mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-01-23 07:18:11 +00:00
Merge branch 'master' into feature-activitypub
This commit is contained in:
commit
609fcc7514
3 changed files with 91 additions and 32 deletions
68
integrations/webfinger_test.go
Normal file
68
integrations/webfinger_test.go
Normal file
|
@ -0,0 +1,68 @@
|
||||||
|
// Copyright 2022 The Gitea Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a MIT-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
package integrations
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"net/http"
|
||||||
|
"net/url"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"code.gitea.io/gitea/models/unittest"
|
||||||
|
user_model "code.gitea.io/gitea/models/user"
|
||||||
|
"code.gitea.io/gitea/modules/setting"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestWebfinger(t *testing.T) {
|
||||||
|
defer prepareTestEnv(t)()
|
||||||
|
|
||||||
|
setting.Federation.Enabled = true
|
||||||
|
defer func() {
|
||||||
|
setting.Federation.Enabled = false
|
||||||
|
}()
|
||||||
|
|
||||||
|
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}).(*user_model.User)
|
||||||
|
|
||||||
|
appURL, _ := url.Parse(setting.AppURL)
|
||||||
|
|
||||||
|
type webfingerLink struct {
|
||||||
|
Rel string `json:"rel,omitempty"`
|
||||||
|
Type string `json:"type,omitempty"`
|
||||||
|
Href string `json:"href,omitempty"`
|
||||||
|
Titles map[string]string `json:"titles,omitempty"`
|
||||||
|
Properties map[string]interface{} `json:"properties,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type webfingerJRD struct {
|
||||||
|
Subject string `json:"subject,omitempty"`
|
||||||
|
Aliases []string `json:"aliases,omitempty"`
|
||||||
|
Properties map[string]interface{} `json:"properties,omitempty"`
|
||||||
|
Links []*webfingerLink `json:"links,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
session := loginUser(t, "user1")
|
||||||
|
|
||||||
|
req := NewRequest(t, "GET", fmt.Sprintf("/.well-known/webfinger?resource=acct:%s@%s", user.LowerName, appURL.Host))
|
||||||
|
resp := MakeRequest(t, req, http.StatusOK)
|
||||||
|
|
||||||
|
var jrd webfingerJRD
|
||||||
|
DecodeJSON(t, resp, &jrd)
|
||||||
|
assert.Equal(t, "acct:user2@"+appURL.Host, jrd.Subject)
|
||||||
|
assert.ElementsMatch(t, []string{user.HTMLURL()}, jrd.Aliases)
|
||||||
|
|
||||||
|
req = NewRequest(t, "GET", fmt.Sprintf("/.well-known/webfinger?resource=acct:%s@%s", user.LowerName, "unknown.host"))
|
||||||
|
MakeRequest(t, req, http.StatusBadRequest)
|
||||||
|
|
||||||
|
req = NewRequest(t, "GET", fmt.Sprintf("/.well-known/webfinger?resource=acct:%s@%s", "user31", appURL.Host))
|
||||||
|
MakeRequest(t, req, http.StatusNotFound)
|
||||||
|
|
||||||
|
req = NewRequest(t, "GET", fmt.Sprintf("/.well-known/webfinger?resource=acct:%s@%s", "user31", appURL.Host))
|
||||||
|
session.MakeRequest(t, req, http.StatusOK)
|
||||||
|
|
||||||
|
req = NewRequest(t, "GET", fmt.Sprintf("/.well-known/webfinger?resource=mailto:%s", user.Email))
|
||||||
|
MakeRequest(t, req, http.StatusNotFound)
|
||||||
|
}
|
|
@ -282,6 +282,13 @@ func RegisterRoutes(m *web.Route) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
federationEnabled := func(ctx *context.Context) {
|
||||||
|
if !setting.Federation.Enabled {
|
||||||
|
ctx.Error(http.StatusNotFound)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// FIXME: not all routes need go through same middleware.
|
// FIXME: not all routes need go through same middleware.
|
||||||
// Especially some AJAX requests, we can reduce middleware number to improve performance.
|
// Especially some AJAX requests, we can reduce middleware number to improve performance.
|
||||||
// Routers.
|
// Routers.
