diff options
| -rw-r--r-- | follow.go | 2 | ||||
| -rw-r--r-- | main.go | 8 | ||||
| -rw-r--r-- | outboxGet.go | 2 | ||||
| -rw-r--r-- | outboxPost.go | 6 | ||||
| -rw-r--r-- | verification.go | 19 |
5 files changed, 27 insertions, 10 deletions
@@ -139,6 +139,8 @@ func RejectActivity(activity Activity) Activity { accept.Type = "Reject" var nObj ObjectBase accept.Object = &nObj + var nActor Actor + accept.Actor = &nActor accept.Actor.Id = activity.Object.Actor accept.Object.Actor = activity.Actor.Id var nNested NestedObjectBase @@ -2293,8 +2293,6 @@ func FingerRequest(actor string, instance string) (*http.Response){ CheckError(err, "could not get finger request from id req") - req.Header.Set("Accept", activitystreams) - resp, err := http.DefaultClient.Do(req) var finger Webfinger @@ -2342,12 +2340,16 @@ func GetActorInstance(path string) (string, string) { } } - re = regexp.MustCompile(`(https?:\\)?(www)?([\w\d-_.:]+)\/([\w\d-_.]+)`) + re = regexp.MustCompile(`(https?:\\)?(www)?([\w\d-_.:]+)\/([\w\d-_.]+)(\/([\w\d-_.]+))?`) httpFormat := re.MatchString(path) if(httpFormat) { match := re.FindStringSubmatch(path) if(len(match) > 3) { + if match[4] == "users" { + return match[6], match[3] + } + return match[4], match[3] } } diff --git a/outboxGet.go b/outboxGet.go index acc1eee..4064f0b 100644 --- a/outboxGet.go +++ b/outboxGet.go @@ -16,7 +16,7 @@ func GetActorOutbox(w http.ResponseWriter, r *http.Request, db *sql.DB) { collection.TotalItems = GetObjectPostsTotalDB(db, actor) collection.TotalImgs = GetObjectImgsTotalDB(db, actor) - enc, _ := json.MarshalIndent(collection, "", "\t") + enc, _ := json.Marshal(collection) w.Header().Set("Content-Type", activitystreams) w.Write(enc) diff --git a/outboxPost.go b/outboxPost.go index 774ac62..5772932 100644 --- a/outboxPost.go +++ b/outboxPost.go @@ -512,6 +512,12 @@ func CheckCaptcha(db *sql.DB, captcha string) bool { func ParseInboxRequest(w http.ResponseWriter, r *http.Request, db *sql.DB) { activity := GetActivityFromJson(r, db) + + if activity.Actor.PublicKey.Id == "" { + nActor := FingerActor(activity.Actor.Id) + activity.Actor = &nActor + } + if !VerifyHeaderSignature(r, *activity.Actor) { response := RejectActivity(activity) MakeActivityRequest(db, response) diff --git a/verification.go b/verification.go index 7c634e1..db44689 100644 --- a/verification.go +++ b/verification.go @@ -615,35 +615,42 @@ func VerifyHeaderSignature(r *http.Request, actor Actor) bool { var contentLength string var sig string - for _, e := range s.Headers { + for i, e := range s.Headers { + + var nl string + if i < len(s.Headers) - 1 { + nl = "\n" + } + + if e == "(request-target)" { method = strings.ToLower(r.Method) path = r.URL.Path - sig += "(request-target): " + method + " " + path + "\\n" + sig += "(request-target): " + method + " " + path + "" + nl continue } if e == "host" { host = r.Host - sig += "host: " + host + "\\n" + sig += "host: " + host + "" + nl continue } if e == "date" { date = r.Header.Get("date") - sig += "date: " + date + sig += "date: " + date + "" + nl continue } if e == "digest" { digest = r.Header.Get("digest") - sig += "digest: " + digest + sig += "digest: " + digest + "" + nl continue } if e == "content-length" { contentLength = r.Header.Get("content-length") - sig += "content-length: " + contentLength + sig += "content-length: " + contentLength + "" + nl continue } } |