2016-11-16 02:56:29 +11:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2018-01-23 00:25:09 +11:00
|
|
|
class ResolveAccountService < BaseService
|
2019-07-09 11:27:35 +10:00
|
|
|
include DomainControlHelper
|
2020-05-10 19:41:43 +10:00
|
|
|
include WebfingerHelper
|
2022-04-29 01:47:34 +10:00
|
|
|
include Redisable
|
2022-05-13 08:02:35 +10:00
|
|
|
include Lockable
|
2019-07-09 11:27:35 +10:00
|
|
|
|
|
|
|
# Find or create an account record for a remote user. When creating,
|
|
|
|
# look up the user's webfinger and fetch ActivityPub data
|
|
|
|
# @param [String, Account] uri URI in the username@domain format or account record
|
2018-11-09 07:05:42 +11:00
|
|
|
# @param [Hash] options
|
2019-07-09 11:27:35 +10:00
|
|
|
# @option options [Boolean] :redirected Do not follow further Webfinger redirects
|
2021-02-24 16:32:13 +11:00
|
|
|
# @option options [Boolean] :skip_webfinger Do not attempt any webfinger query or refreshing account data
|
2022-09-21 07:30:26 +10:00
|
|
|
# @option options [Boolean] :suppress_errors When failing, return nil instead of raising an error
|
2016-02-24 22:57:29 +11:00
|
|
|
# @return [Account]
|
2018-11-09 07:05:42 +11:00
|
|
|
def call(uri, options = {})
|
2019-07-09 11:27:35 +10:00
|
|
|
return if uri.blank?
|
|
|
|
|
|
|
|
process_options!(uri, options)
|
|
|
|
|
|
|
|
# First of all we want to check if we've got the account
|
|
|
|
# record with the URI already, and if so, we can exit early
|
|
|
|
|
|
|
|
return if domain_not_allowed?(@domain)
|
|
|
|
|
|
|
|
@account ||= Account.find_remote(@username, @domain)
|
|
|
|
|
2020-10-08 09:34:57 +11:00
|
|
|
return @account if @account&.local? || @domain.nil? || !webfinger_update_due?
|
2019-07-09 11:27:35 +10:00
|
|
|
|
|
|
|
# At this point we are in need of a Webfinger query, which may
|
|
|
|
# yield us a different username/domain through a redirect
|
2019-07-11 01:10:12 +10:00
|
|
|
process_webfinger!(@uri)
|
2020-11-20 05:52:06 +11:00
|
|
|
@domain = nil if TagManager.instance.local_domain?(@domain)
|
2019-07-09 11:27:35 +10:00
|
|
|
|
|
|
|
# Because the username/domain pair may be different than what
|
|
|
|
# we already checked, we need to check if we've already got
|
|
|
|
# the record with that URI, again
|
|
|
|
|
|
|
|
return if domain_not_allowed?(@domain)
|
|
|
|
|
|
|
|
@account ||= Account.find_remote(@username, @domain)
|
|
|
|
|
2020-11-08 10:28:39 +11:00
|
|
|
if gone_from_origin? && not_yet_deleted?
|
|
|
|
queue_deletion!
|
|
|
|
return
|
|
|
|
end
|
|
|
|
|
|
|
|
return @account if @account&.local? || gone_from_origin? || !webfinger_update_due?
|
2019-07-09 11:27:35 +10:00
|
|
|
|
|
|
|
# Now it is certain, it is definitely a remote account, and it
|
|
|
|
# either needs to be created, or updated from fresh data
|
|
|
|
|
2020-12-19 09:26:26 +11:00
|
|
|
fetch_account!
|
2022-09-21 07:30:26 +10:00
|
|
|
rescue Webfinger::Error => e
|
2019-07-09 11:27:35 +10:00
|
|
|
Rails.logger.debug "Webfinger query for #{@uri} failed: #{e}"
|
2022-09-21 07:30:26 +10:00
|
|
|
raise unless @options[:suppress_errors]
|
2019-07-09 11:27:35 +10:00
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def process_options!(uri, options)
|
2022-09-21 07:30:26 +10:00
|
|
|
@options = { suppress_errors: true }.merge(options)
|
2016-03-22 04:26:47 +11:00
|
|
|
|
2018-11-09 07:05:42 +11:00
|
|
|
if uri.is_a?(Account)
|
|
|
|
@account = uri
|
|
|
|
@username = @account.username
|
|
|
|
@domain = @account.domain
|
|
|
|
else
|
2022-05-02 09:00:08 +10:00
|
|
|
@username, @domain = uri.strip.gsub(/\A@/, '').split('@')
|
2018-11-09 07:05:42 +11:00
|
|
|
end
|
2016-09-20 08:39:03 +10:00
|
|
|
|
2019-08-08 05:14:08 +10:00
|
|
|
@domain = begin
|
|
|
|
if TagManager.instance.local_domain?(@domain)
|
|
|
|
nil
|
|
|
|
else
|
|
|
|
TagManager.instance.normalize_domain(@domain)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
@uri = [@username, @domain].compact.join('@')
|
2019-07-09 11:27:35 +10:00
|
|
|
end
|
2016-02-21 08:53:20 +11:00
|
|
|
|
2020-11-20 05:52:06 +11:00
|
|
|
def process_webfinger!(uri)
|
2020-05-10 19:41:43 +10:00
|
|
|
@webfinger = webfinger!("acct:#{uri}")
|
2020-11-20 05:52:06 +11:00
|
|
|
confirmed_username, confirmed_domain = split_acct(@webfinger.subject)
|
2016-11-04 02:57:44 +11:00
|
|
|
|
2017-07-19 22:44:04 +10:00
|
|
|
if confirmed_username.casecmp(@username).zero? && confirmed_domain.casecmp(@domain).zero?
