022-06-02 11:17:12 +00:00
// dont fetch local objects this way
debug_assert!(url.domain() != Some(&config.hostname));
config.verify_url_valid(url).await?;
2022-06-02 11:17:12 +00:00
info!("Fetching remote object {}", url.to_string());
let counter = data.request_counter.fetch_add(1, Ordering::SeqCst);
if counter > config.http_fetch_limit {
2022-06-02 11:17:12 +00:00
return Err(Error::RequestLimit);
}
let res = config
2022-06-02 11:17:12 +00:00
.client
.get(url.as_str())
.header("Accept", APUB_JSON_CONTENT_TYPE)
.timeout(config.request_timeout)
2022-06-02 11:17:12 +00:00
.send()
.await
.map_err(Error::conv)?;
if res.status() == StatusCode::GONE {
return Err(Error::ObjectDeleted);
}
res.json_limited().await
2022-06-02 11:17:12 +00:00
}
/// Check that both urls have the same domain. If not, return UrlVerificationError.
///
/// ```
/// # use url::Url;
/// # use activitypub_federation::utils::verify_domains_match;
/// let a = Url::parse("https://example.com/abc")?;
/// let b = Url::parse("https://sample.net/abc")?;
/// assert!(verify_domains_match(&a, &b).is_err());
/// # Ok::<(), url::ParseError>(())
/// ```
2022-06-02 11:17:12 +00:00
pub fn verify_domains_match(a: &Url, b: &Url) -> Result<(), Error> {
if a.domain() != b.domain() {
return Err(Error::UrlVerificationError("Domains do not match"));
}
Ok(())
}
/// Check that both urls are identical. If not, return UrlVerificationError.
///
/// ```
/// # use url::Url;
/// # use activitypub_federation::utils::verify_urls_match;
/// let a = Url::parse("https://example.com/abc")?;
/// let b = Url::parse("https://example.com/123")?;
/// assert!(verify_urls_match(&a, &b).is_err());
/// # Ok::<(), url::ParseError>(())
/// ```
2022-06-02 11:17:12 +00:00
pub fn verify_urls_match(a: &Url, b: &Url) -> Result<(), Error> {
if a != b {
return Err(Error::UrlVerificationError("Urls do not match"));
}
Ok(())
}
/// Utility to converts either actix or axum headermap to a BTreeMap
pub fn header_to_map<'a, H>(headers: H) -> BTreeMap<String, String>
where
H: IntoIterator<Item = (&'a HeaderName, &'a HeaderValue)>,
{
let mut header_map = BTreeMap::new();
for (name, value) in headers {
if let Ok(value) = value.to_str() {
header_map.insert(name.to_string(), value.to_string());
}
}
header_map
}