respect content-type header in finger request

This commit is contained in:
Alexander Strizhakov 2021-03-18 13:49:03 +03:00
parent a9bc652ab9
commit d7e51206a2
No known key found for this signature in database
GPG key ID: 022896A53AEF1381
5 changed files with 141 additions and 69 deletions

View file

@ -94,7 +94,8 @@ defmodule Pleroma.Web.WebFinger do
|> XmlBuilder.to_doc() |> XmlBuilder.to_doc()
end end
defp webfinger_from_xml(doc) do defp webfinger_from_xml(body) do
with {:ok, doc} <- XML.parse_document(body) do
subject = XML.string_from_xpath("//Subject", doc) subject = XML.string_from_xpath("//Subject", doc)
subscribe_address = subscribe_address =
@ -113,8 +114,10 @@ defmodule Pleroma.Web.WebFinger do
{:ok, data} {:ok, data}
end end
end
defp webfinger_from_json(doc) do defp webfinger_from_json(body) do
with {:ok, doc} <- Jason.decode(body) do
data = data =
Enum.reduce(doc["links"], %{"subject" => doc["subject"]}, fn link, data -> Enum.reduce(doc["links"], %{"subject" => doc["subject"]}, fn link, data ->
case {link["type"], link["rel"]} do case {link["type"], link["rel"]} do
@ -135,11 +138,12 @@ defmodule Pleroma.Web.WebFinger do
{:ok, data} {:ok, data}
end end
end
def get_template_from_xml(body) do def get_template_from_xml(body) do
xpath = "//Link[@rel='lrdd']/@template" xpath = "//Link[@rel='lrdd']/@template"
with doc when doc != :error <- XML.parse_document(body), with {:ok, doc} <- XML.parse_document(body),
template when template != nil <- XML.string_from_xpath(xpath, doc) do template when template != nil <- XML.string_from_xpath(xpath, doc) do
{:ok, template} {:ok, template}
end end
@ -192,15 +196,23 @@ defmodule Pleroma.Web.WebFinger do
address, address,
[{"accept", "application/xrd+xml,application/jrd+json"}] [{"accept", "application/xrd+xml,application/jrd+json"}]
), ),
{:ok, %{status: status, body: body}} when status in 200..299 <- response do {:ok, %{status: status, body: body, headers: headers}} when status in 200..299 <-
doc = XML.parse_document(body) response do
case List.keyfind(headers, "content-type", 0) do
{_, content_type} ->
case Plug.Conn.Utils.media_type(content_type) do
{:ok, "application", subtype, _} when subtype in ~w(xrd+xml xml) ->
webfinger_from_xml(body)
if doc != :error do {:ok, "application", subtype, _} when subtype in ~w(jrd+json json) ->
webfinger_from_xml(doc) webfinger_from_json(body)
else
with {:ok, doc} <- Jason.decode(body) do _ ->
webfinger_from_json(doc) {:error, {:content_type, content_type}}
end end
_ ->
{:error, {:content_type, nil}}
end end
else else
e -> e ->

View file

@ -31,7 +31,7 @@ defmodule Pleroma.Web.XML do
|> :binary.bin_to_list() |> :binary.bin_to_list()
|> :xmerl_scan.string(quiet: true) |> :xmerl_scan.string(quiet: true)
doc {:ok, doc}
rescue rescue
_e -> _e ->
Logger.debug("Couldn't parse XML: #{inspect(text)}") Logger.debug("Couldn't parse XML: #{inspect(text)}")

View file

@ -1,4 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0">
<Link rel="lrdd" template="https://zetsubou.xn--q9jyb4c/.well-known/webfinger?resource={uri}" type="application/xrd+xml" />
</XRD>

