mirrors
/
glitch-social
mirror of https://github.com/glitch-soc/mastodon
1
0
Fork 0
Code Releases Activity
glitch-social/app/services/resolve_account_service.rb

155 lines
4.5 KiB
Ruby
Raw Normal View History

Fix rubocop issues, introduce usage of frozen literal to improve performance
2016-11-15 15:56:29 +00:00
# frozen_string_literal: true
Rename ResolveRemoteAccountService to ResolveAccountService (#6327) The service used to be named ResolveRemoteAccountService resolves local accounts as well.
2018-01-22 13:25:09 +00:00
class ResolveAccountService < BaseService
Add ActivityPub inbox (#4216) * Add ActivityPub inbox * Handle ActivityPub deletes * Handle ActivityPub creates * Handle ActivityPub announces * Stubs for handling all activities that need to be handled * Add ActivityPub actor resolving * Handle conversation URI passing in ActivityPub * Handle content language in ActivityPub * Send accept header when fetching actor, handle JSON parse errors * Test for ActivityPub::FetchRemoteAccountService * Handle public key and icon/image when embedded/as array/as resolvable URI * Implement ActivityPub::FetchRemoteStatusService * Add stubs for more interactions * Undo activities implemented * Handle out of order activities * Hook up ActivityPub to ResolveRemoteAccountService, handle Update Account activities * Add fragment IDs to all transient activity serializers * Add tests and fixes * Add stubs for missing tests * Add more tests * Add more tests
2017-08-08 20:52:15 +01:00
include JsonLdHelper
Refactor domain block checks (#11268)
2019-07-09 02:27:35 +01:00
include DomainControlHelper
Refactor monkey-patching of Goldfinger (#12561)
2020-05-10 10:41:43 +01:00
include WebfingerHelper
Refactor domain block checks (#11268)
2019-07-09 02:27:35 +01:00
# Find or create an account record for a remote user. When creating,
# look up the user's webfinger and fetch ActivityPub data
# @param [String, Account] uri URI in the username@domain format or account record
Optimize the process of following someone (#9220) * Eliminate extra accounts select query from FollowService * Optimistically update follow state in web UI and hide loading bar Fix #6205 * Asynchronize NotifyService in FollowService And fix failing test * Skip Webfinger resolve routine when called from FollowService if possible If an account is ActivityPub, then webfinger re-resolving is not necessary when called from FollowService. Improve options of ResolveAccountService
2018-11-08 20:05:42 +00:00
# @param [Hash] options
Refactor domain block checks (#11268)
2019-07-09 02:27:35 +01:00
# @option options [Boolean] :redirected Do not follow further Webfinger redirects
# @option options [Boolean] :skip_webfinger Do not attempt to refresh account data
Send Salmon interactions
2016-02-24 11:57:29 +00:00
# @return [Account]
Optimize the process of following someone (#9220) * Eliminate extra accounts select query from FollowService * Optimistically update follow state in web UI and hide loading bar Fix #6205 * Asynchronize NotifyService in FollowService And fix failing test * Skip Webfinger resolve routine when called from FollowService if possible If an account is ActivityPub, then webfinger re-resolving is not necessary when called from FollowService. Improve options of ResolveAccountService
2018-11-08 20:05:42 +00:00
def call(uri, options = {})
Refactor domain block checks (#11268)
2019-07-09 02:27:35 +01:00
return if uri.blank?
process_options!(uri, options)
# First of all we want to check if we've got the account
# record with the URI already, and if so, we can exit early
return if domain_not_allowed?(@domain)
@account ||= Account.find_remote(@username, @domain)
Remove dependency on goldfinger gem (#14919) There are edge cases where requests to certain hosts timeout when using the vanilla HTTP.rb gem, which the goldfinger gem uses. Now that we no longer need to support OStatus servers, webfinger logic is so simple that there is no point encapsulating it in a gem, so we can just use our own Request class. With that, we benefit from more robust timeout code and IPv4/IPv6 resolution. Fix #14091
2020-10-07 23:34:57 +01:00
return @account if @account&.local? || @domain.nil? || !webfinger_update_due?
Refactor domain block checks (#11268)
2019-07-09 02:27:35 +01:00
# At this point we are in need of a Webfinger query, which may
# yield us a different username/domain through a redirect
Fix handling of webfinger redirects in ResolveAccountService (#11279)
2019-07-10 16:10:12 +01:00
process_webfinger!(@uri)
Refactor domain block checks (#11268)
2019-07-09 02:27:35 +01:00
# Because the username/domain pair may be different than what
# we already checked, we need to check if we've already got
# the record with that URI, again
return if domain_not_allowed?(@domain)
@account ||= Account.find_remote(@username, @domain)
Add support for reversible suspensions through ActivityPub (#14989)
2020-11-07 23:28:39 +00:00
if gone_from_origin? && not_yet_deleted?
queue_deletion!
return
end
return @account if @account&.local? || gone_from_origin? || !webfinger_update_due?
