1 files changed, 86 insertions, 1 deletions

diff --git a/internal/processing/fedi/authorization.go b/internal/processing/fedi/authorization.go
index bbba6a2d8..276dd3a82 100644
--- a/internal/processing/fedi/authorization.go
+++ b/internal/processing/fedi/authorization.go
@@ -19,9 +19,13 @@ package fedi
 
 import (
 	"context"
+	"errors"
+	"fmt"
 
 	"code.superseriousbusiness.org/gotosocial/internal/ap"
+	"code.superseriousbusiness.org/gotosocial/internal/db"
 	"code.superseriousbusiness.org/gotosocial/internal/gtserror"
+	"code.superseriousbusiness.org/gotosocial/internal/gtsmodel"
 )
 
 // AuthorizationGet handles the getting of a fedi/activitypub
@@ -35,7 +39,7 @@ func (p *Processor) AuthorizationGet(
 	intReqID string,
 ) (any, gtserror.WithCode) {
 	// Ensure valid request, intReq exists, etc.
-	intReq, errWithCode := p.validateIntReqRequest(ctx, requestedUser, intReqID)
+	intReq, errWithCode := p.validateAuthGetRequest(ctx, requestedUser, intReqID)
 	if errWithCode != nil {
 		return nil, errWithCode
 	}
@@ -55,3 +59,84 @@ func (p *Processor) AuthorizationGet(
 
 	return data, nil
 }
+
+// AcceptGet handles the getting of a fedi/activitypub
+// representation of a local interaction acceptance.
+//
+// It performs appropriate authentication before
+// returning a JSON serializable interface.
+func (p *Processor) AcceptGet(
+	ctx context.Context,
+	requestedUser string,
+	intReqID string,
+) (any, gtserror.WithCode) {
+	// Ensure valid request, intReq exists, etc.
+	intReq, errWithCode := p.validateAuthGetRequest(ctx, requestedUser, intReqID)
+	if errWithCode != nil {
+		return nil, errWithCode
+	}
+
+	// Convert + serialize the Accept.
+	accept, err := p.converter.InteractionReqToASAccept(ctx, intReq)
+	if err != nil {
+		err := gtserror.Newf("error converting to accept: %w", err)
+		return nil, gtserror.NewErrorInternalError(err)
+	}
+
+	data, err := ap.Serialize(accept)
+	if err != nil {
+		err := gtserror.Newf("error serializing accept: %w", err)
+		return nil, gtserror.NewErrorInternalError(err)
+	}
+
+	return data, nil
+}
+
+// validateAuthGetRequest is a shortcut function
+// for returning an accepted interaction request
+// targeting `requestedUser`.
+func (p *Processor) validateAuthGetRequest(
+	ctx context.Context,
+	requestedUser string,
+	intReqID string,
+) (*gtsmodel.InteractionRequest, gtserror.WithCode) {
+	// Authenticate incoming request, getting related accounts.
+	auth, errWithCode := p.authenticate(ctx, requestedUser)
+	if errWithCode != nil {
+		return nil, errWithCode
+	}
+
+	if auth.handshakingURI != nil {
+		// We're currently handshaking, which means we don't know
+		// this account yet. This should be a very rare race condition.
+		err := gtserror.Newf("network race handshaking %s", auth.handshakingURI)
+		return nil, gtserror.NewErrorInternalError(err)
+	}
+
+	// Fetch interaction request with the given ID.
+	req, err := p.state.DB.GetInteractionRequestByID(ctx, intReqID)
+	if err != nil && !errors.Is(err, db.ErrNoEntries) {
+		err := gtserror.Newf("db error getting interaction request %s: %w", intReqID, err)
+		return nil, gtserror.NewErrorInternalError(err)
+	}
+
+	// Ensure that this is an existing
+	// and *accepted* interaction request.
+	if req == nil || !req.IsAccepted() {
+		const text = "interaction request not found"
+		return nil, gtserror.NewErrorNotFound(errors.New(text))
+	}
+
+	// Ensure interaction request was accepted
+	// by the account in the request path.
+	if req.TargetAccountID != auth.receiver.ID {
+		text := fmt.Sprintf(
+			"account %s is not targeted by interaction request %s and therefore can't accept it",
+			requestedUser, intReqID,
+		)
+		return nil, gtserror.NewErrorNotFound(errors.New(text))
+	}
+
+	// All fine.
+	return req, nil
+}