fix digest, error on curl

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
author: Maxence Lange <maxence@artificial-owl.com> 2022-11-24 09:27:40 -0100
committer: Maxence Lange <maxence@artificial-owl.com> 2022-11-24 09:27:40 -0100
commit: 17699ac91129c26f226669c2f5dae492c0f68dcf (patch)
tree: 6d2c54ec3e2b858697b90e158e33ec073918c794
parent: 94d637289e15717cd242f784f5ab33ac8feea567 (diff)
6 files changed, 63 insertions, 127 deletions
diff --git a/lib/Controller/ActivityPubController.php b/lib/Controller/ActivityPubController.php
index 61a400df..05258855 100644
--- a/lib/Controller/ActivityPubController.php
+++ b/lib/Controller/ActivityPubController.php
@@ -30,12 +30,7 @@ declare(strict_types=1);
 
 namespace OCA\Social\Controller;
 
-use OCA\Social\Tools\Traits\TNCLogger;
-use OCA\Social\Tools\Traits\TNCDataResponse;
-use OCA\Social\Tools\Traits\TAsync;
-use OCA\Social\Tools\Traits\TStringTools;
 use Exception;
-use OCP\AppFramework\Http;
 use OCA\Social\AppInfo\Application;
 use OCA\Social\Exceptions\AccountDoesNotExistException;
 use OCA\Social\Exceptions\ItemUnknownException;
@@ -44,20 +39,26 @@ use OCA\Social\Exceptions\SignatureIsGoneException;
 use OCA\Social\Exceptions\SocialAppConfigException;
 use OCA\Social\Exceptions\StreamNotFoundException;
 use OCA\Social\Exceptions\UrlCloudException;
+use OCA\Social\Model\ActivityPub\Activity\Delete;
 use OCA\Social\Service\AccountService;
 use OCA\Social\Service\CacheActorService;
 use OCA\Social\Service\ConfigService;
 use OCA\Social\Service\FediverseService;
 use OCA\Social\Service\FollowService;
 use OCA\Social\Service\ImportService;
-use OCA\Social\Service\MiscService;
 use OCA\Social\Service\SignatureService;
 use OCA\Social\Service\StreamQueueService;
 use OCA\Social\Service\StreamService;
+use OCA\Social\Tools\Traits\TAsync;
+use OCA\Social\Tools\Traits\TNCDataResponse;
+use OCA\Social\Tools\Traits\TNCLogger;
+use OCA\Social\Tools\Traits\TStringTools;
 use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\Http\Response;
 use OCP\IRequest;
+use Psr\Log\LoggerInterface;
 
 class ActivityPubController extends Controller {
 	use TNCDataResponse;
@@ -75,14 +76,20 @@ class ActivityPubController extends Controller {
 	private FollowService $followService;
 	private StreamService $streamService;
 	private ConfigService $configService;
-	private MiscService $miscService;
 
 	public function __construct(
-		IRequest $request, SocialPubController $socialPubController, FediverseService $fediverseService,
-		CacheActorService $cacheActorService, SignatureService $signatureService,
-		StreamQueueService $streamQueueService, ImportService $importService, AccountService $accountService,
-		FollowService $followService, StreamService $streamService, ConfigService $configService,
-		MiscService $miscService
+		IRequest $request,
+		SocialPubController $socialPubController,
+		FediverseService $fediverseService,
+		CacheActorService $cacheActorService,
+		SignatureService $signatureService,
+		StreamQueueService $streamQueueService,
+		ImportService $importService,
+		AccountService $accountService,
+		FollowService $followService,
+		StreamService $streamService,
+		ConfigService $configService,
+		LoggerInterface $logger
 	) {
 		parent::__construct(Application::APP_NAME, $request);
 
@@ -96,7 +103,7 @@ class ActivityPubController extends Controller {
 		$this->followService = $followService;
 		$this->streamService = $streamService;
 		$this->configService = $configService;
-		$this->miscService = $miscService;
+		$this->logger = $logger;
 	}
 
