pitchum/debianize-mobilizon
pitchum/debianize-mobilizon
1
0
Fork 0
Code Issues Pull Requests Projects Releases 2 Wiki Activity

Fix webfinger not following redirections by using a custom dedicated Tesla client

Browse Source 
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2020-10-21 10:42:04 +02:00
parent e803cb0c1d
commit 85aa9df4f8
No known key found for this signature in database
GPG Key ID: A061B9DDE0CA0773
4 changed files with 78 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
lib/federation/web_finger/web_finger.ex
View File

@ -12,18 +12,12 @@ defmodule Mobilizon.Federation.WebFinger do
alias Mobilizon.Actors.Actor alias Mobilizon.Actors.Actor
alias Mobilizon.Federation.ActivityPub alias Mobilizon.Federation.ActivityPub
alias Mobilizon.Federation.WebFinger.XmlBuilder alias Mobilizon.Federation.WebFinger.XmlBuilder
alias Mobilizon.Service.HTTP.WebfingerClient
alias Mobilizon.Web.Endpoint alias Mobilizon.Web.Endpoint
alias Mobilizon.Web.Router.Helpers, as: Routes alias Mobilizon.Web.Router.Helpers, as: Routes
require Jason require Jason
require Logger require Logger
@http_options [
adapter: [
follow_redirect: true,
ssl: [{:versions, [:"tlsv1.2"]}]
]
]
def host_meta do def host_meta do
base_url = Endpoint.url() base_url = Endpoint.url()
@ -120,17 +114,9 @@ defmodule Mobilizon.Federation.WebFinger do
Logger.debug(inspect(address)) Logger.debug(inspect(address))
with false <- is_nil(domain), with false <- is_nil(domain),
{:ok, %{} = response} <- {:ok, %{body: body, status: code}} when code in 200..299 <-
Tesla.get( WebfingerClient.get(address) do
address, webfinger_from_json(body)
headers: [
{"accept", "application/json, application/activity+json, application/jrd+json"}
],
opts: @http_options
),
%{status: status, body: body} when status in 200..299 <- response,
{:ok, doc} <- Jason.decode(body) do
webfinger_from_json(doc)
else else
e -> e ->
Logger.debug(fn -> "Couldn't finger #{actor}" end) Logger.debug(fn -> "Couldn't finger #{actor}" end)

3
lib/service/http/rich_media_preview_client.ex
View File

@ -1,7 +1,6 @@
defmodule Mobilizon.Service.HTTP.RichMediaPreviewClient do defmodule Mobilizon.Service.HTTP.RichMediaPreviewClient do
@moduledoc """ @moduledoc """
Tesla HTTP Basic Client Tesla HTTP Basic Client that fetches HTML to extract metadata preview
with JSON middleware
""" """
use Tesla use Tesla

34
lib/service/http/webfinger_client.ex Normal file
View File

@ -0,0 +1,34 @@
defmodule Mobilizon.Service.HTTP.WebfingerClient do
@moduledoc """
Tesla HTTP Basic Client
with JSON middleware
"""
use Tesla
alias Mobilizon.Config
@default_opts [
recv_timeout: 20_000
]
adapter(Tesla.Adapter.Hackney, @default_opts)
@user_agent Config.instance_user_agent()
plug(Tesla.Middleware.FollowRedirects)
plug(Tesla.Middleware.Timeout, timeout: 10_000)
plug(Tesla.Middleware.Headers, [
{"User-Agent", @user_agent},
{"Accept", "application/json, application/activity+json, application/jrd+json"}
])
plug(Tesla.Middleware.JSON,
decode_content_types: [
"application/jrd+json",
"application/json",
"application/activity+json"
]
)
end

