logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://hacktivis.me/git/pleroma.git

fetcher.ex (6999B)

    

  1. # Pleroma: A lightweight social networking server
  2. # Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
  3. # SPDX-License-Identifier: AGPL-3.0-only
  5. defmodule Pleroma.Object.Fetcher do
  6.   alias Pleroma.HTTP
  7.   alias Pleroma.Instances
  8.   alias Pleroma.Maps
  9.   alias Pleroma.Object
  10.   alias Pleroma.Object.Containment
  11.   alias Pleroma.Signature
  12.   alias Pleroma.Web.ActivityPub.InternalFetchActor
  13.   alias Pleroma.Web.ActivityPub.MRF
  14.   alias Pleroma.Web.ActivityPub.ObjectValidator
  15.   alias Pleroma.Web.ActivityPub.Pipeline
  16.   alias Pleroma.Web.ActivityPub.Transmogrifier
  17.   alias Pleroma.Web.Federator
  19.   require Logger
  20.   require Pleroma.Constants
  22.   @spec reinject_object(struct(), map()) :: {:ok, Object.t()} | {:error, any()}
  23.   defp reinject_object(%Object{data: %{}} = object, new_data) do
  24.     Logger.debug("Reinjecting object #{new_data["id"]}")
  26.     with {:ok, new_data, _} <- ObjectValidator.validate(new_data, %{}),
  27.          {:ok, new_data} <- MRF.filter(new_data),
  28.          {:ok, new_object, _} <-
  29.            Object.Updater.do_update_and_invalidate_cache(
  30.              object,
  31.              new_data,
  32.              _touch_changeset? = true
  33.            ) do
  34.       {:ok, new_object}
  35.     else
  36.       e ->
  37.         Logger.error("Error while processing object: #{inspect(e)}")
  38.         {:error, e}
  39.     end
  40.   end
  42.   defp reinject_object(_, new_data) do
  43.     with {:ok, object, _} <- Pipeline.common_pipeline(new_data, local: false) do
  44.       {:ok, object}
  45.     else
  46.       e -> e
  47.     end
  48.   end
  50.   def refetch_object(%Object{data: %{"id" => id}} = object) do
  51.     with {:local, false} <- {:local, Object.local?(object)},
  52.          {:ok, new_data} <- fetch_and_contain_remote_object_from_id(id),
  53.          {:ok, object} <- reinject_object(object, new_data) do
  54.       {:ok, object}
  55.     else
  56.       {:local, true} -> {:ok, object}
  57.       e -> {:error, e}
  58.     end
  59.   end
  61.   # Note: will create a Create activity, which we need internally at the moment.
  62.   def fetch_object_from_id(id, options \\ []) do
  63.     with {_, nil} <- {:fetch_object, Object.get_cached_by_ap_id(id)},
  64.          {_, true} <- {:allowed_depth, Federator.allowed_thread_distance?(options[:depth])},
  65.          {_, {:ok, data}} <- {:fetch, fetch_and_contain_remote_object_from_id(id)},
  66.          {_, nil} <- {:normalize, Object.normalize(data, fetch: false)},
  67.          params <- prepare_activity_params(data),
  68.          {_, :ok} <- {:containment, Containment.contain_origin(id, params)},
  69.          {_, {:ok, activity}} <-
  70.            {:transmogrifier, Transmogrifier.handle_incoming(params, options)},
  71.          {_, _data, %Object{} = object} <-
  72.            {:object, data, Object.normalize(activity, fetch: false)} do
  73.       {:ok, object}
  74.     else
  75.       {:allowed_depth, false} = e ->
  76.         log_fetch_error(id, e)
  77.         {:error, :allowed_depth}
  79.       {:containment, reason} = e ->
  80.         log_fetch_error(id, e)
  81.         {:error, reason}
  83.       {:transmogrifier, {:error, {:reject, reason}}} = e ->
  84.         log_fetch_error(id, e)
  85.         {:reject, reason}
  87.       {:transmogrifier, {:reject, reason}} = e ->
  88.         log_fetch_error(id, e)
  89.         {:reject, reason}
  91.       {:transmogrifier, reason} = e ->
  92.         log_fetch_error(id, e)
  93.         {:error, reason}
  95.       {:object, data, nil} ->
  96.         reinject_object(%Object{}, data)
  98.       {:normalize, object = %Object{}} ->
  99.         {:ok, object}
  101.       {:fetch_object, %Object{} = object} ->
  102.         {:ok, object}
  104.       {:fetch, {:error, reason}} = e ->
  105.         log_fetch_error(id, e)
  106.         {:error, reason}
  108.       e ->
  109.         log_fetch_error(id, e)