 
@@ -165,7 +172,7 @@ class ActivityPubController extends Controller {
 	public function sharedInbox(): Response {
 		try {
 			$body = file_get_contents('php://input');
-			$this->miscService->log('[<<] sharedInbox: ' . $body, 1);
+			$this->logger->debug('[<<] sharedInbox: ' . $body);
 
 			$requestTime = 0;
 			$origin = $this->signatureService->checkRequest($this->request, $body, $requestTime);
@@ -187,7 +194,7 @@ class ActivityPubController extends Controller {
 			// or it will feed the logs.
 			exit();
 		} catch (SignatureIsGoneException $e) {
-			return $this->fail($e, [], Http::STATUS_GONE, false);
+			return $this->success();
 		} catch (Exception $e) {
 			return $this->fail($e);
 		}
@@ -208,7 +215,7 @@ class ActivityPubController extends Controller {
 	public function inbox(string $username): Response {
 		try {
 			$body = file_get_contents('php://input');
-			$this->debug('[<<] inbox', ['body' => $body]);
+			$this->logger->debug('[<<] inbox', ['body' => $body]);
 
 			$requestTime = 0;
 			$origin = $this->signatureService->checkRequest($this->request, $body, $requestTime);
@@ -232,7 +239,7 @@ class ActivityPubController extends Controller {
 			// or it will feed the logs.
 			exit();
 		} catch (SignatureIsGoneException $e) {
-			return $this->fail($e, [], Http::STATUS_GONE);
+			return $this->success();
 		} catch (Exception $e) {
 			return $this->fail($e);
 		}
diff --git a/lib/Controller/OAuthController.php b/lib/Controller/OAuthController.php
index 744c63ef..ec36c308 100644
--- a/lib/Controller/OAuthController.php
+++ b/lib/Controller/OAuthController.php
@@ -2,7 +2,6 @@
 
 declare(strict_types=1);
 
-
 /**
  * Nextcloud - Social Support
  *
@@ -57,7 +56,6 @@ class OAuthController extends Controller {
 	private IURLGenerator $urlGenerator;
 	private InstanceService $instanceService;
 	private AccountService $accountService;
-	private CacheActorService $cacheActorService;
 	private ClientService $clientService;
 	private ConfigService $configService;
 	private LoggerInterface $logger;
@@ -69,7 +67,6 @@ class OAuthController extends Controller {
 		IURLGenerator $urlGenerator,
 		InstanceService $instanceService,
 		AccountService $accountService,
-		CacheActorService $cacheActorService,
 		ClientService $clientService,
 		ConfigService $configService,
 		LoggerInterface $logger,
@@ -81,7 +78,6 @@ class OAuthController extends Controller {
 		$this->urlGenerator = $urlGenerator;
 		$this->instanceService = $instanceService;
 		$this->accountService = $accountService;
-		$this->cacheActorService = $cacheActorService;
 		$this->clientService = $clientService;
 		$this->configService = $configService;
 		$this->logger = $logger;
diff --git a/lib/Interfaces/Object/FollowInterface.php b/lib/Interfaces/Object/FollowInterface.php
index 725a9417..648f0c8e 100644
--- a/lib/Interfaces/Object/FollowInterface.php
+++ b/lib/Interfaces/Object/FollowInterface.php
@@ -31,7 +31,6 @@ declare(strict_types=1);
 
 namespace OCA\Social\Interfaces\Object;
 
-use OCA\Social\Tools\Exceptions\MalformedArrayException;
 use Exception;
 use OCA\Social\AP;
 use OCA\Social\Db\FollowsRequest;
@@ -41,11 +40,6 @@ use OCA\Social\Exceptions\InvalidResourceException;
 use OCA\Social\Exceptions\ItemAlreadyExistsException;
 use OCA\Social\Exceptions\ItemUnknownException;
 use OCA\Social\Exceptions\RedundancyLimitException;
-use OCA\Social\Tools\Exceptions\RequestContentException;
-use OCA\Social\Tools\Exceptions\RequestNetworkException;
-use OCA\Social\Tools\Exceptions\RequestResultNotJsonException;
-use OCA\Social\Tools\Exceptions\RequestResultSizeException;
-use OCA\Social\Tools\Exceptions\RequestServerException;
 use OCA\Social\Exceptions\SocialAppConfigException;
 use OCA\Social\Interfaces\Activity\AbstractActivityPubInterface;
 use OCA\Social\Interfaces\IActivityPubInterface;
@@ -61,6 +55,12 @@ use OCA\Social\Service\AccountService;
 use OCA\Social\Service\ActivityService;
 use OCA\Social\Service\CacheActorService;
 use OCA\Social\Service\MiscService;
+use OCA\Social\Tools\Exceptions\MalformedArrayException;
+use OCA\Social\Tools\Exceptions\RequestContentException;
+use OCA\Social\Tools\Exceptions\RequestNetworkException;
+use OCA\Social\Tools\Exceptions\RequestResultNotJsonException;
+use OCA\Social\Tools\Exceptions\RequestResultSizeException;
+use OCA\Social\Tools\Exceptions\RequestServerException;
 
