fix: webfinger accepts full ids
thanks ari for helping me debug this! <3
This commit is contained in:
parent
3fbff70933
commit
a4df9f2fc0
GPG key ID:
A4895B84D311642C
1 changed files with 51 additions and 35 deletions
|
|
@ -3,6 +3,8 @@ use jrd::{JsonResourceDescriptor, JsonResourceDescriptorLink};
|
||||||
use sea_orm::{ColumnTrait, EntityTrait, PaginatorTrait, QueryFilter};
|
use sea_orm::{ColumnTrait, EntityTrait, PaginatorTrait, QueryFilter};
|
||||||
use upub::{model, Context};
|
use upub::{model, Context};
|
||||||
|
|
||||||
|
use crate::ApiError;
|
||||||
|
|
||||||
#[derive(serde::Serialize)]
|
#[derive(serde::Serialize)]
|
||||||
pub struct NodeInfoDiscovery {
|
pub struct NodeInfoDiscovery {
|
||||||
pub links: Vec<NodeInfoDiscoveryRel>,
|
pub links: Vec<NodeInfoDiscoveryRel>,
|
||||||
|
|
@ -99,19 +101,36 @@ pub async fn webfinger(
|
||||||
State(ctx): State<Context>,
|
State(ctx): State<Context>,
|
||||||
Query(query): Query<WebfingerQuery>
|
Query(query): Query<WebfingerQuery>
|
||||||
) -> crate::ApiResult<JsonRD<JsonResourceDescriptor>> {
|
) -> crate::ApiResult<JsonRD<JsonResourceDescriptor>> {
|
||||||
|
let user =
|
||||||
|
if query.resource.starts_with("acct:") {
|
||||||
if let Some((user, domain)) = query
|
if let Some((user, domain)) = query
|
||||||
.resource
|
.resource
|
||||||
.replace("acct:", "")
|
.replace("acct:", "")
|
||||||
.split_once('@')
|
.split_once('@')
|
||||||
{
|
{
|
||||||
let usr = model::actor::Entity::find()
|
model::actor::Entity::find()
|
||||||
.filter(model::actor::Column::PreferredUsername.eq(user))
|
.filter(model::actor::Column::PreferredUsername.eq(user))
|
||||||
.filter(model::actor::Column::Domain.eq(domain))
|
.filter(model::actor::Column::Domain.eq(domain))
|
||||||
.one(ctx.db())
|
.one(ctx.db())
|
||||||
.await?
|
.await?
|
||||||
.ok_or_else(crate::ApiError::not_found)?;
|
.ok_or_else(crate::ApiError::not_found)?
|
||||||
|
|
||||||
let expires = if domain == ctx.domain() {
|
} else {
|
||||||
|
return Err(StatusCode::UNPROCESSABLE_ENTITY.into());
|
||||||
|
}
|
||||||
|
} else if query.resource.starts_with("http") {
|
||||||
|
match model::actor::Entity::find_by_ap_id(&query.resource)
|
||||||
|
.one(ctx.db())
|
||||||
|
.await?
|
||||||
|
{
|
||||||
|
Some(usr) => usr,
|
||||||
|
None => return Err(ApiError::not_found()),
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return Err(StatusCode::UNPROCESSABLE_ENTITY.into());
|
||||||
|
};
|
||||||
|
|
||||||
|
let expires = if user.domain == ctx.domain() {
|
||||||
// TODO configurable webfinger TTL, also 30 days may be too much???
|
// TODO configurable webfinger TTL, also 30 days may be too much???
|
||||||
Some(chrono::Utc::now() + chrono::Duration::days(30))
|
Some(chrono::Utc::now() + chrono::Duration::days(30))
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -121,13 +140,13 @@ pub async fn webfinger(
|
||||||
};
|
};
|
||||||
|
|
||||||
Ok(JsonRD(JsonResourceDescriptor {
|
Ok(JsonRD(JsonResourceDescriptor {
|
||||||
subject: format!("acct:{user}@{domain}"),
|
subject: format!("acct:{}@{}", user.preferred_username, user.domain),
|
||||||
aliases: vec![usr.id.clone()],
|
aliases: vec![user.id.clone()],
|
||||||
links: vec![
|
links: vec![
|
||||||
JsonResourceDescriptorLink {
|
JsonResourceDescriptorLink {
|
||||||
rel: "self".to_string(),
|
rel: "self".to_string(),
|
||||||
link_type: Some("application/ld+json".to_string()),
|
link_type: Some("application/ld+json".to_string()),
|
||||||
href: Some(usr.id),
|
href: Some(user.id),
|
||||||
properties: jrd::Map::default(),
|
properties: jrd::Map::default(),
|
||||||
titles: jrd::Map::default(),
|
titles: jrd::Map::default(),
|
||||||
},
|
},
|
||||||
|
|
@ -135,9 +154,6 @@ pub async fn webfinger(
|
||||||
properties: jrd::Map::default(),
|
properties: jrd::Map::default(),
|
||||||
expires,
|
expires,
|
||||||
}))
|
}))
|
||||||
} else {
|
|
||||||
Err(StatusCode::UNPROCESSABLE_ENTITY.into())
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// i don't even want to bother with XML, im just returning a formatted xml string
|
// i don't even want to bother with XML, im just returning a formatted xml string
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue