diff options
author | Maxence Lange <maxence@artificial-owl.com> | 2022-11-24 09:28:09 -0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-11-24 09:28:09 -0100 |
commit | 8edd01485b21c44dca2ecf0248748de22249db86 (patch) | |
tree | 6d2c54ec3e2b858697b90e158e33ec073918c794 | |
parent | 94d637289e15717cd242f784f5ab33ac8feea567 (diff) | |
parent | 17699ac91129c26f226669c2f5dae492c0f68dcf (diff) |
Merge pull request #1539 from nextcloud/fix/noid/fix-digest
fix digest, error on curl
-rw-r--r-- | lib/Controller/ActivityPubController.php | 41 | ||||
-rw-r--r-- | lib/Controller/OAuthController.php | 4 | ||||
-rw-r--r-- | lib/Interfaces/Object/FollowInterface.php | 18 | ||||
-rw-r--r-- | lib/Model/ActivityPub/Object/Follow.php | 4 | ||||
-rw-r--r-- | lib/Service/CurlService.php | 80 | ||||
-rw-r--r-- | lib/Service/SignatureService.php | 43 |
6 files changed, 63 insertions, 127 deletions
diff --git a/lib/Controller/ActivityPubController.php b/lib/Controller/ActivityPubController.php index 61a400df..05258855 100644 --- a/lib/Controller/ActivityPubController.php +++ b/lib/Controller/ActivityPubController.php @@ -30,12 +30,7 @@ declare(strict_types=1); namespace OCA\Social\Controller; -use OCA\Social\Tools\Traits\TNCLogger; -use OCA\Social\Tools\Traits\TNCDataResponse; -use OCA\Social\Tools\Traits\TAsync; -use OCA\Social\Tools\Traits\TStringTools; use Exception; -use OCP\AppFramework\Http; use OCA\Social\AppInfo\Application; use OCA\Social\Exceptions\AccountDoesNotExistException; use OCA\Social\Exceptions\ItemUnknownException; @@ -44,20 +39,26 @@ use OCA\Social\Exceptions\SignatureIsGoneException; use OCA\Social\Exceptions\SocialAppConfigException; use OCA\Social\Exceptions\StreamNotFoundException; use OCA\Social\Exceptions\UrlCloudException; +use OCA\Social\Model\ActivityPub\Activity\Delete; use OCA\Social\Service\AccountService; use OCA\Social\Service\CacheActorService; use OCA\Social\Service\ConfigService; use OCA\Social\Service\FediverseService; use OCA\Social\Service\FollowService; use OCA\Social\Service\ImportService; -use OCA\Social\Service\MiscService; use OCA\Social\Service\SignatureService; use OCA\Social\Service\StreamQueueService; use OCA\Social\Service\StreamService; +use OCA\Social\Tools\Traits\TAsync; +use OCA\Social\Tools\Traits\TNCDataResponse; +use OCA\Social\Tools\Traits\TNCLogger; +use OCA\Social\Tools\Traits\TStringTools; use OCP\AppFramework\Controller; +use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Http\Response; use OCP\IRequest; +use Psr\Log\LoggerInterface; class ActivityPubController extends Controller { use TNCDataResponse; @@ -75,14 +76,20 @@ class ActivityPubController extends Controller { private FollowService $followService; private StreamService $streamService; private ConfigService $configService; - private MiscService $miscService; public function __construct( - IRequest $request, SocialPubController $socialPubController, FediverseService $fediverseService, - CacheActorService $cacheActorService, SignatureService $signatureService, - StreamQueueService $streamQueueService, ImportService $importService, AccountService $accountService, - FollowService $followService, StreamService $streamService, ConfigService $configService, - MiscService $miscService + IRequest $request, + SocialPubController $socialPubController, + FediverseService $fediverseService, + CacheActorService $cacheActorService, + SignatureService $signatureService, + StreamQueueService $streamQueueService, + ImportService $importService, + AccountService $accountService, + FollowService $followService, + StreamService $streamService, + ConfigService $configService, + LoggerInterface $logger ) { parent::__construct(Application::APP_NAME, $request); @@ -96,7 +103,7 @@ class ActivityPubController extends Controller { $this->followService = $followService; $this->streamService = $streamService; $this->configService = $configService; - $this->miscService = $miscService; + $this->logger = $logger; } @@ -165,7 +172,7 @@ class ActivityPubController extends Controller { public function sharedInbox(): Response { try { $body = file_get_contents('php://input'); - $this->miscService->log('[<<] sharedInbox: ' . $body, 1); + $this->logger->debug('[<<] sharedInbox: ' . $body); $requestTime = 0; $origin = $this->signatureService->checkRequest($this->request, $body, $requestTime); @@ -187,7 +194,7 @@ class ActivityPubController extends Controller { // or it will feed the logs. exit(); } catch (SignatureIsGoneException $e) { - return $this->fail($e, [], Http::STATUS_GONE, false); + return $this->success(); } catch (Exception $e) { return $this->fail($e); } @@ -208,7 +215,7 @@ class ActivityPubController extends Controller { public function inbox(string $username): Response { try { $body = file_get_contents('php://input'); - $this->debug('[<<] inbox', ['body' => $body]); + $this->logger->debug('[<<] inbox', ['body' => $body]); $requestTime = 0; $origin = $this->signatureService->checkRequest($this->request, $body, $requestTime); @@ -232,7 +239,7 @@ class ActivityPubController extends Controller { // or it will feed the logs. exit(); } catch (SignatureIsGoneException $e) { - return $this->fail($e, [], Http::STATUS_GONE); + return $this->success(); } catch (Exception $e) { return $this->fail($e); } diff --git a/lib/Controller/OAuthController.php b/lib/Controller/OAuthController.php index 744c63ef..ec36c308 100644 --- a/lib/Controller/OAuthController.php +++ b/lib/Controller/OAuthController.php @@ -2,7 +2,6 @@ declare(strict_types=1); - /** * Nextcloud - Social Support * @@ -57,7 +56,6 @@ class OAuthController extends Controller { private IURLGenerator $urlGenerator; private InstanceService $instanceService; private AccountService $accountService; - private CacheActorService $cacheActorService; private ClientService $clientService; private ConfigService $configService; private LoggerInterface $logger; @@ -69,7 +67,6 @@ class OAuthController extends Controller { IURLGenerator $urlGenerator, InstanceService $instanceService, AccountService $accountService, - CacheActorService $cacheActorService, ClientService $clientService, ConfigService $configService, LoggerInterface $logger, @@ -81,7 +78,6 @@ class OAuthController extends Controller { $this->urlGenerator = $urlGenerator; $this->instanceService = $instanceService; $this->accountService = $accountService; - $this->cacheActorService = $cacheActorService; $this->clientService = $clientService; $this->configService = $configService; $this->logger = $logger; diff --git a/lib/Interfaces/Object/FollowInterface.php b/lib/Interfaces/Object/FollowInterface.php index 725a9417..648f0c8e 100644 --- a/lib/Interfaces/Object/FollowInterface.php +++ b/lib/Interfaces/Object/FollowInterface.php @@ -31,7 +31,6 @@ declare(strict_types=1); namespace OCA\Social\Interfaces\Object; -use OCA\Social\Tools\Exceptions\MalformedArrayException; use Exception; use OCA\Social\AP; use OCA\Social\Db\FollowsRequest; @@ -41,11 +40,6 @@ use OCA\Social\Exceptions\InvalidResourceException; use OCA\Social\Exceptions\ItemAlreadyExistsException; use OCA\Social\Exceptions\ItemUnknownException; use OCA\Social\Exceptions\RedundancyLimitException; -use OCA\Social\Tools\Exceptions\RequestContentException; -use OCA\Social\Tools\Exceptions\RequestNetworkException; -use OCA\Social\Tools\Exceptions\RequestResultNotJsonException; -use OCA\Social\Tools\Exceptions\RequestResultSizeException; -use OCA\Social\Tools\Exceptions\RequestServerException; use OCA\Social\Exceptions\SocialAppConfigException; use OCA\Social\Interfaces\Activity\AbstractActivityPubInterface; use OCA\Social\Interfaces\IActivityPubInterface; @@ -61,6 +55,12 @@ use OCA\Social\Service\AccountService; use OCA\Social\Service\ActivityService; use OCA\Social\Service\CacheActorService; use OCA\Social\Service\MiscService; +use OCA\Social\Tools\Exceptions\MalformedArrayException; +use OCA\Social\Tools\Exceptions\RequestContentException; +use OCA\Social\Tools\Exceptions\RequestNetworkException; +use OCA\Social\Tools\Exceptions\RequestResultNotJsonException; +use OCA\Social\Tools\Exceptions\RequestResultSizeException; +use OCA\Social\Tools\Exceptions\RequestServerException; /** * Class FollowInterface @@ -77,7 +77,7 @@ class FollowInterface extends AbstractActivityPubInterface implements IActivityP public function __construct( FollowsRequest $followsRequest, CacheActorService $cacheActorService, AccountService $accountService, ActivityService $activityService, - MiscService $miscService + MiscService $miscService ) { $this->followsRequest = $followsRequest; $this->cacheActorService = $cacheActorService; @@ -140,9 +140,7 @@ class FollowInterface extends AbstractActivityPubInterface implements IActivityP $follow->checkOrigin($follow->getActorId()); try { - $knownFollow = - $this->followsRequest->getByPersons($follow->getActorId(), $follow->getObjectId()); - + $knownFollow = $this->followsRequest->getByPersons($follow->getActorId(), $follow->getObjectId()); if ($knownFollow->getId() === $follow->getId() && !