logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://anongit.hacktivis.me/git/pleroma.git/

fetcher.ex (7941B)

    

  1. # Pleroma: A lightweight social networking server
  2. # Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
  3. # SPDX-License-Identifier: AGPL-3.0-only
  5. defmodule Pleroma.Object.Fetcher do
  6.   alias Pleroma.HTTP
  7.   alias Pleroma.Instances
  8.   alias Pleroma.Maps
  9.   alias Pleroma.Object
  10.   alias Pleroma.Object.Containment
  11.   alias Pleroma.Signature
  12.   alias Pleroma.Web.ActivityPub.InternalFetchActor
  13.   alias Pleroma.Web.ActivityPub.MRF
  14.   alias Pleroma.Web.ActivityPub.ObjectValidator
  15.   alias Pleroma.Web.ActivityPub.Pipeline
  16.   alias Pleroma.Web.ActivityPub.Transmogrifier
  17.   alias Pleroma.Web.Federator
  19.   require Logger
  20.   require Pleroma.Constants
  22.   @mix_env Mix.env()
  24.   @spec reinject_object(struct(), map()) :: {:ok, Object.t()} | {:error, any()}
  25.   defp reinject_object(%Object{data: %{}} = object, new_data) do
  26.     Logger.debug("Reinjecting object #{new_data["id"]}")
  28.     with {:ok, new_data, _} <- ObjectValidator.validate(new_data, %{}),
  29.          {:ok, new_data} <- MRF.filter(new_data),
  30.          {:ok, new_object, _} <-
  31.            Object.Updater.do_update_and_invalidate_cache(
  32.              object,
  33.              new_data,
  34.              _touch_changeset? = true
  35.            ) do
  36.       {:ok, new_object}
  37.     else
  38.       e ->
  39.         Logger.error("Error while processing object: #{inspect(e)}")
  40.         {:error, e}
  41.     end
  42.   end
  44.   defp reinject_object(_, new_data) do
  45.     with {:ok, object, _} <- Pipeline.common_pipeline(new_data, local: false) do
  46.       {:ok, object}
  47.     else
  48.       e -> e
  49.     end
  50.   end
  52.   def refetch_object(%Object{data: %{"id" => id}} = object) do
  53.     with {:local, false} <- {:local, Object.local?(object)},
  54.          {:ok, new_data} <- fetch_and_contain_remote_object_from_id(id),
  55.          {:ok, object} <- reinject_object(object, new_data) do
  56.       {:ok, object}
  57.     else
  58.       {:local, true} -> {:ok, object}
  59.       e -> {:error, e}
  60.     end
  61.   end
  63.   @typep fetcher_errors ::
  64.            :error | :reject | :allowed_depth | :fetch | :containment | :transmogrifier
  66.   # Note: will create a Create activity, which we need internally at the moment.
  67.   @spec fetch_object_from_id(String.t(), list()) ::
  68.           {:ok, Object.t()} | {fetcher_errors(), any()} | Pipeline.errors()
  69.   def fetch_object_from_id(id, options \\ []) do
  70.     with {_, nil} <- {:fetch_object, Object.get_cached_by_ap_id(id)},
  71.          {_, true} <- {:allowed_depth, Federator.allowed_thread_distance?(options[:depth])},
  72.          {_, {:ok, data}} <- {:fetch, fetch_and_contain_remote_object_from_id(id)},
  73.          {_, nil} <- {:normalize, Object.normalize(data, fetch: false)},
  74.          params <- prepare_activity_params(data),
  75.          {_, :ok} <- {:containment, Containment.contain_origin(id, params)},
  76.          {_, {:ok, activity}} <-
  77.            {:transmogrifier, Transmogrifier.handle_incoming(params, options)},
  78.          {_, _data, %Object{} = object} <-
  79.            {:object, data, Object.normalize(activity, fetch: false)} do
  80.       {:ok, object}
  81.     else
  82.       {:normalize, object = %Object{}} ->
  83.         {:ok, object}
  85.       {:fetch_object, %Object{} = object} ->
  86.         {:ok, object}
  88.       {:object, data, nil} ->
  89.         reinject_object(%Object{}, data)
  91.       e ->
  92.         Logger.metadata(object: id)
  93.         Logger.error("Object rejected while fetching #{id} #{inspect(e)}")
  94.         e
  95.     end
  96.   end
  98.   defp prepare_activity_params(data) do
  99.     %{
  100.       "type" => "Create",
  101.       # Should we seriously keep this attributedTo thing?
  102.       "actor" => data["actor"] || data["attributedTo"],
  103.       "object" => data
  104.     }
  105.     |> Maps.put_if_present("to", data["to"])
  106.     |> Maps.put_if_present("cc", data["cc"])
  107.     |> Maps.put_if_present("bto", data["bto"])
  108.     |> Maps.put_if_present("bcc", data["bcc"])
  109.   end
  111.   defp make_signature(id, date) do
  112.     uri = URI.parse(id)
  114.     signature =
  115.       InternalFetchActor.get_actor()
  116.       |> Signature.sign(%{
  117.         "(request-target)": "get #{uri.path}",
  118.         host: uri.host,
  119.         date: date
  120.       })
  122.     {"signature", signature}