 /**
  * Class FollowInterface
@@ -77,7 +77,7 @@ class FollowInterface extends AbstractActivityPubInterface implements IActivityP
 	public function __construct(
 		FollowsRequest $followsRequest, CacheActorService $cacheActorService,
 		AccountService $accountService, ActivityService $activityService,
-		 MiscService $miscService
+		MiscService $miscService
 	) {
 		$this->followsRequest = $followsRequest;
 		$this->cacheActorService = $cacheActorService;
@@ -140,9 +140,7 @@ class FollowInterface extends AbstractActivityPubInterface implements IActivityP
 		$follow->checkOrigin($follow->getActorId());
 
 		try {
-			$knownFollow =
-				$this->followsRequest->getByPersons($follow->getActorId(), $follow->getObjectId());
-
+			$knownFollow = $this->followsRequest->getByPersons($follow->getActorId(), $follow->getObjectId());
 			if ($knownFollow->getId() === $follow->getId() && !$knownFollow->isAccepted()) {
 				$this->confirmFollowRequest($follow);
 			}
diff --git a/lib/Model/ActivityPub/Object/Follow.php b/lib/Model/ActivityPub/Object/Follow.php
index 3b779311..00328785 100644
--- a/lib/Model/ActivityPub/Object/Follow.php
+++ b/lib/Model/ActivityPub/Object/Follow.php
@@ -43,14 +43,10 @@ use OCA\Social\Model\ActivityPub\ACore;
 class Follow extends ACore implements JsonSerializable, IQueryRow {
 	public const TYPE = 'Follow';
 
-
 	private string $followId = '';
-
 	private string $followIdPrim = '';
-
 	private bool $accepted = false;
 
-
 	/**
 	 * Follow constructor.
 	 *
diff --git a/lib/Service/CurlService.php b/lib/Service/CurlService.php
index 3433a969..e21b2857 100644
--- a/lib/Service/CurlService.php
+++ b/lib/Service/CurlService.php
@@ -52,6 +52,7 @@ use OCA\Social\Tools\Model\NCRequest;
 use OCA\Social\Tools\Model\Request;
 use OCA\Social\Tools\Traits\TArrayTools;
 use OCA\Social\Tools\Traits\TPathTools;
+use OCP\AppFramework\Http;
 use Psr\Log\LoggerInterface;
 
 class CurlService {
@@ -239,17 +240,14 @@ class CurlService {
 	 * @throws UnauthorizedFediverseException
 	 */
 	public function retrieveObject($id): array {
-		$this->logger->debug('retrieveObject', ['id' => $id]);
+		$this->logger->debug('retrieveObject id=' . $id);
 		$url = parse_url($id);
 		$this->mustContains(['path', 'host', 'scheme'], $url);
 		$request = new NCRequest($url['path'], Request::TYPE_GET);
 		$request->setHost($url['host']);
 		$request->setProtocol($url['scheme']);
 
