feat: inbox requests remote server auth

This commit is contained in:
əlemi 2024-04-13 01:49:04 +02:00
parent 5863bdf04e
commit d66f09d130
Signed by: alemi
GPG key ID: A4895B84D311642C
4 changed files with 21 additions and 20 deletions

View file

@ -36,6 +36,10 @@ impl UpubError {
Self::Status(axum::http::StatusCode::FORBIDDEN) Self::Status(axum::http::StatusCode::FORBIDDEN)
} }
pub fn unauthorized() -> Self {
Self::Status(axum::http::StatusCode::UNAUTHORIZED)
}
pub fn not_modified() -> Self { pub fn not_modified() -> Self {
Self::Status(axum::http::StatusCode::NOT_MODIFIED) Self::Status(axum::http::StatusCode::NOT_MODIFIED)
} }

View file

@ -1,8 +1,8 @@
use apb::{server::Inbox, ActivityType, Base, BaseType, ObjectType}; use apb::{server::Inbox, target::Addressed, Activity, ActivityType, Base, BaseType, ObjectType};
use axum::{extract::{Query, State}, http::StatusCode, Json}; use axum::{extract::{Query, State}, http::StatusCode, Json};
use sea_orm::{Order, QueryFilter, QueryOrder, QuerySelect}; use sea_orm::{Order, QueryFilter, QueryOrder, QuerySelect};
use crate::{errors::UpubError, model::{self, addressing::EmbeddedActivity}, server::{auth::AuthIdentity, Context}, url}; use crate::{errors::UpubError, model::{self, addressing::EmbeddedActivity}, server::{auth::{AuthIdentity, Identity}, Context}, url};
use super::{jsonld::LD, JsonLD, Pagination}; use super::{jsonld::LD, JsonLD, Pagination};
@ -40,10 +40,18 @@ pub async fn page(
)) ))
} }
pub async fn post( pub async fn post(
State(ctx): State<Context>, State(ctx): State<Context>,
AuthIdentity(auth): AuthIdentity,
Json(activity): Json<serde_json::Value> Json(activity): Json<serde_json::Value>
) -> Result<(), UpubError> { ) -> crate::Result<()> {
match auth {
Identity::Remote(_server) => {},
Identity::Local(_user) => return Err(UpubError::forbidden()),
Identity::Anonymous => return Err(UpubError::unauthorized()),
}
match activity.base_type() { match activity.base_type() {
None => { Err(StatusCode::BAD_REQUEST.into()) }, None => { Err(StatusCode::BAD_REQUEST.into()) },

View file

@ -57,8 +57,9 @@ pub async fn page(
pub async fn post( pub async fn post(
State(ctx): State<Context>, State(ctx): State<Context>,
Path(_id): Path<String>, Path(_id): Path<String>,
Json(activity): Json<serde_json::Value> AuthIdentity(_auth): AuthIdentity,
Json(activity): Json<serde_json::Value>,
) -> Result<(), UpubError> { ) -> Result<(), UpubError> {
// POSTing to user inboxes is effectively the same as POSTing to the main inbox // POSTing to user inboxes is effectively the same as POSTing to the main inbox
super::super::inbox::post(State(ctx), Json(activity)).await super::super::inbox::post(State(ctx), AuthIdentity(_auth), Json(activity)).await
} }

View file

@ -11,18 +11,6 @@ use crate::{VERSION, model};
use super::Context; use super::Context;
#[derive(Debug, thiserror::Error)]
pub enum FetchError {
#[error("could not dereference resource: {0}")]
Network(#[from] reqwest::Error),
#[error("error operating on database: {0}")]
Database(#[from] sea_orm::DbErr),
#[error("missing field when constructing object: {0}")]
Field(#[from] model::FieldError),
}
pub struct Fetcher { pub struct Fetcher {
db: DatabaseConnection, db: DatabaseConnection,
key: PKey<Private>, // TODO store pre-parsed key: PKey<Private>, // TODO store pre-parsed
@ -94,7 +82,7 @@ impl Fetcher {
.await .await
} }
pub async fn user(&self, id: &str) -> Result<model::user::Model, FetchError> { pub async fn user(&self, id: &str) -> crate::Result<model::user::Model> {
if let Some(x) = model::user::Entity::find_by_id(id).one(&self.db).await? { if let Some(x) = model::user::Entity::find_by_id(id).one(&self.db).await? {
return Ok(x); // already in db, easy return Ok(x); // already in db, easy
} }
@ -110,7 +98,7 @@ impl Fetcher {
Ok(user_model) Ok(user_model)
} }
pub async fn activity(&self, id: &str) -> Result<model::activity::Model, FetchError> { pub async fn activity(&self, id: &str) -> crate::Result<model::activity::Model> {
if let Some(x) = model::activity::Entity::find_by_id(id).one(&self.db).await? { if let Some(x) = model::activity::Entity::find_by_id(id).one(&self.db).await? {
return Ok(x); // already in db, easy return Ok(x); // already in db, easy
} }
@ -126,7 +114,7 @@ impl Fetcher {
Ok(activity_model) Ok(activity_model)
} }
pub async fn object(&self, id: &str) -> Result<model::object::Model, FetchError> { pub async fn object(&self, id: &str) -> crate::Result<model::object::Model> {
if let Some(x) = model::object::Entity::find_by_id(id).one(&self.db).await? { if let Some(x) = model::object::Entity::find_by_id(id).one(&self.db).await? {
return Ok(x); // already in db, easy return Ok(x); // already in db, easy
} }