From 943f679a6927177d0d92fcec96c3bd8e526de50e Mon Sep 17 00:00:00 2001 From: asonix Date: Mon, 19 Dec 2022 22:24:58 -0600 Subject: [PATCH] Allow activities without IDs, fetch actor unchecked --- src/routes/inbox.rs | 47 +++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 23 deletions(-) diff --git a/src/routes/inbox.rs b/src/routes/inbox.rs index 18e4949..133d7dd 100644 --- a/src/routes/inbox.rs +++ b/src/routes/inbox.rs @@ -40,13 +40,30 @@ pub(crate) async fn route( return Err(ErrorKind::NoSignature(None).into()); } - let actor = actors - .get( - input.actor()?.as_single_id().ok_or(ErrorKind::MissingId)?, - &client, - ) - .await? - .into_inner(); + let actor_id = if input.id_unchecked().is_some() { + input.actor()?.as_single_id().ok_or(ErrorKind::MissingId)? + } else { + input + .actor_unchecked() + .as_single_id() + .ok_or(ErrorKind::MissingId)? + }; + + let actor = actors.get(actor_id, &client).await?.into_inner(); + + if let Some(verified) = signature_verified { + if actor.public_key_id.as_str() != verified.key_id() { + tracing::error!("Actor signed with wrong key"); + return Err(ErrorKind::BadActor( + actor.public_key_id.to_string(), + verified.key_id().to_owned(), + ) + .into()); + } + } else if config.validate_signatures() { + tracing::error!("This case should never be reachable, since I handle signature checks earlier in the flow. If you see this in a log it means I did it wrong"); + return Err(ErrorKind::NoSignature(Some(actor.public_key_id.to_string())).into()); + } let is_allowed = state.db.is_allowed(actor.id.clone()).await?; let is_connected = state.db.is_connected(actor.id.clone()).await?; @@ -59,22 +76,6 @@ pub(crate) async fn route( return Err(ErrorKind::NotSubscribed(actor.id.to_string()).into()); } - if config.validate_signatures() { - if let Some(verified) = signature_verified { - if actor.public_key_id.as_str() != verified.key_id() { - tracing::error!("Actor signed with wrong key"); - return Err(ErrorKind::BadActor( - actor.public_key_id.to_string(), - verified.key_id().to_owned(), - ) - .into()); - } - } else { - tracing::error!("This case should never be reachable, since I handle signature checks earlier in the flow. If you see this in a log it means I did it wrong"); - return Err(ErrorKind::NoSignature(Some(actor.public_key_id.to_string())).into()); - } - } - match kind { ValidTypes::Accept => handle_accept(&config, input).await?, ValidTypes::Reject => handle_reject(&config, &jobs, input, actor).await?,