|
|
|
|
@username = confirmed_username
|
|
|
|
@domain = confirmed_domain
|
2020-11-20 05:52:06 +11:00
|
|
|
return
|
2017-04-20 01:28:35 +10:00
|
|
|
end
|
|
|
|
|
2020-11-20 05:52:06 +11:00
|
|
|
# Account doesn't match, so it may have been redirected
|
|
|
|
@webfinger = webfinger!("acct:#{confirmed_username}@#{confirmed_domain}")
|
|
|
|
@username, @domain = split_acct(@webfinger.subject)
|
|
|
|
|
|
|
|
unless confirmed_username.casecmp(@username).zero? && confirmed_domain.casecmp(@domain).zero?
|
2022-09-21 07:30:26 +10:00
|
|
|
raise Webfinger::RedirectError, "Too many webfinger redirects for URI #{uri} (stopped at #{@username}@#{@domain})"
|
2020-11-20 05:52:06 +11:00
|
|
|
end
|
2020-11-08 10:28:39 +11:00
|
|
|
rescue Webfinger::GoneError
|
|
|
|
@gone = true
|
2019-07-09 11:27:35 +10:00
|
|
|
end
|
|
|
|
|
2020-11-20 05:52:06 +11:00
|
|
|
def split_acct(acct)
|
|
|
|
acct.gsub(/\Aacct:/, '').split('@')
|
|
|
|
end
|
|
|
|
|
2020-12-19 09:26:26 +11:00
|
|
|
def fetch_account!
|
2019-07-07 07:26:16 +10:00
|
|
|
return unless activitypub_ready?
|
2016-11-04 02:57:44 +11:00
|
|
|
|
2022-05-13 08:02:35 +10:00
|
|
|
with_lock("resolve:#{@username}@#{@domain}") do
|
2022-09-21 07:30:26 +10:00
|
|
|
@account = ActivityPub::FetchRemoteAccountService.new.call(actor_url, suppress_errors: @options[:suppress_errors])
|
2017-04-15 11:16:05 +10:00
|
|
|
end
|
2016-11-04 02:57:44 +11:00
|
|
|
|
2017-07-19 22:44:04 +10:00
|
|
|
@account
|
|
|
|
end
|
2017-01-24 03:38:38 +11:00
|
|
|
|
2017-07-19 22:44:04 +10:00
|
|
|
def webfinger_update_due?
|
2020-06-09 18:26:58 +10:00
|
|
|
return false if @options[:check_delivery_availability] && !DeliveryFailureTracker.available?(@domain)
|
2021-02-24 16:32:13 +11:00
|
|
|
return false if @options[:skip_webfinger]
|
2020-06-09 18:26:58 +10:00
|
|
|
|
2021-05-09 00:22:18 +10:00
|
|
|
@account.nil? || @account.possibly_stale?
|
2017-07-19 22:44:04 +10:00
|
|
|
end
|
2016-02-23 04:10:30 +11:00
|
|
|
|
2017-08-09 05:52:15 +10:00
|
|
|
def activitypub_ready?
|
2020-10-08 09:34:57 +11:00
|
|
|
['application/activity+json', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'].include?(@webfinger.link('self', 'type'))
|
2017-08-09 05:52:15 +10:00
|
|
|
end
|
|
|
|
|
|
|
|
def actor_url
|
2020-10-08 09:34:57 +11:00
|
|
|
@actor_url ||= @webfinger.link('self', 'href')
|
2017-08-09 05:52:15 +10:00
|
|
|
end
|
|
|
|
|
2020-11-08 10:28:39 +11:00
|
|
|
def gone_from_origin?
|
|
|
|
@gone
|
|
|
|
end
|
|
|
|
|
|
|
|
def not_yet_deleted?
|
|
|
|
@account.present? && !@account.local?
|
|
|
|
end
|
|
|
|
|
|
|
|
def queue_deletion!
|
2021-08-20 16:40:33 +10:00
|
|
|
@account.suspend!(origin: :remote)
|
2022-01-28 10:43:56 +11:00
|
|
|
AccountDeletionWorker.perform_async(@account.id, { 'reserve_username' => false, 'skip_activitypub' => true })
|
2020-11-08 10:28:39 +11:00
|
|
|
end
|
2016-02-21 08:53:20 +11:00
|
|
|
end
|