diff options
author | ThibG <thib@sitedethib.com> | 2019-07-10 17:10:12 +0200 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2019-07-10 17:10:12 +0200 |
commit | 85eb418e1f9ae40ce5fbdc837a354444eec94655 (patch) | |
tree | 7a781e3822893021ab84f2b48d53888febfc1dec /app | |
parent | 27ad4c1501eb391b56e89bdab52624b953fde786 (diff) |
Fix handling of webfinger redirects in ResolveAccountService (#11279)
Diffstat (limited to 'app')
-rw-r--r-- | app/services/resolve_account_service.rb | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/app/services/resolve_account_service.rb b/app/services/resolve_account_service.rb index 41a2eb158..7864c4bcd 100644 --- a/app/services/resolve_account_service.rb +++ b/app/services/resolve_account_service.rb @@ -30,7 +30,7 @@ class ResolveAccountService < BaseService # At this point we are in need of a Webfinger query, which may # yield us a different username/domain through a redirect - process_webfinger! + process_webfinger!(@uri) # Because the username/domain pair may be different than what # we already checked, we need to check if we've already got @@ -69,15 +69,16 @@ class ResolveAccountService < BaseService @domain = nil if TagManager.instance.local_domain?(@domain) end - def process_webfinger! + def process_webfinger!(uri, redirected = false) @webfinger = Goldfinger.finger("acct:#{@uri}") confirmed_username, confirmed_domain = @webfinger.subject.gsub(/\Aacct:/, '').split('@') if confirmed_username.casecmp(@username).zero? && confirmed_domain.casecmp(@domain).zero? @username = confirmed_username @domain = confirmed_domain - elsif @options[:redirected].nil? - @account = ResolveAccountService.new.call("#{confirmed_username}@#{confirmed_domain}", @options.merge(redirected: true)) + @uri = uri + elsif !redirected + return process_webfinger!("#{confirmed_username}@#{confirmed_domain}", true) else raise WebfingerRedirectError, "The URI #{uri} tries to hijack #{@username}@#{@domain}" end |