Refactor domain block checks (#11268)
2019-07-09 02:27:35 +01:00
# Now it is certain, it is definitely a remote account, and it
# either needs to be created, or updated from fresh data
process_account!
Add support for reversible suspensions through ActivityPub (#14989)
2020-11-07 23:28:39 +00:00
rescue Webfinger::Error, Oj::ParseError => e
Refactor domain block checks (#11268)
2019-07-09 02:27:35 +01:00
Rails.logger.debug "Webfinger query for #{@uri} failed: #{e}"
nil
end
private
def process_options!(uri, options)
Optimize the process of following someone (#9220) * Eliminate extra accounts select query from FollowService * Optimistically update follow state in web UI and hide loading bar Fix #6205 * Asynchronize NotifyService in FollowService And fix failing test * Skip Webfinger resolve routine when called from FollowService if possible If an account is ActivityPub, then webfinger re-resolving is not necessary when called from FollowService. Improve options of ResolveAccountService
2018-11-08 20:05:42 +00:00
@options = options
Adding Turbolinks, adding status posting form on homepage
2016-03-21 17:26:47 +00:00
Optimize the process of following someone (#9220) * Eliminate extra accounts select query from FollowService * Optimistically update follow state in web UI and hide loading bar Fix #6205 * Asynchronize NotifyService in FollowService And fix failing test * Skip Webfinger resolve routine when called from FollowService if possible If an account is ActivityPub, then webfinger re-resolving is not necessary when called from FollowService. Improve options of ResolveAccountService
2018-11-08 20:05:42 +00:00
if uri.is_a?(Account)
@account = uri
@username = @account.username
@domain = @account.domain
else
@username, @domain = uri.split('@')
end
Separate PuSH subscriptions from following, add mastodon:push:refresh task, respect hub.lease_seconds (fix #46)
2016-09-19 23:39:03 +01:00
Fix acct URIs with IDN domains not being resolved (#11520) Fix #11494
2019-08-07 20:14:08 +01:00
@domain = begin
if TagManager.instance.local_domain?(@domain)
nil
else
TagManager.instance.normalize_domain(@domain)
end
end
@uri = [@username, @domain].compact.join('@')
Refactor domain block checks (#11268)
2019-07-09 02:27:35 +01:00
end
Initial commit
2016-02-20 21:53:20 +00:00
Fix handling of webfinger redirects in ResolveAccountService (#11279)
2019-07-10 16:10:12 +01:00
def process_webfinger!(uri, redirected = false)
Refactor monkey-patching of Goldfinger (#12561)
2020-05-10 10:41:43 +01:00
@webfinger = webfinger!("acct:#{uri}")
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
2017-07-19 13:44:04 +01:00
confirmed_username, confirmed_domain = @webfinger.subject.gsub(/\Aacct:/, '').split('@')
Allow @username@domain/@username in follow form, prevent duplicate accounts created via remote look-up when domains differ but point to the same resource
2016-11-03 15:57:44 +00:00
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
2017-07-19 13:44:04 +01:00
if confirmed_username.casecmp(@username).zero? && confirmed_domain.casecmp(@domain).zero?
@username = confirmed_username
@domain = confirmed_domain
Fix handling of webfinger redirects in ResolveAccountService (#11279)
2019-07-10 16:10:12 +01:00
@uri = uri
elsif !redirected
return process_webfinger!("#{confirmed_username}@#{confirmed_domain}", true)
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
2017-07-19 13:44:04 +01:00
else
Add support for reversible suspensions through ActivityPub (#14989)
2020-11-07 23:28:39 +00:00
raise Webfinger::RedirectError, "The URI #{uri} tries to hijack #{@username}@#{@domain}"
Fix possibility of unrightful webfinger redirect (#2147) * Fix possibility of unrightful webfinger redirect * Add more tests for FollowRemoteAccountService
2017-04-19 16:28:35 +01:00
end
Refactor domain block checks (#11268)
2019-07-09 02:27:35 +01:00
@domain = nil if TagManager.instance.local_domain?(@domain)
Add support for reversible suspensions through ActivityPub (#14989)
2020-11-07 23:28:39 +00:00
rescue Webfinger::GoneError
@gone = true
Refactor domain block checks (#11268)
2019-07-09 02:27:35 +01:00
end
def process_account!