  123.   end
  125.   defp sign_fetch(headers, id, date) do
  126.     if Pleroma.Config.get([:activitypub, :sign_object_fetches]) do
  127.       [make_signature(id, date) | headers]
  128.     else
  129.       headers
  130.     end
  131.   end
  133.   defp maybe_date_fetch(headers, date) do
  134.     if Pleroma.Config.get([:activitypub, :sign_object_fetches]) do
  135.       [{"date", date} | headers]
  136.     else
  137.       headers
  138.     end
  139.   end
  141.   def fetch_and_contain_remote_object_from_id(id)
  143.   def fetch_and_contain_remote_object_from_id(%{"id" => id}),
  144.     do: fetch_and_contain_remote_object_from_id(id)
  146.   def fetch_and_contain_remote_object_from_id(id) when is_binary(id) do
  147.     Logger.debug("Fetching object #{id} via AP")
  149.     with {:scheme, true} <- {:scheme, String.starts_with?(id, "http")},
  150.          {_, true} <- {:mrf, MRF.id_filter(id)},
  151.          {_, :ok} <- {:local_fetch, Containment.contain_local_fetch(id)},
  152.          {:ok, body} <- get_object(id),
  153.          {:ok, data} <- safe_json_decode(body),
  154.          :ok <- Containment.contain_origin_from_id(id, data) do
  155.       if not Instances.reachable?(id) do
  156.         Instances.set_reachable(id)
  157.       end
  159.       {:ok, data}
  160.     else
  161.       {:scheme, _} ->
  162.         {:error, "Unsupported URI scheme"}
  164.       {:local_fetch, _} ->
  165.         {:error, "Trying to fetch local resource"}
  167.       {:error, e} ->
  168.         {:error, e}
  170.       {:mrf, false} ->
  171.         {:error, {:reject, "Filtered by id"}}
  173.       e ->
  174.         {:error, e}
  175.     end
  176.   end
  178.   def fetch_and_contain_remote_object_from_id(_id),
  179.     do: {:error, "id must be a string"}
  181.   defp check_crossdomain_redirect(final_host, original_url)
  183.   # Handle the common case in tests where responses don't include URLs
  184.   if @mix_env == :test do
  185.     defp check_crossdomain_redirect(nil, _) do
  186.       {:cross_domain_redirect, false}
  187.     end
  188.   end
  190.   defp check_crossdomain_redirect(final_host, original_url) do
  191.     {:cross_domain_redirect, final_host != URI.parse(original_url).host}
  192.   end
  194.   defp get_object(id) do
  195.     date = Pleroma.Signature.signed_date()
  197.     headers =
  198.       [{"accept", "application/activity+json"}]
  199.       |> maybe_date_fetch(date)
  200.       |> sign_fetch(id, date)
  202.     case HTTP.get(id, headers) do
  203.       {:ok, %{body: body, status: code, headers: headers, url: final_url}}
  204.       when code in 200..299 ->
  205.         remote_host = if final_url, do: URI.parse(final_url).host, else: nil
  207.         with {:cross_domain_redirect, false} <- check_crossdomain_redirect(remote_host, id),
  208.              {_, content_type} <- List.keyfind(headers, "content-type", 0),
  209.              {:ok, _media_type} <- verify_content_type(content_type) do
  210.           {:ok, body}
  211.         else
  212.           {:cross_domain_redirect, true} ->
  213.             {:error, {:cross_domain_redirect, true}}
  215.           error ->
  216.             error
  217.         end
  219.       # Handle the case where URL is not in the response (older HTTP library versions)
  220.       {:ok, %{body: body, status: code, headers: headers}} when code in 200..299 ->
  221.         case List.keyfind(headers, "content-type", 0) do
  222.           {_, content_type} ->
  223.             case verify_content_type(content_type) do
  224.               {:ok, _} -> {:ok, body}
  225.               error -> error
  226.             end
  228.           _ ->
  229.             {:error, {:content_type, nil}}
  230.         end
  232.       {:ok, %{status: code}} when code in [401, 403] ->
  233.         {:error, :forbidden}
  235.       {:ok, %{status: code}} when code in [404, 410] ->
  236.         {:error, :not_found}
  238.       {:error, e} ->
  239.         {:error, e}
  241.       e ->
  242.         {:error, e}
  243.     end
  244.   end
  246.   defp safe_json_decode(nil), do: {:ok, nil}
  247.   defp safe_json_decode(json), do: Jason.decode(json)
  249.   defp verify_content_type(content_type) do
  250.     case Plug.Conn.Utils.media_type(content_type) do
  251.       {:ok, "application", "activity+json", _} ->
  252.         {:ok, :activity_json}
  254.       {:ok, "application", "ld+json", %{"profile" => "https://www.w3.org/ns/activitystreams"}} ->
  255.         {:ok, :ld_json}
  257.       _ ->
  258.         {:error, {:content_type, content_type}}
  259.     end
  260.   end
  261. end