View file

@ -45,6 +45,26 @@ defmodule Pleroma.Web.WebFingerTest do
assert {:error, _} = WebFinger.finger("pleroma.social") assert {:error, _} = WebFinger.finger("pleroma.social")
end end
test "returns error when there is no content-type header" do
Tesla.Mock.mock(fn
%{url: "http://social.heldscal.la/.well-known/host-meta"} ->
{:ok,
%Tesla.Env{
status: 200,
body: File.read!("test/fixtures/tesla_mock/social.heldscal.la_host_meta")
}}
%{
url:
"https://social.heldscal.la/.well-known/webfinger?resource=acct:invalid_content@social.heldscal.la"
} ->
{:ok, %Tesla.Env{status: 200, body: ""}}
end)
user = "invalid_content@social.heldscal.la"
assert {:error, {:content_type, nil}} = WebFinger.finger(user)
end
test "returns error when fails parse xml or json" do test "returns error when fails parse xml or json" do
user = "invalid_content@social.heldscal.la" user = "invalid_content@social.heldscal.la"
assert {:error, %Jason.DecodeError{}} = WebFinger.finger(user) assert {:error, %Jason.DecodeError{}} = WebFinger.finger(user)
@ -113,5 +133,52 @@ defmodule Pleroma.Web.WebFingerTest do
ap_id = "https://" <> to_string(:idna.encode("zetsubou.みんな")) <> "/users/lain" ap_id = "https://" <> to_string(:idna.encode("zetsubou.みんな")) <> "/users/lain"
{:ok, _data} = WebFinger.finger(ap_id) {:ok, _data} = WebFinger.finger(ap_id)
end end
test "respects json content-type" do
Tesla.Mock.mock(fn
%{
url:
"https://mastodon.social/.well-known/webfinger?resource=acct:emelie@mastodon.social"
} ->
{:ok,
%Tesla.Env{
status: 200,
body: File.read!("test/fixtures/tesla_mock/webfinger_emelie.json"),
headers: [{"content-type", "application/jrd+json"}]
}}
%{url: "http://mastodon.social/.well-known/host-meta"} ->
{:ok,
%Tesla.Env{
status: 200,
body: File.read!("test/fixtures/tesla_mock/mastodon.social_host_meta")
}}
end)
{:ok, _data} = WebFinger.finger("emelie@mastodon.social")
end
test "respects xml content-type" do
Tesla.Mock.mock(fn
%{
url: "https://pawoo.net/.well-known/webfinger?resource=acct:pekorino@pawoo.net"
} ->
{:ok,
%Tesla.Env{
status: 200,
body: File.read!("test/fixtures/tesla_mock/https___pawoo.net_users_pekorino.xml"),
headers: [{"content-type", "application/xrd+xml"}]
}}
%{url: "http://pawoo.net/.well-known/host-meta"} ->
{:ok,
%Tesla.Env{
status: 200,
body: File.read!("test/fixtures/tesla_mock/pawoo.net_host_meta")
}}
end)
{:ok, _data} = WebFinger.finger("pekorino@pawoo.net")
end
end end
end end

