From 89e4e3ea5bf8c631f366f027b29ff51dccb2a232 Mon Sep 17 00:00:00 2001
From: Namekuji <nmkj@noreply.codeberg.org>
Date: Tue, 27 Jun 2023 22:44:16 -0700
Subject: [PATCH] refactor: simplify getSignatureUser

---
 .../src/remote/activitypub/check-fetch.ts     | 84 +++----------------
 1 file changed, 12 insertions(+), 72 deletions(-)

diff --git a/packages/backend/src/remote/activitypub/check-fetch.ts b/packages/backend/src/remote/activitypub/check-fetch.ts
index a3e241c25..c885b4a19 100644
--- a/packages/backend/src/remote/activitypub/check-fetch.ts
+++ b/packages/backend/src/remote/activitypub/check-fetch.ts
@@ -98,81 +98,21 @@ export async function checkFetch(req: IncomingMessage): Promise<number> {
 	return 200;
 }
 
-export async function getSignatureUser(
-	req: IncomingMessage,
-): Promise<{
+export async function getSignatureUser(req: IncomingMessage): Promise<{
 	user: CacheableRemoteUser;
 	key: UserPublickey | null;
 } | null> {
-	let authUser;
-	const meta = await fetchMeta();
-	if (meta.secureMode || meta.privateMode) {
-		let signature;
+	const signature = httpSignature.parseRequest(req, { headers: [] });
+	const keyId = new URL(signature.keyId);
+	const dbResolver = new DbResolver();
 
-		try {
-			signature = httpSignature.parseRequest(req, { headers: [] });
-		} catch (e) {
-			return null;
-		}
-
-		const keyId = new URL(signature.keyId);
-		const host = toPuny(keyId.hostname);
-
-		if (await shouldBlockInstance(host, meta)) {
-			return null;
-		}
-
-		if (
-			meta.privateMode &&
-			host !== config.host &&
-			!meta.allowedHosts.includes(host)
-		) {
-			return null;
-		}
-
-		const keyIdLower = signature.keyId.toLowerCase();
-		if (keyIdLower.startsWith("acct:")) {
-			// Old keyId is no longer supported.
-			return null;
-		}
-
-		const dbResolver = new DbResolver();
-
-		// HTTP-Signature keyIdを元にDBから取得
-		authUser = await dbResolver.getAuthUserFromKeyId(signature.keyId);
-
-		// keyIdでわからなければ、resolveしてみる
-		if (!authUser) {
-			try {
-				keyId.hash = "";
-				authUser = await dbResolver.getAuthUserFromApId(
-					getApId(keyId.toString()),
-				);
-			} catch {
-				// できなければ駄目
-				return null;
-			}
-		}
-
-		// publicKey がなくても終了
-		if (!authUser?.key) {
-			return null;
-		}
-
-		// もう一回チェック
-		if (authUser.user.host !== host) {
-			return null;
-		}
-
-		// HTTP-Signatureの検証
-		const httpSignatureValidated = httpSignature.verifySignature(
-			signature,
-			authUser.key.keyPem,
-		);
-
-		if (!httpSignatureValidated) {
-			return null;
-		}
+	// Retrieve from DB by HTTP-Signature keyId
+	const authUser = await dbResolver.getAuthUserFromKeyId(signature.keyId);
+	if (authUser) {
+		return authUser;
 	}
-	return authUser;
+
+	// Resolve if failed to retrieve by keyId
+	keyId.hash = "";
+	return await dbResolver.getAuthUserFromApId(getApId(keyId.toString()));
 }