diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2017-08-26 13:47:38 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-08-26 13:47:38 +0200 |
commit | 00840f4f2edb8d1d46638ccbc90a1f4462d0867a (patch) | |
tree | c4f6c9a4967df5d5f23094ddefed88c621d6c3ff /app/services/activitypub | |
parent | 1cebfed23e03b9d31796cdc139acde1b6dccd9f3 (diff) |
Add handling of Linked Data Signatures in payloads (#4687)
* Add handling of Linked Data Signatures in payloads * Add a way to sign JSON, fix canonicalization of signature options * Fix signatureValue encoding, send out signed JSON when distributing * Add missing security context
Diffstat (limited to 'app/services/activitypub')
-rw-r--r-- | app/services/activitypub/process_collection_service.rb | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/app/services/activitypub/process_collection_service.rb b/app/services/activitypub/process_collection_service.rb index cd861c075..2cf15553d 100644 --- a/app/services/activitypub/process_collection_service.rb +++ b/app/services/activitypub/process_collection_service.rb @@ -9,6 +9,8 @@ class ActivityPub::ProcessCollectionService < BaseService return if @account.suspended? || !supported_context? + verify_account! if different_actor? + case @json['type'] when 'Collection', 'CollectionPage' process_items @json['items'] @@ -23,6 +25,10 @@ class ActivityPub::ProcessCollectionService < BaseService private + def different_actor? + @json['actor'].present? && value_or_id(@json['actor']) != @account.uri && @json['signature'].present? + end + def process_items(items) items.reverse_each.map { |item| process_item(item) }.compact end @@ -35,4 +41,9 @@ class ActivityPub::ProcessCollectionService < BaseService activity = ActivityPub::Activity.factory(item, @account) activity&.perform end + + def verify_account! + account = ActivityPub::LinkedDataSignature.new(@json).verify_account! + @account = account unless account.nil? + end end |