-		$this->logger->debug('retrieveObject', ['request' => $request]);
-
 		$result = $this->retrieveJson($request);
-		$this->logger->notice('retrieveObject, request result', ['request' => $request]);
 
 		if (is_array($result)) {
 			$result['_host'] = $request->getHost();
@@ -262,24 +260,6 @@ class CurlService {
 	/**
 	 * @param NCRequest $request
 	 *
-	 * @return array
-	 * @throws RequestContentException
-	 * @throws RequestNetworkException
-	 */
-	public function retrieveJson(NCRequest $request): array {
-		try {
-			return $this->retrieveJsonOrig($request);
-		} catch (RequestNetworkException | RequestContentException $e) {
-			$this->logger->notice('during retrieveJson', ['request' => $request, 'exception' => $e]);
-
-			throw $e;
-		}
-	}
-
-
-	/**
-	 * @param NCRequest $request
-	 *
 	 * @throws SocialAppConfigException
 	 * @throws UnauthorizedFediverseException
 	 * @throws RequestContentException
@@ -340,8 +320,10 @@ class CurlService {
 	 * @throws RequestResultNotJsonException
 	 * @throws RequestResultSizeException
 	 * @throws RequestServerException
+	 * @throws SocialAppConfigException
+	 * @throws UnauthorizedFediverseException
 	 */
-	public function retrieveJsonOrig(NCRequest $request): array {
+	public function retrieveJson(NCRequest $request): array {
 		$result = $this->doRequest($request);
 
 		if (strpos($request->getContentType(), 'application/xrd') === 0) {
@@ -388,6 +370,9 @@ class CurlService {
 			}
 
 			$this->parseRequestResult($curl, $request);
+			if ($request->getResultCode() >= 300) {
+				throw new RequestContentException(json_encode($request), $request->getResultCode());
+			}
 			break;
 		}
 
@@ -513,10 +498,6 @@ class CurlService {
 		$contentType = curl_getinfo($curl, CURLINFO_CONTENT_TYPE);
 		$request->setContentType((!is_string($contentType)) ? '' : $contentType);
 		$request->setResultCode($code);
-
-		$this->parseRequestResultCode301($code, $request);
-		$this->parseRequestResultCode4xx($code, $request);
-		$this->parseRequestResultCode5xx($code, $request);
 	}
 
 
@@ -536,49 +517,4 @@ class CurlService {
 			);
 		}
 	}
-
-
-	/**
-	 * @param int $code
-	 * @param Request $request
-	 *
-	 * @throws RequestContentException
-	 */
-	private function parseRequestResultCode301(int $code, Request $request) {
-		if ($code === 301) {
-			throw new RequestContentException(
-				'301 - ' . json_encode($request, JSON_UNESCAPED_SLASHES)
-			);
-		}
-	}
-
-
-	/**
-	 * @param int $code
-	 * @param Request $request
-	 *
-	 * @throws RequestContentException
-	 */
-	private function parseRequestResultCode4xx(int $code, Request $request) {
-		if ($code === 404 || $code === 410) {
-			throw new RequestContentException(
-				$code . ' - ' . json_encode($request, JSON_UNESCAPED_SLASHES)
-			);
-		}
-	}
-
-
-	/**
-	 * @param int $code
-	 * @param Request $request
-	 *
-	 * @throws RequestServerException
-	 */
-	private function parseRequestResultCode5xx(int $code, Request $request) {
-		if ($code === 500) {
-			throw new RequestServerException(
-				$code . ' - ' . json_encode($request, JSON_UNESCAPED_SLASHES)
-			);
-		}
-	}
 }
diff --git a/lib/Service/SignatureService.php b/lib/Service/SignatureService.php
index dcc699f8..ba1936cf 100644
--- a/lib/Service/SignatureService.php
+++ b/lib/Service/SignatureService.php
@@ -30,15 +30,6 @@ declare(strict_types=1);
 
 namespace OCA\Social\Service;
 
