Mark instances as unreachable when returning a 403 from an object fetch - pleroma - My custom branche(s) on git.pleroma.social/pleroma/pleroma

commit: d472bafec19cee269e7c943bafae7c805785acd7
parent 603e9f6a92e8ea2d2d34d2af26ec2b12fe4b8543
Author: Mark Felder <feld@feld.me>
Date:   Tue, 26 Dec 2023 15:54:14 -0500

Mark instances as unreachable when returning a 403 from an object fetch

This is a definite sign the instance is blocked and they are enforcing authorized_fetch

Diffstat:
M lib/pleroma/object/fetcher.ex 9 +++++++++
M lib/pleroma/workers/remote_fetcher_worker.ex 11 +++++++++++
M test/pleroma/object/fetcher_test.exs 15 +++++++++++++++

3 files changed, 35 insertions(+), 0 deletions(-)
diff --git a/lib/pleroma/object/fetcher.ex b/lib/pleroma/object/fetcher.ex
@@ -99,6 +99,15 @@ defmodule Pleroma.Object.Fetcher do
       {:fetch_object, %Object{} = object} ->
         {:ok, object}
 
+      {:fetch, {:error, {:ok, %Tesla.Env{status: 403}}}} ->
+        Instances.set_consistently_unreachable(id)
+
+        Logger.error(
+          "Error while fetching #{id}: HTTP 403 likely due to instance block rejecting the signed fetch."
+        )
+
+        {:error, "Object fetch has been denied"}
+
       {:fetch, {:error, error}} ->
         Logger.error("Error while fetching #{id}: #{inspect(error)}")
         {:error, error}
diff --git a/lib/pleroma/workers/remote_fetcher_worker.ex b/lib/pleroma/workers/remote_fetcher_worker.ex
@@ -10,6 +10,17 @@ defmodule Pleroma.Workers.RemoteFetcherWorker do
   @impl Oban.Worker
   def perform(%Job{args: %{"op" => "fetch_remote", "id" => id} = args}) do
     {:ok, _object} = Fetcher.fetch_object_from_id(id, depth: args["depth"])
+
+    case Fetcher.fetch_object_from_id(id, depth: args["depth"]) do
+      {:ok, _object} ->
+        :ok
+
+      {:error, reason = "Object fetch has been denied"} ->
+        {:cancel, reason}
+
+      _ ->
+        :error
+    end
   end
 
   @impl Oban.Worker
diff --git a/test/pleroma/object/fetcher_test.exs b/test/pleroma/object/fetcher_test.exs
@@ -25,6 +25,9 @@ defmodule Pleroma.Object.FetcherTest do
       %{method: :get, url: "https://mastodon.example.org/users/userisgone404"} ->
         %Tesla.Env{status: 404}
 
+      %{method: :get, url: "https://octodon.social/users/cwebber/statuses/111647596861000656"} ->
+        %Tesla.Env{status: 403}
+
       %{
         method: :get,
         url:
@@ -233,6 +236,18 @@ defmodule Pleroma.Object.FetcherTest do
                )
     end
 
+    test "handle HTTP 403 response" do
+      object_id = "https://octodon.social/users/cwebber/statuses/111647596861000656"
+      Instances.set_reachable(object_id)
+
+      assert Instances.reachable?(object_id)
+
+      assert {:error, "Object fetch has been denied"} ==
+               Fetcher.fetch_object_from_id(object_id)
+
+      refute Instances.reachable?(object_id)
+    end
+
     test "it can fetch pleroma polls with attachments" do
       {:ok, object} =
         Fetcher.fetch_object_from_id("https://patch.cx/objects/tesla_mock/poll_attachment")

M	lib/pleroma/object/fetcher.ex	9	+++++++++
M	lib/pleroma/workers/remote_fetcher_worker.ex	11	+++++++++++
M	test/pleroma/object/fetcher_test.exs	15	+++++++++++++++