diff options
| author | Maxence Lange <maxence@artificial-owl.com> | 2018-12-17 08:25:15 -0100 |
|---|---|---|
| committer | Maxence Lange <maxence@artificial-owl.com> | 2018-12-17 08:25:15 -0100 |
| commit | b7e66097070577671d0ea2cac080ff832250c2ff (patch) | |
| tree | 182de7577bbfb40d4e0d97f2dee7f11b613c6744 | |
| parent | d923faabf3b628a5a45ce9a5f6e5605b07163425 (diff) | |
checking origin of actor when retrieving a remove account
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
| -rw-r--r-- | lib/Service/CacheActorService.php | 7 | ||||
| -rw-r--r-- | lib/Service/CurlService.php | 24 |
2 files changed, 28 insertions, 3 deletions
diff --git a/lib/Service/CacheActorService.php b/lib/Service/CacheActorService.php index 28820fa1..fe71341d 100644 --- a/lib/Service/CacheActorService.php +++ b/lib/Service/CacheActorService.php @@ -36,6 +36,7 @@ use Exception; use OCA\Social\AP; use OCA\Social\Db\CacheActorsRequest; use OCA\Social\Exceptions\CacheActorDoesNotExistException; +use OCA\Social\Exceptions\InvalidOriginException; use OCA\Social\Exceptions\InvalidResourceException; use OCA\Social\Exceptions\RedundancyLimitException; use OCA\Social\Exceptions\Request410Exception; @@ -113,6 +114,7 @@ class CacheActorService { * @throws SocialAppConfigException * @throws RedundancyLimitException * @throws UnknownItemException + * @throws InvalidOriginException */ public function getFromId(string $id, bool $refresh = false): Person { @@ -133,6 +135,10 @@ class CacheActorService { /** @var Person $actor */ $actor = AP::$activityPub->getItemFromData($object); + if ($id !== $actor->getId()) { + throw new InvalidOriginException(); + } + $actor->setAccount($actor->getPreferredUsername() . '@' . $this->get('_host', $object)); try { $this->save($actor); @@ -170,6 +176,7 @@ class CacheActorService { * @throws RequestException * @throws SocialAppConfigException * @throws UnknownItemException + * @throws InvalidOriginException */ public function getFromAccount(string $account, bool $retrieve = true): Person { diff --git a/lib/Service/CurlService.php b/lib/Service/CurlService.php index 2c93f62c..d674aa3b 100644 --- a/lib/Service/CurlService.php +++ b/lib/Service/CurlService.php @@ -36,10 +36,15 @@ use daita\MySmallPhpTools\Model\Request; use daita\MySmallPhpTools\Traits\TArrayTools; use daita\MySmallPhpTools\Traits\TPathTools; use Exception; +use OCA\Social\AP; +use OCA\Social\Exceptions\InvalidOriginException; use OCA\Social\Exceptions\InvalidResourceException; +use OCA\Social\Exceptions\RedundancyLimitException; use OCA\Social\Exceptions\Request410Exception; use OCA\Social\Exceptions\RequestException; use OCA\Social\Exceptions\SocialAppConfigException; +use OCA\Social\Exceptions\UnknownItemException; +use OCA\Social\Model\ActivityPub\Actor\Person; class CurlService { @@ -75,10 +80,14 @@ class CurlService { * @param string $account * * @return mixed - * @throws RequestException * @throws InvalidResourceException - * @throws Request410Exception * @throws MalformedArrayException + * @throws Request410Exception + * @throws RequestException + * @throws SocialAppConfigException + * @throws RedundancyLimitException + * @throws UnknownItemException + * @throws InvalidOriginException */ public function retrieveAccount(string $account) { $account = $this->withoutBeginAt($account); @@ -103,7 +112,16 @@ class CurlService { throw new RequestException(); } - return $this->retrieveObject($this->get('href', $link, '')); + $data = $this->retrieveObject($this->get('href', $link, '')); + $object = AP::$activityPub->getItemFromData($data); + + if ($object->getType() === Person::TYPE) { + return $object; + } + + $object->checkOrigin($object->getId()); + + throw new UnknownItemException(); } |