From 41b8a76e969e97aef68e7be1f1cdadcb31ea9b1d Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Thu, 9 Nov 2017 08:32:54 +0100 Subject: [PATCH] Re-fetch user data on salmon decode error. --- lib/pleroma/web/ostatus/ostatus.ex | 5 ++- lib/pleroma/web/ostatus/ostatus_controller.ex | 21 +++++++++- test/web/ostatus/ostatus_controller_test.exs | 41 ++++++++++++++++++- 3 files changed, 62 insertions(+), 5 deletions(-) diff --git a/lib/pleroma/web/ostatus/ostatus.ex b/lib/pleroma/web/ostatus/ostatus.ex index 308e206c58..b0d2dda5d2 100644 --- a/lib/pleroma/web/ostatus/ostatus.ex +++ b/lib/pleroma/web/ostatus/ostatus.ex @@ -221,7 +221,7 @@ def insert_or_update_user(data) do Repo.insert(cs, on_conflict: :replace_all, conflict_target: :nickname) end - def make_user(uri) do + def make_user(uri, update \\ false) do with {:ok, info} <- gather_user_info(uri) do data = %{ name: info["name"], @@ -231,7 +231,8 @@ def make_user(uri) do avatar: info["avatar"], bio: info["bio"] } - with %User{} = user <- User.get_by_ap_id(data.ap_id) do + with false <- update, + %User{} = user <- User.get_by_ap_id(data.ap_id) do {:ok, user} else _e -> insert_or_update_user(data) end diff --git a/lib/pleroma/web/ostatus/ostatus_controller.ex b/lib/pleroma/web/ostatus/ostatus_controller.ex index 4e3fbb4f69..67688ace4b 100644 --- a/lib/pleroma/web/ostatus/ostatus_controller.ex +++ b/lib/pleroma/web/ostatus/ostatus_controller.ex @@ -5,6 +5,7 @@ defmodule Pleroma.Web.OStatus.OStatusController do alias Pleroma.Web.OStatus.{FeedRepresenter, ActivityRepresenter} alias Pleroma.Repo alias Pleroma.Web.{OStatus, Federator} + alias Pleroma.Web.XML import Ecto.Query def feed_redirect(conn, %{"nickname" => nickname}) do @@ -36,10 +37,26 @@ def feed(conn, %{"nickname" => nickname}) do |> send_resp(200, response) end + defp decode_or_retry(body) do + with {:ok, magic_key} <- Pleroma.Web.Salmon.fetch_magic_key(body), + {:ok, doc} <- Pleroma.Web.Salmon.decode_and_validate(magic_key, body) do + {:ok, doc} + else + _e -> + with [decoded | _] <- Pleroma.Web.Salmon.decode(body), + doc <- XML.parse_document(decoded), + uri when not is_nil(uri) <- XML.string_from_xpath("/entry/author[1]/uri", doc), + {:ok, user} <- Pleroma.Web.OStatus.make_user(uri, true), + {:ok, magic_key} <- Pleroma.Web.Salmon.fetch_magic_key(body), + {:ok, doc} <- Pleroma.Web.Salmon.decode_and_validate(magic_key, body) do + {:ok, doc} + end + end + end + def salmon_incoming(conn, params) do {:ok, body, _conn} = read_body(conn) - {:ok, magic_key} = Pleroma.Web.Salmon.fetch_magic_key(body) - {:ok, doc} = Pleroma.Web.Salmon.decode_and_validate(magic_key, body) + {:ok, doc} = decode_or_retry(body) Federator.enqueue(:incoming_doc, doc) diff --git a/test/web/ostatus/ostatus_controller_test.exs b/test/web/ostatus/ostatus_controller_test.exs index 77bc202fef..20d17d41f1 100644 --- a/test/web/ostatus/ostatus_controller_test.exs +++ b/test/web/ostatus/ostatus_controller_test.exs @@ -1,9 +1,41 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do use Pleroma.Web.ConnCase import Pleroma.Factory - alias Pleroma.User + alias Pleroma.{User, Repo} alias Pleroma.Web.OStatus.ActivityRepresenter + test "decodes a salmon", %{conn: conn} do + user = insert(:user) + salmon = File.read!("test/fixtures/salmon.xml") + conn = conn + |> put_req_header("content-type", "application/atom+xml") + |> post("/users/#{user.nickname}/salmon", salmon) + + assert response(conn, 200) + end + + test "decodes a salmon with a changed magic key", %{conn: conn} do + user = insert(:user) + salmon = File.read!("test/fixtures/salmon.xml") + conn = conn + |> put_req_header("content-type", "application/atom+xml") + |> post("/users/#{user.nickname}/salmon", salmon) + + assert response(conn, 200) + + # Set a wrong magic-key for a user so it has to refetch + salmon_user = User.get_by_ap_id("http://gs.example.org:4040/index.php/user/1") + info = salmon_user.info + |> Map.put("magic_key", "RSA.pu0s-halox4tu7wmES1FVSx6u-4wc0YrUFXcqWXZG4-27UmbCOpMQftRCldNRfyA-qLbz-eqiwrong1EwUvjsD4cYbAHNGHwTvDOyx5AKthQUP44ykPv7kjKGh3DWKySJvcs9tlUG87hlo7AvnMo9pwRS_Zz2CacQ-MKaXyDepk=.AQAB") # Wrong key + Repo.update(User.info_changeset(salmon_user, %{info: info})) + + conn = build_conn() + |> put_req_header("content-type", "application/atom+xml") + |> post("/users/#{user.nickname}/salmon", salmon) + + assert response(conn, 200) + end + test "gets a feed", %{conn: conn} do note_activity = insert(:note_activity) user = User.get_cached_by_ap_id(note_activity.data["actor"]) @@ -42,3 +74,10 @@ test "gets an activity", %{conn: conn} do assert response(conn, 200) end end + +defmodule Pleroma.Web.OStatusMock do + import Pleroma.Factory + def handle_incoming(_doc) do + insert(:note_activity) + end +end