Home Esplora Aiuto
Registrati Accedi
oleg
/
pixelfed
mirror da https://github.com/pixelfed/pixelfed.git
1
0
Forka 0
File Problemi 0 Wiki
Sfoglia il codice sorgente

Update InboxPipeline

Daniel Supernault 2 anni fa
parent
d1b888b5a6
commit
3cfa8b69fb
2 ha cambiato i file con 16 aggiunte e 23 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 8 12
      app/Jobs/InboxPipeline/InboxValidator.php
  2. 8 11
      app/Jobs/InboxPipeline/InboxWorker.php

+ 8 - 12
app/Jobs/InboxPipeline/InboxValidator.php
Vedi File 

@@ -80,9 +80,6 @@ class InboxValidator implements ShouldQueue
 
         if($this->verifySignature($headers, $profile, $payload) == true) {
 
             (new Inbox($headers, $profile, $payload))->handle();
 
             return;
 
-        } else if($this->blindKeyRotation($headers, $profile, $payload) == true) {
 
-            (new Inbox($headers, $profile, $payload))->handle();
 
-            return;
 
         } else {
 
             return;
 
         }
 
@@ -96,18 +93,18 @@ class InboxValidator implements ShouldQueue
 
         $signature = is_array($headers['signature']) ? $headers['signature'][0] : $headers['signature'];
 
         $date = is_array($headers['date']) ? $headers['date'][0] : $headers['date'];
 
         if(!$signature) {
 
-            return;
 
+            return false;
 
         }
 
         if(!$date) {
 
-            return;
 
+            return false;
 
         }
 
         if(!now()->parse($date)->gt(now()->subDays(1)) || 
            !now()->parse($date)->lt(now()->addDays(1))
 
        ) {
 
-            return;
 
+            return false;
 
         }
 
         if(!isset($bodyDecoded['id'])) {
 
-        	return;
 
+        	return false;
 
         }
 
         $signatureData = HttpSignature::parseSignatureHeader($signature);
 
         $keyId = Helpers::validateUrl($signatureData['keyId']);
 
@@ -127,12 +124,11 @@ class InboxValidator implements ShouldQueue
 
                 }
 
             }
 
             if(parse_url($attr, PHP_URL_HOST) !== $keyDomain) {
 
-                return;
 
+                return false;
 
             }
 
         }
 
         if(!$keyDomain || !$idDomain || $keyDomain !== $idDomain) {
 
-            return;
 
-            abort(400, 'Invalid request');
 
+            return false;
 
         }
 
         $actor = Profile::whereKeyId($keyId)->first();
 
         if(!$actor) {
 
@@ -140,11 +136,11 @@ class InboxValidator implements ShouldQueue
 
             $actor = Helpers::profileFirstOrNew($actorUrl);
 
         }
 
         if(!$actor) {
 
-            return;
 
+            return false;
 
         }
 
         $pkey = openssl_pkey_get_public($actor->public_key);
 
         if(!$pkey) {
 
-            return 0;
 
+            return false;
 
         }
 
         $inboxPath = "/users/{$profile->username}/inbox";
 
         list($verified, $headers) = HttpSignature::verify($pkey, $signatureData, $headers, $inboxPath, $body);

+ 8 - 11
app/Jobs/InboxPipeline/InboxWorker.php
Vedi File 

@@ -68,9 +68,6 @@ class InboxWorker implements ShouldQueue
 
         if($this->verifySignature($headers, $payload) == true) {
 
             (new Inbox($headers, $profile, $payload))->handle();
 
             return;
 
-        } else if($this->blindKeyRotation($headers, $payload) == true) {
 
-            (new Inbox($headers, $profile, $payload))->handle();
 
-            return;
 
         } else {
 
             return;
 
         }
 
@@ -83,18 +80,18 @@ class InboxWorker implements ShouldQueue
 
         $signature = is_array($headers['signature']) ? $headers['signature'][0] : $headers['signature'];
 
         $date = is_array($headers['date']) ? $headers['date'][0] : $headers['date'];
 
         if(!$signature) {
 
-            return;
 
+            return false;
 
         }
 
         if(!$date) {
 
-            return;
 
+            return false;
 
         }
 
         if(!now()->parse($date)->gt(now()->subDays(1)) || 
            !now()->parse($date)->lt(now()->addDays(1))
 
        ) {
 
-            return;
 
+            return false;
 
         }
 
         if(!isset($bodyDecoded['id'])) {
 
-        	return;
 
+        	return false;
 
         }
 
         $signatureData = HttpSignature::parseSignatureHeader($signature);
 
         $keyId = Helpers::validateUrl($signatureData['keyId']);
 
@@ -114,11 +111,11 @@ class InboxWorker implements ShouldQueue
 
                 }
 
             }
 
             if(parse_url($attr, PHP_URL_HOST) !== $keyDomain) {
 
-                return;
 
+                return false;
 
             }
 
         }
 
         if(!$keyDomain || !$idDomain || $keyDomain !== $idDomain) {
 
-            return;
 
+            return false;
 
         }
 
         $actor = Profile::whereKeyId($keyId)->first();
 
         if(!$actor) {
 
@@ -126,11 +123,11 @@ class InboxWorker implements ShouldQueue
 
             $actor = Helpers::profileFirstOrNew($actorUrl);
 
         }
 
         if(!$actor) {
 
-            return;
 
+            return false;
 
         }
 
         $pkey = openssl_pkey_get_public($actor->public_key);
 
         if(!$pkey) {
 
-            return 0;
 
+            return false;
 
         }
 
         $inboxPath = "/f/inbox";
 
         list($verified, $headers) = HttpSignature::verify($pkey, $signatureData, $headers, $inboxPath, $body);