forked from mirrors/relay
Allow activities without IDs, fetch actor unchecked
This commit is contained in:
parent
37b2afe344
commit
943f679a69
1 changed files with 24 additions and 23 deletions
|
@ -40,13 +40,30 @@ pub(crate) async fn route(
|
||||||
return Err(ErrorKind::NoSignature(None).into());
|
return Err(ErrorKind::NoSignature(None).into());
|
||||||
}
|
}
|
||||||
|
|
||||||
let actor = actors
|
let actor_id = if input.id_unchecked().is_some() {
|
||||||
.get(
|
input.actor()?.as_single_id().ok_or(ErrorKind::MissingId)?
|
||||||
input.actor()?.as_single_id().ok_or(ErrorKind::MissingId)?,
|
} else {
|
||||||
&client,
|
input
|
||||||
|
.actor_unchecked()
|
||||||
|
.as_single_id()
|
||||||
|
.ok_or(ErrorKind::MissingId)?
|
||||||
|
};
|
||||||
|
|
||||||
|
let actor = actors.get(actor_id, &client).await?.into_inner();
|
||||||
|
|
||||||
|
if let Some(verified) = signature_verified {
|
||||||
|
if actor.public_key_id.as_str() != verified.key_id() {
|
||||||
|
tracing::error!("Actor signed with wrong key");
|
||||||
|
return Err(ErrorKind::BadActor(
|
||||||
|
actor.public_key_id.to_string(),
|
||||||
|
verified.key_id().to_owned(),
|
||||||
)
|
)
|
||||||
.await?
|
.into());
|
||||||
.into_inner();
|
}
|
||||||
|
} else if config.validate_signatures() {
|
||||||
|
tracing::error!("This case should never be reachable, since I handle signature checks earlier in the flow. If you see this in a log it means I did it wrong");
|
||||||
|
return Err(ErrorKind::NoSignature(Some(actor.public_key_id.to_string())).into());
|
||||||
|
}
|
||||||
|
|
||||||
let is_allowed = state.db.is_allowed(actor.id.clone()).await?;
|
let is_allowed = state.db.is_allowed(actor.id.clone()).await?;
|
||||||
let is_connected = state.db.is_connected(actor.id.clone()).await?;
|
let is_connected = state.db.is_connected(actor.id.clone()).await?;
|
||||||
|
@ -59,22 +76,6 @@ pub(crate) async fn route(
|
||||||
return Err(ErrorKind::NotSubscribed(actor.id.to_string()).into());
|
return Err(ErrorKind::NotSubscribed(actor.id.to_string()).into());
|
||||||
}
|
}
|
||||||
|
|
||||||
if config.validate_signatures() {
|
|
||||||
if let Some(verified) = signature_verified {
|
|
||||||
if actor.public_key_id.as_str() != verified.key_id() {
|
|
||||||
tracing::error!("Actor signed with wrong key");
|
|
||||||
return Err(ErrorKind::BadActor(
|
|
||||||
actor.public_key_id.to_string(),
|
|
||||||
verified.key_id().to_owned(),
|
|
||||||
)
|
|
||||||
.into());
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
tracing::error!("This case should never be reachable, since I handle signature checks earlier in the flow. If you see this in a log it means I did it wrong");
|
|
||||||
return Err(ErrorKind::NoSignature(Some(actor.public_key_id.to_string())).into());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
match kind {
|
match kind {
|
||||||
ValidTypes::Accept => handle_accept(&config, input).await?,
|
ValidTypes::Accept => handle_accept(&config, input).await?,
|
||||||
ValidTypes::Reject => handle_reject(&config, &jobs, input, actor).await?,
|
ValidTypes::Reject => handle_reject(&config, &jobs, input, actor).await?,
|
||||||
|
|
Loading…
Reference in a new issue