|
||||||
|
@ -289,10 +296,10 @@ func RegisterRoutes(m *web.Route) {
|
||||||
m.Get("/", Home)
|
m.Get("/", Home)
|
||||||
m.Group("/.well-known", func() {
|
m.Group("/.well-known", func() {
|
||||||
m.Get("/openid-configuration", auth.OIDCWellKnown)
|
m.Get("/openid-configuration", auth.OIDCWellKnown)
|
||||||
if setting.Federation.Enabled {
|
m.Group("", func() {
|
||||||
m.Get("/nodeinfo", NodeInfoLinks)
|
m.Get("/nodeinfo", NodeInfoLinks)
|
||||||
m.Get("/webfinger", WebfingerQuery)
|
m.Get("/webfinger", WebfingerQuery)
|
||||||
}
|
}, federationEnabled)
|
||||||
m.Get("/change-password", func(w http.ResponseWriter, req *http.Request) {
|
m.Get("/change-password", func(w http.ResponseWriter, req *http.Request) {
|
||||||
http.Redirect(w, req, "/user/settings/account", http.StatusTemporaryRedirect)
|
http.Redirect(w, req, "/user/settings/account", http.StatusTemporaryRedirect)
|
||||||
})
|
})
|
||||||
|
|
|
@ -8,7 +8,6 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
"regexp"
|
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
user_model "code.gitea.io/gitea/models/user"
|
user_model "code.gitea.io/gitea/models/user"
|
||||||
|
@ -17,8 +16,6 @@ import (
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
)
|
)
|
||||||
|
|
||||||
var webfingerRessourcePattern = regexp.MustCompile(`(?i)\A([a-z^:]+):(.*)\z`)
|
|
||||||
|
|
||||||
// https://datatracker.ietf.org/doc/html/draft-ietf-appsawg-webfinger-14#section-4.4
|
// https://datatracker.ietf.org/doc/html/draft-ietf-appsawg-webfinger-14#section-4.4
|
||||||
|
|
||||||
type webfingerJRD struct {
|
type webfingerJRD struct {
|
||||||
|
@ -39,26 +36,20 @@ type webfingerLink struct {
|
||||||
// WebfingerQuery returns informations about a resource
|
// WebfingerQuery returns informations about a resource
|
||||||
// https://datatracker.ietf.org/doc/html/rfc7565
|
// https://datatracker.ietf.org/doc/html/rfc7565
|
||||||
func WebfingerQuery(ctx *context.Context) {
|
func WebfingerQuery(ctx *context.Context) {
|
||||||
resource := ctx.FormTrim("resource")
|
|
||||||
|
|
||||||
scheme := "acct"
|
|
||||||
uri := resource
|
|
||||||
|
|
||||||
match := webfingerRessourcePattern.FindStringSubmatch(resource)
|
|
||||||
if match != nil {
|
|
||||||
scheme = match[1]
|
|
||||||
uri = match[2]
|
|
||||||
}
|
|
||||||
|
|
||||||
appURL, _ := url.Parse(setting.AppURL)
|
appURL, _ := url.Parse(setting.AppURL)
|
||||||
|
|
||||||
var u *user_model.User
|
resource, err := url.Parse(ctx.FormTrim("resource"))
|
||||||
var err error
|
if err != nil {
|
||||||
|
ctx.Error(http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
switch scheme {
|
var u *user_model.User
|
||||||
|
|
||||||
|
switch resource.Scheme {
|
||||||
case "acct":
|
case "acct":
|
||||||
// allow only the current host
|
// allow only the current host
|
||||||
parts := strings.SplitN(uri, "@", 2)
|
parts := strings.SplitN(resource.Opaque, "@", 2)
|
||||||
if len(parts) != 2 {
|
if len(parts) != 2 {
|
||||||
ctx.Error(http.StatusBadRequest)
|
ctx.Error(http.StatusBadRequest)
|
||||||
return
|
return
|
||||||
|
@ -70,7 +61,10 @@ func WebfingerQuery(ctx *context.Context) {
|
||||||
|
|
||||||
u, err = user_model.GetUserByNameCtx(ctx, parts[0])
|
u, err = user_model.GetUserByNameCtx(ctx, parts[0])
|
||||||
case "mailto":
|
case "mailto":
|
||||||
u, err = user_model.GetUserByEmailContext(ctx, uri)
|
u, err = user_model.GetUserByEmailContext(ctx, resource.Opaque)
|
||||||
|
if u != nil && u.KeepEmailPrivate {
|
||||||
|
err = user_model.ErrUserNotExist{}
|
||||||
|
}
|
||||||
default:
|
default:
|
||||||
ctx.Error(http.StatusBadRequest)
|
ctx.Error(http.StatusBadRequest)
|
||||||
return
|
return
|
||||||
|
@ -79,7 +73,7 @@ func WebfingerQuery(ctx *context.Context) {
|
||||||
if user_model.IsErrUserNotExist(err) {
|
if user_model.IsErrUserNotExist(err) {
|
||||||
ctx.Error(http.StatusNotFound)
|
ctx.Error(http.StatusNotFound)
|
||||||
} else {
|
} else {
|
||||||
log.Error("Error getting user: %v", err)
|
log.Error("Error getting user: %s Error: %v", resource.Opaque, err)
|
||||||
ctx.Error(http.StatusInternalServerError)
|
ctx.Error(http.StatusInternalServerError)
|
||||||
}
|
}
|
||||||
return
|
return
|
||||||
|
@ -92,7 +86,6 @@ func WebfingerQuery(ctx *context.Context) {
|
||||||
|
|
||||||
aliases := []string{
|
aliases := []string{
|
||||||
u.HTMLURL(),
|
u.HTMLURL(),
|
||||||
appURL.String() + "api/v1/activitypub/user/" + strings.ToLower(u.Name),
|
|
||||||
}
|
}
|
||||||
if !u.KeepEmailPrivate {
|
if !u.KeepEmailPrivate {
|
||||||
aliases = append(aliases, fmt.Sprintf("mailto:%s", u.Email))
|
aliases = append(aliases, fmt.Sprintf("mailto:%s", u.Email))
|
||||||
|
@ -108,15 +101,6 @@ func WebfingerQuery(ctx *context.Context) {
|
||||||
Rel: "http://webfinger.net/rel/avatar",
|
Rel: "http://webfinger.net/rel/avatar",
|
||||||
Href: u.AvatarLink(),
|
Href: u.AvatarLink(),
|
||||||
},
|
},
|
||||||
{
|
|
||||||
Rel: "self",
|
|
||||||
Type: "application/activity+json",
|
|
||||||
Href: appURL.String() + "api/v1/activitypub/user/" + strings.ToLower(u.Name),
|
|
||||||
},
|
|
||||||
{
|
|
||||||
Rel: "http://ostatus.org/schema/1.0/subscribe",
|
|
||||||
Href: appURL.String() + "api/v1/authorize_interaction?uri={uri}",
|
|
||||||
},
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx.JSON(http.StatusOK, &webfingerJRD{
|
ctx.JSON(http.StatusOK, &webfingerJRD{
|
||||||
|
|
Loading…
Reference in a new issue