diff options
| author | Maxence Lange <maxence@artificial-owl.com> | 2019-01-04 10:37:50 -0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-01-04 10:37:50 -0100 |
| commit | 3051f69e2886f8b6d0380c04a5733b27bf5b2834 (patch) | |
| tree | 197c8f93988741616d982ea8e5aedc6f702ad1cf | |
| parent | 7a2b334ea54bea54f2940bb91d2279f366cb07cd (diff) | |
| parent | 3e9ca2f9404e227db58b8b67dd176003f98e9f9f (diff) | |
Merge pull request #300 from nextcloud/bugfix/noid/verify-once
There is no use to check twice
| -rw-r--r-- | lib/Model/ActivityPub/Object/Note.php | 2 | ||||
| -rw-r--r-- | lib/Service/ActivityService.php | 22 | ||||
| -rw-r--r-- | lib/Service/SignatureService.php | 17 |
3 files changed, 22 insertions, 19 deletions
diff --git a/lib/Model/ActivityPub/Object/Note.php b/lib/Model/ActivityPub/Object/Note.php index 361ed872..0efb3ac4 100644 --- a/lib/Model/ActivityPub/Object/Note.php +++ b/lib/Model/ActivityPub/Object/Note.php @@ -33,7 +33,6 @@ namespace OCA\Social\Model\ActivityPub\Object; use DateTime; use JsonSerializable; use OCA\Social\Model\ActivityPub\ACore; -use OCA\Social\Service\SignatureService; class Note extends ACore implements JsonSerializable { @@ -195,7 +194,6 @@ class Note extends ACore implements JsonSerializable { */ public function convertPublished() { $dTime = new DateTime($this->getPublished()); - $dTime->format(SignatureService::DATE_FORMAT); $this->setPublishedTime($dTime->getTimestamp()); } diff --git a/lib/Service/ActivityService.php b/lib/Service/ActivityService.php index 3ee7efcd..1e538cdf 100644 --- a/lib/Service/ActivityService.php +++ b/lib/Service/ActivityService.php @@ -61,9 +61,9 @@ class ActivityService { use TArrayTools; - const TIMEOUT_LIVE = 2; - const TIMEOUT_ASYNC = 5; - const TIMEOUT_SERVICE = 10; + const TIMEOUT_LIVE = 3; + const TIMEOUT_ASYNC = 10; + const TIMEOUT_SERVICE = 30; /** @var NotesRequest */ @@ -268,29 +268,33 @@ class ActivityService { $this->queueService->endRequest($queue, true); } catch (ActorDoesNotExistException $e) { $this->miscService->log( - 'Error while managing request: ' . json_encode($request) . ' ' . json_encode($e), 1 + 'Error while managing request: ' . json_encode($request) . ' ' . $e->getMessage(), 1 ); $this->queueService->deleteRequest($queue); } catch (RequestContentException $e) { $this->miscService->log( - 'Error while managing request: ' . json_encode($request) . ' ' . json_encode($e), 1 + 'Error while managing request: ' . json_encode($request) . ' ' . $e->getMessage(), 1 ); $this->queueService->deleteRequest($queue); } catch (RequestResultSizeException $e) { $this->miscService->log( - 'Error while managing request: ' . json_encode($request) . ' ' . json_encode($e), 1 + 'Error while managing request: ' . json_encode($request) . ' ' . $e->getMessage(), 1 ); $this->queueService->deleteRequest($queue); } catch (RequestServerException $e) { $this->miscService->log( - 'Temporary error while managing request: ' . json_encode($request) . ' ' - . json_encode($e), 1 + 'Temporary error while managing request: RequestServerException - ' . json_encode( + $request + ) . ' - ' + . $e->getMessage(), 1 ); $this->queueService->endRequest($queue, false); $this->failInstances[] = $host; } catch (RequestNetworkException $e) { $this->miscService->log( - 'Temporary error while managing request: ' . json_encode($e), 1 + 'Temporary error while managing request: RequestNetworkException - ' . json_encode( + $request + ) . ' - ' . $e->getMessage(), 1 ); $this->queueService->endRequest($queue, false); $this->failInstances[] = $host; diff --git a/lib/Service/SignatureService.php b/lib/Service/SignatureService.php index c05254c6..6ce7ddfc 100644 --- a/lib/Service/SignatureService.php +++ b/lib/Service/SignatureService.php @@ -65,7 +65,9 @@ class SignatureService { const ORIGIN_SIGNATURE = 2; - const DATE_FORMAT = 'D, d M Y H:i:s T'; + const DATE_HEADER = 'D, d M Y H:i:s T'; + const DATE_OBJECT = 'Y-m-d\TH:i:s\Z'; + const DATE_DELAY = 30; @@ -135,7 +137,7 @@ class SignatureService { * @throws SocialAppConfigException */ public function signRequest(Request $request, RequestQueue $queue) { - $date = gmdate(self::DATE_FORMAT); + $date = gmdate(self::DATE_HEADER); $path = $queue->getInstance(); $localActor = $this->actorsRequest->getFromId($queue->getAuthor()); @@ -178,7 +180,6 @@ class SignatureService { */ public function checkRequest(IRequest $request, int &$time = 0): string { $dTime = new DateTime($request->getHeader('date')); - $dTime->format(self::DATE_FORMAT); $time = $dTime->getTimestamp(); if ($time < (time() - self::DATE_DELAY)) { @@ -217,12 +218,12 @@ class SignatureService { $signature = new LinkedDataSignature(); $signature->import(json_decode($object->getSource(), true)); $signature->setPublicKey($this->retrieveKey($actorId)); - if (!$signature->verify()) { - $signature->setPublicKey($this->retrieveKey($actorId, true)); - } if (!$signature->verify()) { - return false; + $signature->setPublicKey($this->retrieveKey($actorId, true)); + if (!$signature->verify()) { + return false; + } } $dTime = new DateTime($signature->getCreated()); @@ -249,7 +250,7 @@ class SignatureService { $signature->setPrivateKey($actor->getPrivateKey()); $signature->setType('RsaSignature2017'); $signature->setCreator($actor->getId() . '#main-key'); - $signature->setCreated($object->getPublished()); + $signature->setCreated($date = gmdate(self::DATE_OBJECT)); $signature->setObject(json_decode(json_encode($object), true)); try { |