-use OCA\Social\Tools\Exceptions\DateTimeException;
-use OCA\Social\Tools\Exceptions\MalformedArrayException;
-use OCA\Social\Tools\Exceptions\RequestContentException;
-use OCA\Social\Tools\Exceptions\RequestNetworkException;
-use OCA\Social\Tools\Exceptions\RequestResultNotJsonException;
-use OCA\Social\Tools\Exceptions\RequestResultSizeException;
-use OCA\Social\Tools\Exceptions\RequestServerException;
-use OCA\Social\Tools\Model\NCRequest;
-use OCA\Social\Tools\Traits\TArrayTools;
 use DateTime;
 use Exception;
 use JsonLdException;
@@ -58,6 +49,16 @@ use OCA\Social\Model\ActivityPub\ACore;
 use OCA\Social\Model\ActivityPub\Actor\Person;
 use OCA\Social\Model\LinkedDataSignature;
 use OCA\Social\Model\RequestQueue;
+use OCA\Social\Tools\Exceptions\DateTimeException;
+use OCA\Social\Tools\Exceptions\MalformedArrayException;
+use OCA\Social\Tools\Exceptions\RequestContentException;
+use OCA\Social\Tools\Exceptions\RequestNetworkException;
+use OCA\Social\Tools\Exceptions\RequestResultNotJsonException;
+use OCA\Social\Tools\Exceptions\RequestResultSizeException;
+use OCA\Social\Tools\Exceptions\RequestServerException;
+use OCA\Social\Tools\Model\NCRequest;
+use OCA\Social\Tools\Traits\TArrayTools;
+use OCP\AppFramework\Http;
 use OCP\Files\AppData\IAppDataFactory;
 use OCP\Files\NotFoundException;
 use OCP\Files\NotPermittedException;
@@ -65,6 +66,7 @@ use OCP\Files\SimpleFS\ISimpleFile;
 use OCP\Files\SimpleFS\ISimpleFolder;
 use OCP\IRequest;
 use OCP\Server;
+use Psr\Log\LoggerInterface;
 use stdClass;
 
 class SignatureService {
@@ -83,20 +85,20 @@ class SignatureService {
 	private ActorsRequest $actorsRequest;
 	private CurlService $curlService;
 	private ConfigService $configService;
-	private MiscService $miscService;
+	private LoggerInterface $logger;
 
 	public function __construct(
 		ActorsRequest $actorsRequest,
 		CacheActorService $cacheActorService,
 		CurlService $curlService,
 		ConfigService $configService,
-		MiscService $miscService
+		LoggerInterface $logger
 	) {
 		$this->actorsRequest = $actorsRequest;
 		$this->cacheActorService = $cacheActorService;
 		$this->curlService = $curlService;
 		$this->configService = $configService;
-		$this->miscService = $miscService;
+		$this->logger = $logger;
 	}
 
 
@@ -195,7 +197,7 @@ class SignatureService {
 	 * @return string
 	 */
 	private function generateDigest(string $data): string {
-		$encoded = hash("sha256", utf8_encode($data), true);
+		$encoded = hash("sha256", $data, true);
 
 		return 'SHA-256=' . base64_encode($encoded);
 	}
@@ -242,14 +244,19 @@ class SignatureService {
 		}
 
 		if ($this->generateDigest($data) !== $request->getHeader('digest')) {
-			throw new SignatureException('issue with digest');
+			throw new SignatureException(
+				'issue with digest -- sent: ' .
+				$request->getHeader('digest') . ', expected: ' . $this->generateDigest($data)
+			);
 		}
 
 		try {
 			return $this->checkRequestSignature($request, $data);
-		} catch (RequestContentException $e) {
-			throw new SignatureIsGoneException();
 		} catch (SignatureException $e) {
+		} catch (RequestContentException $e) {
+			if ($e->getCode() === Http::STATUS_GONE) {
+				throw new SignatureIsGoneException();
+			}
 		}
 
 		return '';
@@ -304,10 +311,6 @@ class SignatureService {
 
 			return true;
 		} catch (LinkedDataSignatureMissingException $e) {
-			$this->miscService->log(
-				'Notice: LinkedDataSignatureMissingException while checkObject : ' . $e->getMessage()
-				. ' --- ' . json_encode($object), 1
-			);
 		}
 
 		return false;
author	Maxence Lange <maxence@artificial-owl.com>	2022-11-24 09:27:40 -0100
committer	Maxence Lange <maxence@artificial-owl.com>	2022-11-24 09:27:40 -0100
commit	17699ac91129c26f226669c2f5dae492c0f68dcf (patch)
tree	6d2c54ec3e2b858697b90e158e33ec073918c794
parent	94d637289e15717cd242f784f5ab33ac8feea567 (diff)