@evanp/activitypub-bot 0.28.3 → 0.28.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/lib/activitypubclient.js
CHANGED
|
@@ -103,9 +103,30 @@ export class ActivityPubClient {
|
|
|
103
103
|
if (res.status < 200 || res.status > 299) {
|
|
104
104
|
throw createHttpError(res.status, `Could not fetch ${url}`)
|
|
105
105
|
}
|
|
106
|
-
const
|
|
107
|
-
const
|
|
108
|
-
|
|
106
|
+
const contentType = res.headers.get('content-type')
|
|
107
|
+
const mimeType = contentType?.split(';')[0].trim()
|
|
108
|
+
if (mimeType !== 'application/json' && !mimeType.endsWith('+json')) {
|
|
109
|
+
this.#logger.warn({ mimeType, url }, 'Unexpected mime type')
|
|
110
|
+
throw new Error(`Got unexpected mime type ${mimeType} for URL ${url}`)
|
|
111
|
+
}
|
|
112
|
+
let json
|
|
113
|
+
try {
|
|
114
|
+
json = await res.json()
|
|
115
|
+
} catch (err) {
|
|
116
|
+
this.#logger.warn({ url }, 'Error parsing fetch results')
|
|
117
|
+
throw err
|
|
118
|
+
}
|
|
119
|
+
let obj
|
|
120
|
+
try {
|
|
121
|
+
obj = await as2.import(json)
|
|
122
|
+
} catch (err) {
|
|
123
|
+
this.#logger.warn({ url, json }, 'Error importing JSON as AS2')
|
|
124
|
+
throw err
|
|
125
|
+
}
|
|
126
|
+
const resolved = (URL.parse(url).hash)
|
|
127
|
+
? this.#resolveObject(obj, url)
|
|
128
|
+
: obj
|
|
129
|
+
return resolved
|
|
109
130
|
}
|
|
110
131
|
|
|
111
132
|
async post (url, obj, username) {
|
|
@@ -220,4 +241,37 @@ export class ActivityPubClient {
|
|
|
220
241
|
json.object.object = 'https://www.w3.org/ns/activitystreams#Public'
|
|
221
242
|
}
|
|
222
243
|
}
|
|
244
|
+
|
|
245
|
+
#resolveObject (obj, url, visited = new Set()) {
|
|
246
|
+
if (obj.id && obj.id === url) {
|
|
247
|
+
return obj
|
|
248
|
+
}
|
|
249
|
+
|
|
250
|
+
if (obj.id) {
|
|
251
|
+
if (visited.has(obj.id)) {
|
|
252
|
+
return null
|
|
253
|
+
}
|
|
254
|
+
visited.add(obj.id)
|
|
255
|
+
}
|
|
256
|
+
|
|
257
|
+
for (const key of obj) {
|
|
258
|
+
if (key === '@type' || key === '@id') continue
|
|
259
|
+
|
|
260
|
+
const val = obj.get(key)
|
|
261
|
+
|
|
262
|
+
if (val == null || typeof val[Symbol.iterator] !== 'function') {
|
|
263
|
+
continue
|
|
264
|
+
}
|
|
265
|
+
|
|
266
|
+
for (const item of val) {
|
|
267
|
+
if (item instanceof as2.models.Base) {
|
|
268
|
+
const found = this.#resolveObject(item, url, visited)
|
|
269
|
+
if (found) {
|
|
270
|
+
return found
|
|
271
|
+
}
|
|
272
|
+
}
|
|
273
|
+
}
|
|
274
|
+
}
|
|
275
|
+
return null
|
|
276
|
+
}
|
|
223
277
|
}
|
|
@@ -19,6 +19,7 @@ export class HTTPSignatureAuthenticator {
|
|
|
19
19
|
// Just continue
|
|
20
20
|
return next()
|
|
21
21
|
}
|
|
22
|
+
this.#logger.debug({ signature }, 'Got signed request')
|
|
22
23
|
const date = req.get('Date')
|
|
23
24
|
if (!date) {
|
|
24
25
|
return next(createHttpError(400, 'No date provided'))
|
|
@@ -48,6 +49,7 @@ export class HTTPSignatureAuthenticator {
|
|
|
48
49
|
this.#logger.debug({ originalUrl }, 'original URL')
|
|
49
50
|
try {
|
|
50
51
|
const keyId = this.#signer.keyId(signature)
|
|
52
|
+
this.#logger.debug({ keyId }, 'Signed with keyId')
|
|
51
53
|
const ok = await this.#remoteKeyStorage.getPublicKey(keyId)
|
|
52
54
|
if (!ok) {
|
|
53
55
|
throw createHttpError(400, 'public key not found')
|