Update FederationController

app/Http/Controllers/FederationController.php

@@ -29,6 +29,7 @@ use App\Util\ActivityPub\{
 	Outbox
 };
 use Zttp\Zttp;
+use App\Services\InstanceService;
 
 class FederationController extends Controller
 {
@@ -142,13 +143,19 @@ class FederationController extends Controller
 
 		$headers = $request->headers->all();
 		$payload = $request->getContent();
+		if(!$payload || empty($payload)) {
+			return;
+		}
 		$obj = json_decode($payload, true, 8);
+		if(!isset($obj['id'])) {
+			return;
+		}
+		$domain = parse_url($obj['id'], PHP_URL_HOST);
+		if(in_array($domain, InstanceService::getBannedDomains())) {
+			return;
+		}
 
 		if(isset($obj['type']) && $obj['type'] === 'Delete') {
-			if(!isset($obj['id'])) {
-				return;
-			}
-			usleep(5000);
 			$lockKey = 'pf:ap:del-lock:' . hash('sha256', $obj['id']);
 			if( isset($obj['actor']) &&
 				isset($obj['object']) &&
@@ -160,20 +167,19 @@ class FederationController extends Controller
 			) {
 				if(Cache::get($lockKey) !== null) {
 					return;
+				} else {
+					Cache::put($lockKey, 1, 3600);
+					usleep(5000);
 				}
 			}
-			Cache::put($lockKey, 1, 3600);
 			dispatch(new DeleteWorker($headers, $payload))->onQueue('delete');
 		} else {
-			if(!isset($obj['id'])) {
-				return;
-			}
-			usleep(5000);
 			$lockKey = 'pf:ap:user-inbox:activity:' . hash('sha256', $obj['id']);
 			if(Cache::get($lockKey) !== null) {
 				return;
 			}
 			Cache::put($lockKey, 1, 3600);
+			usleep(5000);
 			dispatch(new InboxValidator($username, $headers, $payload))->onQueue('high');
 		}
 		return;
@@ -186,12 +192,22 @@ class FederationController extends Controller
 
 		$headers = $request->headers->all();
 		$payload = $request->getContent();
+
+		if(!$payload || empty($payload)) {
+			return;
+		}
+
 		$obj = json_decode($payload, true, 8);
+		if(!isset($obj['id'])) {
+			return;
+		}
+
+		$domain = parse_url($obj['id'], PHP_URL_HOST);
+		if(in_array($domain, InstanceService::getBannedDomains())) {
+			return;
+		}
 
 		if(isset($obj['type']) && $obj['type'] === 'Delete') {
-			if(!isset($obj['id'])) {
-				return;
-			}
 			$lockKey = 'pf:ap:del-lock:' . hash('sha256', $obj['id']);
 			if( isset($obj['actor']) &&
 				isset($obj['object']) &&
@@ -217,15 +233,6 @@ class FederationController extends Controller
 	{
 		abort_if(!config_cache('federation.activitypub.enabled'), 404);
 
-		$profile = Profile::whereNull('remote_url')
-			->whereUsername($username)
-			->whereIsPrivate(false)
-			->firstOrFail();
-
-		if($profile->status != null) {
-			abort(404);
-		}
-
 		$obj = [
 			'@context' => 'https://www.w3.org/ns/activitystreams',
 			'id'       => $request->getUri(),
@@ -240,15 +247,6 @@ class FederationController extends Controller
 	{
 		abort_if(!config_cache('federation.activitypub.enabled'), 404);
 
-		$profile = Profile::whereNull('remote_url')
-			->whereUsername($username)
-			->whereIsPrivate(false)
-			->firstOrFail();
-
-		if($profile->status != null) {
-			abort(404);
-		}
-
 		$obj = [
 			'@context' => 'https://www.w3.org/ns/activitystreams',
 			'id'       => $request->getUri(),

app/Jobs/InboxPipeline/InboxValidator.php

@@ -49,12 +49,15 @@ class InboxValidator implements ShouldQueue
     {
         $username = $this->username;
         $headers = $this->headers;
-        $payload = json_decode($this->payload, true, 8);
 
-        $profile = Profile::whereNull('domain')->whereUsername($username)->first();
+        if(empty($headers) || empty($this->payload) || !isset($headers['signature']) || !isset($headers['date'])) {
+            return;
+        }
+
+        $payload = json_decode($this->payload, true, 8);
 
         if(isset($payload['id'])) {
-            $lockKey = hash('sha256', $payload['id']);
+            $lockKey = 'ap:icid:' . hash('sha256', $payload['id']);
             if(Cache::get($lockKey) !== null) {
                 // Job processed already
                 return 1;
@@ -62,9 +65,7 @@ class InboxValidator implements ShouldQueue
             Cache::put($lockKey, 1, 3600);
         }
 
-        if(!isset($headers['signature']) || !isset($headers['date'])) {
-            return;
-        }
+        $profile = Profile::whereNull('domain')->whereUsername($username)->first();
 
         if(empty($profile) || empty($headers) || empty($payload)) {
             return;

app/Jobs/InboxPipeline/InboxWorker.php

@@ -47,10 +47,15 @@ class InboxWorker implements ShouldQueue
     {
         $profile = null;
         $headers = $this->headers;
+
+        if(empty($headers) || empty($this->payload) || !isset($headers['signature']) || !isset($headers['date'])) {
+            return;
+        }
+
         $payload = json_decode($this->payload, true, 8);
 
         if(isset($payload['id'])) {
-            $lockKey = hash('sha256', $payload['id']);
+            $lockKey = 'ap:icid:' . hash('sha256', $payload['id']);
             if(Cache::get($lockKey) !== null) {
                 // Job processed already
                 return 1;
@@ -58,14 +63,6 @@ class InboxWorker implements ShouldQueue
             Cache::put($lockKey, 1, 3600);
         }
 
-        if(!isset($headers['signature']) || !isset($headers['date'])) {
-            return;
-        }
-
-        if(empty($headers) || empty($payload)) {
-            return;
-        }
-
         if($this->verifySignature($headers, $payload) == true) {
             (new Inbox($headers, $profile, $payload))->handle();
             return;