Remove Salmon and PubSubHubbub (#11205) * Remove Salmon and PubSubHubbub endpoints * Add error when trying to follow OStatus accounts * Fix new accounts not being created in ResolveAccountService
2019-07-06 22:26:16 +01:00
return unless activitypub_ready?
Allow @username@domain/@username in follow form, prevent duplicate accounts created via remote look-up when domains differ but point to the same resource
2016-11-03 15:57:44 +00:00
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
2017-07-19 13:44:04 +01:00
RedisLock.acquire(lock_options) do |lock|
if lock.acquired?
@account = Account.find_remote(@username, @domain)
Allow @username@domain/@username in follow form, prevent duplicate accounts created via remote look-up when domains differ but point to the same resource
2016-11-03 15:57:44 +00:00
Fix previously OStatus-based accounts not being detected as ActivityPub (#13129)
2020-02-22 00:26:41 +00:00
next if actor_json.nil?
Remove Salmon and PubSubHubbub (#11205) * Remove Salmon and PubSubHubbub endpoints * Add error when trying to follow OStatus accounts * Fix new accounts not being created in ResolveAccountService
2019-07-06 22:26:16 +01:00
Refactor domain block checks (#11268)
2019-07-09 02:27:35 +01:00
@account = ActivityPub::ProcessAccountService.new.call(@username, @domain, actor_json)
Raise Mastodon::RaceConditionError if Redis lock failed (#7511) An explicit error allows user agents to know the error and Sidekiq to retry.
2018-05-16 11:29:45 +01:00
else
raise Mastodon::RaceConditionError
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
2017-07-19 13:44:04 +01:00
end
Refresh webfinger (#1323) * Refresh local info for remote accounts when webfinger returns new values It only refreshes account info if one of the URLs or the public-key changes, in which cases it refreshes the full info, re-downloading the feeds from that user. Some special handling should probably be done when the public key changes, but I have been unable to find any use for it in Mastodon yet. * Re-fetch remote users we aren't subscribed to. This might induce performance issues, we might want to only do that for users we explicitly attempted to subscribe but failed to. * Refactor changes * Do not refresh existing remote account details more than once a day * Avoid re-fetching webfinger info in tests unless otherwise specified
2017-04-15 02:16:05 +01:00
end
Allow @username@domain/@username in follow form, prevent duplicate accounts created via remote look-up when domains differ but point to the same resource
2016-11-03 15:57:44 +00:00
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
2017-07-19 13:44:04 +01:00
@account
end
Domain blocks now have varying severity - auto-suspend vs auto-silence
2017-01-23 16:38:38 +00:00
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
2017-07-19 13:44:04 +01:00
def webfinger_update_due?
Fix performance of follow import (#13836)
2020-06-09 09:26:58 +01:00
return false if @options[:check_delivery_availability] && !DeliveryFailureTracker.available?(@domain)
Optimize the process of following someone (#9220) * Eliminate extra accounts select query from FollowService * Optimistically update follow state in web UI and hide loading bar Fix #6205 * Asynchronize NotifyService in FollowService And fix failing test * Skip Webfinger resolve routine when called from FollowService if possible If an account is ActivityPub, then webfinger re-resolving is not necessary when called from FollowService. Improve options of ResolveAccountService
2018-11-08 20:05:42 +00:00
@account.nil? || ((!@options[:skip_webfinger] || @account.ostatus?) && @account.possibly_stale?)
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
2017-07-19 13:44:04 +01:00
end
Fixes and general progress
2016-02-22 17:10:30 +00:00
Add ActivityPub inbox (#4216) * Add ActivityPub inbox * Handle ActivityPub deletes * Handle ActivityPub creates * Handle ActivityPub announces * Stubs for handling all activities that need to be handled * Add ActivityPub actor resolving * Handle conversation URI passing in ActivityPub * Handle content language in ActivityPub * Send accept header when fetching actor, handle JSON parse errors * Test for ActivityPub::FetchRemoteAccountService * Handle public key and icon/image when embedded/as array/as resolvable URI * Implement ActivityPub::FetchRemoteStatusService * Add stubs for more interactions * Undo activities implemented * Handle out of order activities * Hook up ActivityPub to ResolveRemoteAccountService, handle Update Account activities * Add fragment IDs to all transient activity serializers * Add tests and fixes * Add stubs for missing tests * Add more tests * Add more tests
2017-08-08 20:52:15 +01:00
def activitypub_ready?
