Don't sign fetch when fetching actor for a given signature

Otherwise it's doing a loop

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2021-11-16 15:46:23 +01:00
parent 88067bd217
commit 84bd1ccfad
No known key found for this signature in database
GPG key ID: A061B9DDE0CA0773
3 changed files with 9 additions and 7 deletions

View file

@ -13,7 +13,7 @@ defmodule Mobilizon.Federation.ActivityPub.Fetcher do
alias Mobilizon.Service.HTTP.ActivityPub, as: ActivityPubClient
import Mobilizon.Federation.ActivityPub.Utils,
only: [maybe_date_fetch: 2, sign_fetch: 4, origin_check?: 2]
only: [maybe_date_fetch: 2, sign_fetch: 5, origin_check?: 2]
import Mobilizon.Service.Guards, only: [is_valid_string: 1]
@ -28,7 +28,7 @@ defmodule Mobilizon.Federation.ActivityPub.Fetcher do
headers =
[{:Accept, "application/activity+json"}]
|> maybe_date_fetch(date)
|> sign_fetch(on_behalf_of, url, date)
|> sign_fetch(on_behalf_of, url, date, options)
client = ActivityPubClient.client(headers: headers)

View file

@ -650,9 +650,10 @@ defmodule Mobilizon.Federation.ActivityPub.Utils do
@doc """
Sign a request with an actor.
"""
@spec sign_fetch(Enum.t(), Actor.t(), String.t(), String.t()) :: Enum.t()
def sign_fetch(headers, actor, id, date) do
if Mobilizon.Config.get([:activitypub, :sign_object_fetches]) do
@spec sign_fetch(Enum.t(), Actor.t(), String.t(), String.t(), Keyword.t()) :: Enum.t()
def sign_fetch(headers, actor, id, date, options \\ []) do
if Mobilizon.Config.get([:activitypub, :sign_object_fetches]) and
Keyword.get(options, :ignore_sign_object_fetches, false) == false do
headers ++ make_signature(actor, id, date)
else
headers

View file

@ -103,8 +103,9 @@ defmodule Mobilizon.Federation.HTTPSignatures.Signature do
actor_id = key_id_to_actor_url(kid)
Logger.debug("Refetching public key for #{actor_id}")
with {:ok, _actor} <- ActivityPubActor.make_actor_from_url(actor_id) do
get_public_key_for_url(actor_id)
with {:ok, %Actor{} = actor} <-
ActivityPubActor.make_actor_from_url(actor_url, ignore_sign_object_fetches: true) do
get_actor_public_key(actor)
end
end