View file

@ -122,7 +122,7 @@ defmodule HttpRequestMock do
%Tesla.Env{ %Tesla.Env{
status: 200, status: 200,
body: File.read!("test/fixtures/tesla_mock/mike@osada.macgirvin.com.json"), body: File.read!("test/fixtures/tesla_mock/mike@osada.macgirvin.com.json"),
headers: activitypub_object_headers() headers: [{"content-type", "application/jrd+json"}]
}} }}
end end
@ -187,7 +187,8 @@ defmodule HttpRequestMock do
{:ok, {:ok,
%Tesla.Env{ %Tesla.Env{
status: 200, status: 200,
body: File.read!("test/fixtures/tesla_mock/lain_squeet.me_webfinger.xml") body: File.read!("test/fixtures/tesla_mock/lain_squeet.me_webfinger.xml"),
headers: [{"content-type", "application/xrd+xml"}]
}} }}
end end
@ -526,22 +527,6 @@ defmodule HttpRequestMock do
}} }}
end end
def get("http://zetsubou.xn--q9jyb4c/.well-known/host-meta", _, _, _) do
{:ok,
%Tesla.Env{
status: 200,
body: File.read!("test/fixtures/tesla_mock/xn--q9jyb4c_host_meta")
}}
end
def get("https://zetsubou.xn--q9jyb4c/.well-known/host-meta", _, _, _) do
{:ok,
%Tesla.Env{
status: 200,
body: File.read!("test/fixtures/tesla_mock/xn--q9jyb4c_host_meta")
}}
end
def get("http://pleroma.soykaf.com/.well-known/host-meta", _, _, _) do def get("http://pleroma.soykaf.com/.well-known/host-meta", _, _, _) do
{:ok, {:ok,
%Tesla.Env{ %Tesla.Env{
@ -786,7 +771,8 @@ defmodule HttpRequestMock do
{:ok, {:ok,
%Tesla.Env{ %Tesla.Env{
status: 200, status: 200,
body: File.read!("test/fixtures/tesla_mock/shp@social.heldscal.la.xml") body: File.read!("test/fixtures/tesla_mock/shp@social.heldscal.la.xml"),
headers: [{"content-type", "application/xrd+xml"}]
}} }}
end end
@ -796,7 +782,7 @@ defmodule HttpRequestMock do
_, _,
[{"accept", "application/xrd+xml,application/jrd+json"}] [{"accept", "application/xrd+xml,application/jrd+json"}]
) do ) do
{:ok, %Tesla.Env{status: 200, body: ""}} {:ok, %Tesla.Env{status: 200, body: "", headers: [{"content-type", "application/jrd+json"}]}}
end end
def get("http://framatube.org/.well-known/host-meta", _, _, _) do def get("http://framatube.org/.well-known/host-meta", _, _, _) do
@ -816,7 +802,7 @@ defmodule HttpRequestMock do
{:ok, {:ok,
%Tesla.Env{ %Tesla.Env{
status: 200, status: 200,
headers: [{"content-type", "application/json"}], headers: [{"content-type", "application/jrd+json"}],
body: File.read!("test/fixtures/tesla_mock/framasoft@framatube.org.json") body: File.read!("test/fixtures/tesla_mock/framasoft@framatube.org.json")
}} }}
end end
@ -876,7 +862,7 @@ defmodule HttpRequestMock do
{:ok, {:ok,
%Tesla.Env{ %Tesla.Env{
status: 200, status: 200,
headers: [{"content-type", "application/json"}], headers: [{"content-type", "application/jrd+json"}],
body: File.read!("test/fixtures/tesla_mock/kaniini@gerzilla.de.json") body: File.read!("test/fixtures/tesla_mock/kaniini@gerzilla.de.json")
}} }}
end end
@ -1074,7 +1060,8 @@ defmodule HttpRequestMock do
{:ok, {:ok,
%Tesla.Env{ %Tesla.Env{
status: 200, status: 200,
body: File.read!("test/fixtures/lain.xml") body: File.read!("test/fixtures/lain.xml"),
headers: [{"content-type", "application/xrd+xml"}]
}} }}
end end
@ -1087,7 +1074,16 @@ defmodule HttpRequestMock do
{:ok, {:ok,
%Tesla.Env{ %Tesla.Env{
status: 200, status: 200,
body: File.read!("test/fixtures/lain.xml") body: File.read!("test/fixtures/lain.xml"),
headers: [{"content-type", "application/xrd+xml"}]
}}
end
def get("http://zetsubou.xn--q9jyb4c/.well-known/host-meta", _, _, _) do
{:ok,
%Tesla.Env{
status: 200,
body: File.read!("test/fixtures/host-meta-zetsubou.xn--q9jyb4c.xml")
}} }}
end end
@ -1153,7 +1149,8 @@ defmodule HttpRequestMock do
{:ok, {:ok,
%Tesla.Env{ %Tesla.Env{
status: 200, status: 200,
body: File.read!("test/fixtures/tesla_mock/kpherox@mstdn.jp.xml") body: File.read!("test/fixtures/tesla_mock/kpherox@mstdn.jp.xml"),
headers: [{"content-type", "application/xrd+xml"}]
}} }}
end end