Remove dependency on goldfinger gem (#14919) There are edge cases where requests to certain hosts timeout when using the vanilla HTTP.rb gem, which the goldfinger gem uses. Now that we no longer need to support OStatus servers, webfinger logic is so simple that there is no point encapsulating it in a gem, so we can just use our own Request class. With that, we benefit from more robust timeout code and IPv4/IPv6 resolution. Fix #14091
2020-10-07 23:34:57 +01:00
['application/activity+json', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'].include?(@webfinger.link('self', 'type'))
Add ActivityPub inbox (#4216) * Add ActivityPub inbox * Handle ActivityPub deletes * Handle ActivityPub creates * Handle ActivityPub announces * Stubs for handling all activities that need to be handled * Add ActivityPub actor resolving * Handle conversation URI passing in ActivityPub * Handle content language in ActivityPub * Send accept header when fetching actor, handle JSON parse errors * Test for ActivityPub::FetchRemoteAccountService * Handle public key and icon/image when embedded/as array/as resolvable URI * Implement ActivityPub::FetchRemoteStatusService * Add stubs for more interactions * Undo activities implemented * Handle out of order activities * Hook up ActivityPub to ResolveRemoteAccountService, handle Update Account activities * Add fragment IDs to all transient activity serializers * Add tests and fixes * Add stubs for missing tests * Add more tests * Add more tests
2017-08-08 20:52:15 +01:00
end
def actor_url
Remove dependency on goldfinger gem (#14919) There are edge cases where requests to certain hosts timeout when using the vanilla HTTP.rb gem, which the goldfinger gem uses. Now that we no longer need to support OStatus servers, webfinger logic is so simple that there is no point encapsulating it in a gem, so we can just use our own Request class. With that, we benefit from more robust timeout code and IPv4/IPv6 resolution. Fix #14091
2020-10-07 23:34:57 +01:00
@actor_url ||= @webfinger.link('self', 'href')
Add ActivityPub inbox (#4216) * Add ActivityPub inbox * Handle ActivityPub deletes * Handle ActivityPub creates * Handle ActivityPub announces * Stubs for handling all activities that need to be handled * Add ActivityPub actor resolving * Handle conversation URI passing in ActivityPub * Handle content language in ActivityPub * Send accept header when fetching actor, handle JSON parse errors * Test for ActivityPub::FetchRemoteAccountService * Handle public key and icon/image when embedded/as array/as resolvable URI * Implement ActivityPub::FetchRemoteStatusService * Add stubs for more interactions * Undo activities implemented * Handle out of order activities * Hook up ActivityPub to ResolveRemoteAccountService, handle Update Account activities * Add fragment IDs to all transient activity serializers * Add tests and fixes * Add stubs for missing tests * Add more tests * Add more tests
2017-08-08 20:52:15 +01:00
end
Require "inbox" to be set on actor to be ActivityPub-ready (#4595)
2017-08-14 10:27:25 +01:00
def actor_json
return @actor_json if defined?(@actor_json)
Validate id of ActivityPub representations (#5114) Additionally, ActivityPub::FetchRemoteStatusService no longer parses activities. OStatus::Activity::Creation no longer delegates to ActivityPub because the provided ActivityPub representations are not signed while OStatus representations are.
2017-10-04 00:13:48 +01:00
json = fetch_resource(actor_url, false)
Support Actors/Statuses with multiple types (#7305) * Add equals_or_includes_any? helper in JsonLdHelper * Support arrays in JSON-LD type fields for actors/tags/objects. * Spec for resolving accounts with extension types * Style tweaks for codeclimate
2018-05-02 11:40:24 +01:00
@actor_json = supported_context?(json) && equals_or_includes_any?(json['type'], ActivityPub::FetchRemoteAccountService::SUPPORTED_TYPES) ? json : nil
Require "inbox" to be set on actor to be ActivityPub-ready (#4595)
2017-08-14 10:27:25 +01:00
end
Add support for reversible suspensions through ActivityPub (#14989)
2020-11-07 23:28:39 +00:00
def gone_from_origin?
@gone
end
def not_yet_deleted?
@account.present? && !@account.local?
end
def queue_deletion!
Fix sending spurious Rejects when processing remote account deletion (#15104) * Fix sending spurious Rejects when processing remote account deletion * Make skip_side_effects imply skip_activitypub
2020-11-19 16:39:47 +00:00
AccountDeletionWorker.perform_async(@account.id, reserve_username: false, skip_activitypub: true)
Add support for reversible suspensions through ActivityPub (#14989)
2020-11-07 23:28:39 +00:00
end
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock
2017-07-19 13:44:04 +01:00
def lock_options
{ redis: Redis.current, key: "resolve:#{@username}@#{@domain}" }
Update profile information and download avatar of remote accounts
2016-02-28 13:26:26 +00:00
end
Initial commit
2016-02-20 21:53:20 +00:00
end