feat: inbox requests remote server auth

This commit is contained in:
əlemi 2024-04-13 01:49:04 +02:00
parent 5863bdf04e
commit d66f09d130
Signed by: alemi
GPG key ID: A4895B84D311642C
4 changed files with 21 additions and 20 deletions

View file

@ -36,6 +36,10 @@ impl UpubError {
Self::Status(axum::http::StatusCode::FORBIDDEN)
}
pub fn unauthorized() -> Self {
Self::Status(axum::http::StatusCode::UNAUTHORIZED)
}
pub fn not_modified() -> Self {
Self::Status(axum::http::StatusCode::NOT_MODIFIED)
}

View file

@ -1,8 +1,8 @@
use apb::{server::Inbox, ActivityType, Base, BaseType, ObjectType};
use apb::{server::Inbox, target::Addressed, Activity, ActivityType, Base, BaseType, ObjectType};
use axum::{extract::{Query, State}, http::StatusCode, Json};
use sea_orm::{Order, QueryFilter, QueryOrder, QuerySelect};
use crate::{errors::UpubError, model::{self, addressing::EmbeddedActivity}, server::{auth::AuthIdentity, Context}, url};
use crate::{errors::UpubError, model::{self, addressing::EmbeddedActivity}, server::{auth::{AuthIdentity, Identity}, Context}, url};
use super::{jsonld::LD, JsonLD, Pagination};
@ -40,10 +40,18 @@ pub async fn page(
))
}
pub async fn post(
State(ctx): State<Context>,
AuthIdentity(auth): AuthIdentity,
Json(activity): Json<serde_json::Value>
) -> Result<(), UpubError> {
) -> crate::Result<()> {
match auth {
Identity::Remote(_server) => {},
Identity::Local(_user) => return Err(UpubError::forbidden()),
Identity::Anonymous => return Err(UpubError::unauthorized()),
}
match activity.base_type() {
None => { Err(StatusCode::BAD_REQUEST.into()) },

View file

@ -57,8 +57,9 @@ pub async fn page(
pub async fn post(
State(ctx): State<Context>,
Path(_id): Path<String>,
Json(activity): Json<serde_json::Value>
AuthIdentity(_auth): AuthIdentity,
Json(activity): Json<serde_json::Value>,
) -> Result<(), UpubError> {
// POSTing to user inboxes is effectively the same as POSTing to the main inbox
super::super::inbox::post(State(ctx), Json(activity)).await
super::super::inbox::post(State(ctx), AuthIdentity(_auth), Json(activity)).await
}

View file

@ -11,18 +11,6 @@ use crate::{VERSION, model};
use super::Context;
#[derive(Debug, thiserror::Error)]
pub enum FetchError {
#[error("could not dereference resource: {0}")]
Network(#[from] reqwest::Error),
#[error("error operating on database: {0}")]
Database(#[from] sea_orm::DbErr),
#[error("missing field when constructing object: {0}")]
Field(#[from] model::FieldError),
}
pub struct Fetcher {
db: DatabaseConnection,
key: PKey<Private>, // TODO store pre-parsed
@ -94,7 +82,7 @@ impl Fetcher {
.await
}
pub async fn user(&self, id: &str) -> Result<model::user::Model, FetchError> {
pub async fn user(&self, id: &str) -> crate::Result<model::user::Model> {
if let Some(x) = model::user::Entity::find_by_id(id).one(&self.db).await? {
return Ok(x); // already in db, easy
}
@ -110,7 +98,7 @@ impl Fetcher {
Ok(user_model)
}
pub async fn activity(&self, id: &str) -> Result<model::activity::Model, FetchError> {
pub async fn activity(&self, id: &str) -> crate::Result<model::activity::Model> {
if let Some(x) = model::activity::Entity::find_by_id(id).one(&self.db).await? {
return Ok(x); // already in db, easy
}
@ -126,7 +114,7 @@ impl Fetcher {
Ok(activity_model)
}
pub async fn object(&self, id: &str) -> Result<model::object::Model, FetchError> {
pub async fn object(&self, id: &str) -> crate::Result<model::object::Model> {
if let Some(x) = model::object::Entity::find_by_id(id).one(&self.db).await? {
return Ok(x); // already in db, easy
}