45
test/fixtures/vcr_cassettes/webfinger/mastodon.json vendored
View File

@ -3,20 +3,50 @@
"request": { "request": {
"body": "", "body": "",
"headers": { "headers": {
"User-Agent": "localhost - Mobilizon 1.0.0-rc.2-5-g6701e6a4",
"Accept": "application/json, application/activity+json, application/jrd+json" "Accept": "application/json, application/activity+json, application/jrd+json"
}, },
"method": "get", "method": "get",
"options": { "options": {
"follow_redirect": "true" "recv_timeout": 20000
}, },
"request_body": "", "request_body": "",
"url": "http://social.tcit.fr/.well-known/webfinger?resource=acct:tcit@social.tcit.fr" "url": "http://social.tcit.fr/.well-known/webfinger?resource=acct:tcit@social.tcit.fr"
}, },
"response": { "response": {
"binary": false, "binary": false,
"body": "{\"subject\":\"acct:tcit@social.tcit.fr\",\"aliases\":[\"https://social.tcit.fr/@tcit\",\"https://social.tcit.fr/users/tcit\"],\"links\":[{\"rel\":\"http://webfinger.net/rel/profile-page\",\"type\":\"text/html\",\"href\":\"https://social.tcit.fr/@tcit\"},{\"rel\":\"http://schemas.google.com/g/2010#updates-from\",\"type\":\"application/atom+xml\",\"href\":\"https://social.tcit.fr/users/tcit.atom\"},{\"rel\":\"self\",\"type\":\"application/activity+json\",\"href\":\"https://social.tcit.fr/users/tcit\"},{\"rel\":\"salmon\",\"href\":\"https://social.tcit.fr/api/salmon/1\"},{\"rel\":\"magic-public-key\",\"href\":\"data:application/magic-public-key,RSA.pXwYMUdFg3XUd-bGsh8CyiMRGpRGAWuCdM5pDWx5uM4pW2pM3xbHbcI21j9h8BmlAiPg6hbZD73KGly2N8Rt5iIS0I-l6i8kA1JCCdlAaDTRd41RKMggZDoQvjVZQtsyE1VzMeU2kbqqTFN6ew7Hvbd6O0NhixoKoZ5f3jwuBDZoT0p1TAcaMdmG8oqHD97isizkDnRn8cOBA6wtI-xb5xP2zxZMsLpTDZLiKU8XcPKZCw4OfQfmDmKkHtrFb77jCAQj_s_FxjVnvxRwmfhNnWy0D-LUV_g63nHh_b5zXIeV92QZLvDYbgbezmzUzv9UeA1s70GGbaDqCIy85gw9-w==.AQAB\"},{\"rel\":\"http://ostatus.org/schema/1.0/subscribe\",\"template\":\"https://social.tcit.fr/authorize_interaction?uri={uri}\"}]}", "body": "<html>\r\n<head><title>301 Moved Permanently</title></head>\r\n<body>\r\n<center><h1>301 Moved Permanently</h1></center>\r\n<hr><center>nginx/1.19.3</center>\r\n</body>\r\n</html>\r\n",
"headers": { "headers": {
"Date": "Tue, 13 Nov 2018 11:11:10 GMT", "Server": "nginx/1.19.3",
"Date": "Wed, 21 Oct 2020 09:07:41 GMT",
"Content-Type": "text/html",
"Content-Length": "169",
"Connection": "keep-alive",
"Location": "https://social.tcit.fr/.well-known/webfinger?resource=acct:tcit@social.tcit.fr"
},
"status_code": 301,
"type": "ok"
}
},
{
"request": {
"body": "",
"headers": {
"User-Agent": "localhost - Mobilizon 1.0.0-rc.2-5-g6701e6a4",
"Accept": "application/json, application/activity+json, application/jrd+json"
},
"method": "get",
"options": {
"recv_timeout": 20000
},
"request_body": "",
"url": "https://social.tcit.fr/.well-known/webfinger?resource=acct:tcit@social.tcit.fr"
},
"response": {
"binary": false,
"body": "{\"subject\":\"acct:tcit@social.tcit.fr\",\"aliases\":[\"https://social.tcit.fr/@tcit\",\"https://social.tcit.fr/users/tcit\"],\"links\":[{\"rel\":\"http://webfinger.net/rel/profile-page\",\"type\":\"text/html\",\"href\":\"https://social.tcit.fr/@tcit\"},{\"rel\":\"self\",\"type\":\"application/activity+json\",\"href\":\"https://social.tcit.fr/users/tcit\"},{\"rel\":\"http://ostatus.org/schema/1.0/subscribe\",\"template\":\"https://social.tcit.fr/authorize_interaction?uri={uri}\"}]}",
"headers": {
"Date": "Wed, 21 Oct 2020 09:07:41 GMT",
"Content-Type": "application/jrd+json; charset=utf-8", "Content-Type": "application/jrd+json; charset=utf-8",
"Transfer-Encoding": "chunked", "Transfer-Encoding": "chunked",
"Connection": "keep-alive", "Connection": "keep-alive",
@ -24,11 +54,14 @@
"X-Frame-Options": "DENY", "X-Frame-Options": "DENY",
"X-Content-Type-Options": "nosniff", "X-Content-Type-Options": "nosniff",
"X-XSS-Protection": "1; mode=block", "X-XSS-Protection": "1; mode=block",
"Referrer-Policy": "same-origin",
"Strict-Transport-Security": "max-age=63072000; includeSubDomains; preload",
"X-Clacks-Overhead": "GNU Natalie Nguyen",
"Vary": "Accept, Accept-Encoding, Origin", "Vary": "Accept, Accept-Encoding, Origin",
"Cache-Control": "max-age=259200, public", "Cache-Control": "max-age=259200, public",
"ETag": "W/\"33f6cc86f8f97d0ca930761c04e0db58\"", "ETag": "W/\"37760e35c1537b8e02b6d4b4f9ebfe82\"",
"X-Request-Id": "b7f5ad84-5120-4275-aacf-dbb9654be181", "X-Request-Id": "429bb891-1033-498b-91bb-12835984223f",
"X-Runtime": "0.015609", "X-Runtime": "0.072046",
"X-Cached": "MISS" "X-Cached": "MISS"
}, },
"status_code": 200, "status_code": 200,