refactor: simplify getSignatureUser

2024-05-19 14:51:11 +02:00 · 2023-06-27 22:44:16 -07:00 · 2023-06-27 22:44:16 -07:00 · 02325e3c7c
parent 95b495d620
commit 02325e3c7c
1 changed files with 12 additions and 72 deletions
--- a/packages/backend/src/remote/activitypub/check-fetch.ts
+++ b/packages/backend/src/remote/activitypub/check-fetch.ts
@ -98,81 +98,21 @@ export async function checkFetch(req: IncomingMessage): Promise<number> {
 	return 200;
 }

-export async function getSignatureUser(
-	req: IncomingMessage,
-): Promise<{
+export async function getSignatureUser(req: IncomingMessage): Promise<{
 	user: CacheableRemoteUser;
 	key: UserPublickey | null;
 } | null> {
-	let authUser;
-	const meta = await fetchMeta();
-	if (meta.secureMode || meta.privateMode) {
-		let signature;
+	const signature = httpSignature.parseRequest(req, { headers: [] });
+	const keyId = new URL(signature.keyId);
+	const dbResolver = new DbResolver();

-		try {
-			signature = httpSignature.parseRequest(req, { headers: [] });
-		} catch (e) {
-			return null;
-		}
-
-		const keyId = new URL(signature.keyId);
-		const host = toPuny(keyId.hostname);
-
-		if (await shouldBlockInstance(host, meta)) {
-			return null;
-		}
-
-		if (
-			meta.privateMode &&
-			host !== config.host &&
-			!meta.allowedHosts.includes(host)
-		) {
-			return null;
-		}
-
-		const keyIdLower = signature.keyId.toLowerCase();
-		if (keyIdLower.startsWith("acct:")) {
-			// Old keyId is no longer supported.
-			return null;
-		}
-
-		const dbResolver = new DbResolver();
-
-		// HTTP-Signature keyIdを元にDBから取得
-		authUser = await dbResolver.getAuthUserFromKeyId(signature.keyId);
-
-		// keyIdでわからなければ、resolveしてみる
-		if (!authUser) {
-			try {
-				keyId.hash = "";
-				authUser = await dbResolver.getAuthUserFromApId(
-					getApId(keyId.toString()),
-				);
-			} catch {
-				// できなければ駄目
-				return null;
-			}
-		}
-
-		// publicKey がなくても終了
-		if (!authUser?.key) {
-			return null;
-		}
-
-		// もう一回チェック
-		if (authUser.user.host !== host) {
-			return null;
-		}
-
-		// HTTP-Signatureの検証
-		const httpSignatureValidated = httpSignature.verifySignature(
-			signature,
-			authUser.key.keyPem,
-		);
-
-		if (!httpSignatureValidated) {
-			return null;
-		}
+	// Retrieve from DB by HTTP-Signature keyId
+	const authUser = await dbResolver.getAuthUserFromKeyId(signature.keyId);
+	if (authUser) {
+		return authUser;
 	}
-	return authUser;
+
+	// Resolve if failed to retrieve by keyId
+	keyId.hash = "";
+	return await dbResolver.getAuthUserFromApId(getApId(keyId.toString()));
 }