Skip to content

Commit

Permalink
fix
Browse files Browse the repository at this point in the history
  • Loading branch information
@mei23
mei23 committed Dec 2, 2023
1 parent 5317d27 commit 2cb9d1d
Showing 1 changed file with 14 additions and 7 deletions.
21 changes: 14 additions & 7 deletions packages/backend/src/server/activitypub.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,9 @@ const router = new Router();

async function inbox(ctx: Router.RouterContext) {
if (ctx.req.headers.host !== config.host) {
logger.warn(`inbox: Invalid Host`);
ctx.status = 400;
ctx.message = 'Invalid Host';
return;
}

Expand All @@ -52,6 +54,12 @@ async function inbox(ctx: Router.RouterContext) {
} catch (e) {
logger.warn(`inbox: signature parse error: ${inspect(e)}`);
ctx.status = 401;

if (e instanceof Error) {
if (e.name === 'ExpiredRequestError') ctx.message = 'Expired Request Error';
if (e.name === 'MissingHeaderError') ctx.message = 'Missing Required Header';
}

return;
}

Expand All @@ -62,6 +70,7 @@ async function inbox(ctx: Router.RouterContext) {
if (typeof digest !== 'string') {
logger.warn(`inbox: unrecognized digest header 1`);
ctx.status = 401;
ctx.message = 'Invalid Digest Header';
return;
}

Expand All @@ -70,23 +79,26 @@ async function inbox(ctx: Router.RouterContext) {
if (match == null) {
logger.warn(`inbox: unrecognized digest header 2`);
ctx.status = 401;
ctx.message = 'Invalid Digest Header';
return;
}

const digestAlgo = match[1];
const digestExpected = match[2];

if (digestAlgo.toUpperCase() !== 'SHA-256') {
logger.warn(`inbox: unsupported algorithm`);
logger.warn(`inbox: Unsupported Digest Algorithm`);
ctx.status = 401;
ctx.message = 'Unsupported Digest Algorithm';
return;
}

const digestActual = crypto.createHash('sha256').update(raw).digest('base64');

if (digestExpected !== digestActual) {
logger.warn(`inbox: digest missmatch`);
logger.warn(`inbox: Digest Missmatch`);
ctx.status = 401;
ctx.message = 'Digest Missmatch';
return;
}

Expand Down Expand Up @@ -114,13 +126,8 @@ export function setResponseType(ctx: Router.RouterContext) {
}

// inbox
<<<<<<< HEAD:packages/backend/src/server/activitypub.ts
router.post('/inbox', json(), inbox);
router.post('/users/:user/inbox', json(), inbox);
=======
router.post('/inbox', inbox);
router.post('/users/:user/inbox', inbox);
>>>>>>> 5e385d56d (validate signed headers (#2497)):src/server/activitypub.ts

// note
router.get('/notes/:note', async (ctx, next) => {
Expand Down

0 comments on commit 2cb9d1d

Please sign in to comment.