$knownFollow->isAccepted()) { $this->confirmFollowRequest($follow); } diff --git a/lib/Model/ActivityPub/Object/Follow.php b/lib/Model/ActivityPub/Object/Follow.php index 3b779311..00328785 100644 --- a/lib/Model/ActivityPub/Object/Follow.php +++ b/lib/Model/ActivityPub/Object/Follow.php @@ -43,14 +43,10 @@ use OCA\Social\Model\ActivityPub\ACore; class Follow extends ACore implements JsonSerializable, IQueryRow { public const TYPE = 'Follow'; - private string $followId = ''; - private string $followIdPrim = ''; - private bool $accepted = false; - /** * Follow constructor. * diff --git a/lib/Service/CurlService.php b/lib/Service/CurlService.php index 3433a969..e21b2857 100644 --- a/lib/Service/CurlService.php +++ b/lib/Service/CurlService.php @@ -52,6 +52,7 @@ use OCA\Social\Tools\Model\NCRequest; use OCA\Social\Tools\Model\Request; use OCA\Social\Tools\Traits\TArrayTools; use OCA\Social\Tools\Traits\TPathTools; +use OCP\AppFramework\Http; use Psr\Log\LoggerInterface; class CurlService { @@ -239,17 +240,14 @@ class CurlService { * @throws UnauthorizedFediverseException */ public function retrieveObject($id): array { - $this->logger->debug('retrieveObject', ['id' => $id]); + $this->logger->debug('retrieveObject id=' . $id); $url = parse_url($id); $this->mustContains(['path', 'host', 'scheme'], $url); $request = new NCRequest($url['path'], Request::TYPE_GET); $request->setHost($url['host']); $request->setProtocol($url['scheme']); - $this->logger->debug('retrieveObject', ['request' => $request]); - $result = $this->retrieveJson($request); - $this->logger->notice('retrieveObject, request result', ['request' => $request]); if (is_array($result)) { $result['_host'] = $request->getHost(); @@ -262,24 +260,6 @@ class CurlService { /** * @param NCRequest $request * - * @return array - * @throws RequestContentException - * @throws RequestNetworkException - */ - public function retrieveJson(NCRequest $request): array { - try { - return $this->retrieveJsonOrig($request); - } catch (RequestNetworkException | RequestContentException $e) { - $this->logger->notice('during retrieveJson', ['request' => $request, 'exception' => $e]); - - throw $e; - } - } - - - /** - * @param NCRequest $request - * * @throws SocialAppConfigException * @throws UnauthorizedFediverseException * @throws RequestContentException @@ -340,8 +320,10 @@ class CurlService { * @throws RequestResultNotJsonException * @throws RequestResultSizeException * @throws RequestServerException + * @throws SocialAppConfigException + * @throws UnauthorizedFediverseException */ - public function retrieveJsonOrig(NCRequest $request): array { + public function retrieveJson(NCRequest $request): array { $result = $this->doRequest($request); if (strpos($request->getContentType(), 'application/xrd') === 0) { @@ -388,6 +370,9 @@ class CurlService { } $this->parseRequestResult($curl, $request); + if ($request->getResultCode() >= 300) { + throw new RequestContentException(json_encode($request), $request->getResultCode()); + } break; } @@ -513,10 +498,6 @@ class CurlService { $contentType = curl_getinfo($curl, CURLINFO_CONTENT_TYPE); $request->setContentType((!is_string($contentType)) ? '' : $contentType); $request->setResultCode($code); - - $this->parseRequestResultCode301($code, $request); - $this->parseRequestResultCode4xx($code, $request); - $this->parseRequestResultCode5xx($code, $request); } @@ -536,49 +517,4 @@ class CurlService { ); } } - - - /** - * @param int $code - * @param Request $request - * - * @throws RequestContentException - */ - private function parseRequestResultCode301(int $code, Request $request) { - if ($code === 301) { - throw new RequestContentException( - '301 - ' . json_encode($request, JSON_UNESCAPED_SLASHES) - ); - } - } - - - /** - * @param int $code - * @param Request $request - * - * @throws RequestContentException - */ - private function parseRequestResultCode4xx(int $code, Request $request) { - if ($code === 404 || $code === 410) { - throw new RequestContentException( - $code . ' - ' . json_encode($request, JSON_UNESCAPED_SLASHES) - ); - } - } - - - /** - * @param int $code - * @param Request $request - * - * @throws RequestServerException - */ - private function parseRequestResultCode5xx(int $code, Request $request) { - if ($code === 500) { - throw new RequestServerException( - $code . ' - ' . json_encode($request, JSON_UNESCAPED_SLASHES) - ); - } - } } diff --git a/lib/Service/SignatureService.php b/lib/Service/SignatureService.php index dcc699f8..ba1936cf 100644 --- a/lib/Service/SignatureService.php +++ b/lib/Service/SignatureService.php @@ -30,15 +30,6 @@ declare(strict_types=1); namespace OCA\Social\Service; -use OCA\Social\Tools\Exceptions\DateTimeException; -use OCA\Social\Tools\Exceptions\MalformedArrayException; -use OCA\Social\Tools\Exceptions\RequestContentException; -use OCA\Social\Tools\Exceptions\RequestNetworkException; -use OCA\Social\Tools\Exceptions\RequestResultNotJsonException; -use OCA\Social\Tools\Exceptions\RequestResultSizeException; -use OCA\Social\Tools\Exceptions\RequestServerException; -use OCA\Social\Tools\Model\NCRequest; -use OCA\Social\Tools\Traits\TArrayTools; use DateTime; use Exception; use JsonLdException; @@ -58,6 +49,16 @@ use OCA\Social\Model\ActivityPub\ACore; use OCA\Social\Model\ActivityPub\Actor\Person; use OCA\Social\Model\LinkedDataSignature; use OCA\Social\Model\RequestQueue; +use OCA\Social\Tools\Exceptions\DateTimeException; +use OCA\Social\Tools\Exceptions\MalformedArrayException; +use OCA\Social\Tools\Exceptions\RequestContentException; +use OCA\Social\Tools\Exceptions\RequestNetworkException; +use OCA\Social\Tools\Exceptions\RequestResultNotJsonException; +use OCA\Social\Tools\Exceptions\RequestResultSizeException; +use OCA\Social\Tools\Exceptions\RequestServerException; +use OCA\Social\Tools\Model\NCRequest; +use OCA\Social\Tools\Traits\TArrayTools; +use OCP\AppFramework\Http; use OCP\Files\AppData\IAppDataFactory; use OCP\Files\NotFoundException; use OCP\Files\NotPermittedException; @@ -65,6 +66,7 @@ use OCP\Files\SimpleFS\ISimpleFile; use OCP\Files\SimpleFS\ISimpleFolder; use OCP\IRequest; use OCP\Server; +use Psr\Log\LoggerInterface; use stdClass; class SignatureService { @@ -83,20 +85,20 @@ class SignatureService { private ActorsRequest $actorsRequest; private CurlService $curlService; private ConfigService $configService; - private MiscService $miscService; + private LoggerInterface $logger; public function __construct( ActorsRequest $actorsRequest, CacheActorService $cacheActorService, CurlService $curlService, ConfigService $configService, - MiscService $miscService + LoggerInterface $logger ) { $this->actorsRequest = $actorsRequest; $this->cacheActorService = $cacheActorService; $this->curlService = $curlService; $this->configService = $configService; - $this->miscService = $miscService; + $this->logger = $logger; } @@ -195,7 +197,7 @@ class SignatureService { * @return string */ private function generateDigest(string $data): string { - $encoded = hash("sha256", utf8_encode($data), true); + $encoded = hash("sha256", $data, true); return 'SHA-256=' . base64_encode($encoded); } @@ -242,14 +244,19 @@ class SignatureService { } if ($this->generateDigest($data) !== $request->getHeader('digest')) { - throw new SignatureException('issue with digest'); + throw new SignatureException( + 'issue with digest -- sent: ' . + $request->getHeader('digest') . ', expected: ' . $this->generateDigest($data) + ); } try { return $this->checkRequestSignature($request, $data); - } catch (RequestContentException $e) { - throw new SignatureIsGoneException(); } catch (SignatureException $e) { + } catch (RequestContentException $e) { + if ($e->getCode() === Http::STATUS_GONE) { + throw new SignatureIsGoneException(); + } } return ''; @@ -304,10 +311,6 @@ class SignatureService { return true; } catch (LinkedDataSignatureMissingException $e) { - $this->miscService->log( - 'Notice: LinkedDataSignatureMissingException while checkObject : ' . $e->getMessage() - . ' --- ' . json_encode($object), 1 - ); } return false; |