  110.         {:error, e}
  111.     end
  112.   end
  114.   defp log_fetch_error(id, error) do
  115.     Logger.metadata(object: id)
  116.     Logger.error("Object rejected while fetching #{id} #{inspect(error)}")
  117.   end
  119.   defp prepare_activity_params(data) do
  120.     %{
  121.       "type" => "Create",
  122.       # Should we seriously keep this attributedTo thing?
  123.       "actor" => data["actor"] || data["attributedTo"],
  124.       "object" => data
  125.     }
  126.     |> Maps.put_if_present("to", data["to"])
  127.     |> Maps.put_if_present("cc", data["cc"])
  128.     |> Maps.put_if_present("bto", data["bto"])
  129.     |> Maps.put_if_present("bcc", data["bcc"])
  130.   end
  132.   defp make_signature(id, date) do
  133.     uri = URI.parse(id)
  135.     signature =
  136.       InternalFetchActor.get_actor()
  137.       |> Signature.sign(%{
  138.         "(request-target)": "get #{uri.path}",
  139.         host: uri.host,
  140.         date: date
  141.       })
  143.     {"signature", signature}
  144.   end
  146.   defp sign_fetch(headers, id, date) do
  147.     if Pleroma.Config.get([:activitypub, :sign_object_fetches]) do
  148.       [make_signature(id, date) | headers]
  149.     else
  150.       headers
  151.     end
  152.   end
  154.   defp maybe_date_fetch(headers, date) do
  155.     if Pleroma.Config.get([:activitypub, :sign_object_fetches]) do
  156.       [{"date", date} | headers]
  157.     else
  158.       headers
  159.     end
  160.   end
  162.   def fetch_and_contain_remote_object_from_id(id)
  164.   def fetch_and_contain_remote_object_from_id(%{"id" => id}),
  165.     do: fetch_and_contain_remote_object_from_id(id)
  167.   def fetch_and_contain_remote_object_from_id(id) when is_binary(id) do
  168.     Logger.debug("Fetching object #{id} via AP")
  170.     with {:scheme, true} <- {:scheme, String.starts_with?(id, "http")},
  171.          {_, true} <- {:mrf, MRF.id_filter(id)},
  172.          {:ok, body} <- get_object(id),
  173.          {:ok, data} <- safe_json_decode(body),
  174.          :ok <- Containment.contain_origin_from_id(id, data) do
  175.       if not Instances.reachable?(id) do
  176.         Instances.set_reachable(id)
  177.       end
  179.       {:ok, data}
  180.     else
  181.       {:scheme, _} ->
  182.         {:error, "Unsupported URI scheme"}
  184.       {:error, e} ->
  185.         {:error, e}
  187.       {:mrf, false} ->
  188.         {:error, {:reject, "Filtered by id"}}
  190.       e ->
  191.         {:error, e}
  192.     end
  193.   end
  195.   def fetch_and_contain_remote_object_from_id(_id),
  196.     do: {:error, "id must be a string"}
  198.   defp get_object(id) do
  199.     date = Pleroma.Signature.signed_date()
  201.     headers =
  202.       [{"accept", "application/activity+json"}]
  203.       |> maybe_date_fetch(date)
  204.       |> sign_fetch(id, date)
  206.     case HTTP.get(id, headers) do
  207.       {:ok, %{body: body, status: code, headers: headers}} when code in 200..299 ->
  208.         case List.keyfind(headers, "content-type", 0) do
  209.           {_, content_type} ->
  210.             case Plug.Conn.Utils.media_type(content_type) do
  211.               {:ok, "application", "activity+json", _} ->
  212.                 {:ok, body}
  214.               {:ok, "application", "ld+json",
  215.                %{"profile" => "https://www.w3.org/ns/activitystreams"}} ->
  216.                 {:ok, body}
  218.               _ ->
  219.                 {:error, {:content_type, content_type}}
  220.             end
  222.           _ ->
  223.             {:error, {:content_type, nil}}
  224.         end
  226.       {:ok, %{status: code}} when code in [401, 403] ->
  227.         {:error, :forbidden}
  229.       {:ok, %{status: code}} when code in [404, 410] ->
  230.         {:error, :not_found}
  232.       {:error, e} ->
  233.         {:error, e}
  235.       e ->
  236.         {:error, e}
  237.     end
  238.   end
  240.   defp safe_json_decode(nil), do: {:ok, nil}
  241.   defp safe_json_decode(json), do: Jason.decode(json)
  242. end