diff options
Diffstat (limited to 'vendor/github.com/superseriousbusiness')
5 files changed, 83 insertions, 49 deletions
diff --git a/vendor/github.com/superseriousbusiness/activity/pub/base_actor.go b/vendor/github.com/superseriousbusiness/activity/pub/base_actor.go index a89b05cfb..dc79c3b6e 100644 --- a/vendor/github.com/superseriousbusiness/activity/pub/base_actor.go +++ b/vendor/github.com/superseriousbusiness/activity/pub/base_actor.go @@ -4,7 +4,6 @@ import ( "context" "encoding/json" "fmt" - "io/ioutil" "net/http" "net/url" @@ -68,12 +67,7 @@ func NewSocialActor(c CommonBehavior, clock Clock) Actor { return &baseActor{ // Use SideEffectActor without s2s. - delegate: &SideEffectActor{ - common: c, - c2s: c2s, - db: db, - clock: clock, - }, + delegate: NewSideEffectActor(c, nil, c2s, db, clock), enableSocialProtocol: true, clock: clock, } @@ -98,12 +92,7 @@ func NewFederatingActor(c CommonBehavior, return &baseActorFederating{ baseActor{ // Use SideEffectActor without c2s. - delegate: &SideEffectActor{ - common: c, - s2s: s2s, - db: db, - clock: clock, - }, + delegate: NewSideEffectActor(c, s2s, nil, db, clock), enableFederatedProtocol: true, clock: clock, }, @@ -195,14 +184,10 @@ func (b *baseActor) PostInboxScheme(c context.Context, w http.ResponseWriter, r // Begin processing the request, but have not yet applied // authorization (ex: blocks). Obtain the activity reject unknown // activities. - raw, err := ioutil.ReadAll(r.Body) + m, err := readActivityPubReq(r) if err != nil { return true, err } - var m map[string]interface{} - if err = json.Unmarshal(raw, &m); err != nil { - return true, err - } asValue, err := streams.ToType(c, m) if err != nil && !streams.IsUnmatchedErr(err) { return true, err @@ -340,14 +325,10 @@ func (b *baseActor) PostOutboxScheme(c context.Context, w http.ResponseWriter, r return true, nil } // Everything is good to begin processing the request. - raw, err := ioutil.ReadAll(r.Body) + m, err := readActivityPubReq(r) if err != nil { return true, err } - var m map[string]interface{} - if err = json.Unmarshal(raw, &m); err != nil { - return true, err - } // Note that converting to a Type will NOT successfully convert types // not known to go-fed. This prevents accidentally wrapping an Activity // type unknown to go-fed in a Create below. Instead, diff --git a/vendor/github.com/superseriousbusiness/activity/pub/federating_wrapped_callbacks.go b/vendor/github.com/superseriousbusiness/activity/pub/federating_wrapped_callbacks.go index fffee8b81..fe1bf3c8e 100644 --- a/vendor/github.com/superseriousbusiness/activity/pub/federating_wrapped_callbacks.go +++ b/vendor/github.com/superseriousbusiness/activity/pub/federating_wrapped_callbacks.go @@ -2,7 +2,6 @@ package pub import ( "context" - "encoding/json" "fmt" "net/url" @@ -244,12 +243,12 @@ func (w FederatingWrappedCallbacks) create(c context.Context, a vocab.ActivitySt if err != nil { return err } - b, err := tport.Dereference(c, iter.GetIRI()) + resp, err := tport.Dereference(c, iter.GetIRI()) if err != nil { return err } - var m map[string]interface{} - if err = json.Unmarshal(b, &m); err != nil { + m, err := readActivityPubResp(resp) + if err != nil { return err } t, err = streams.ToType(c, m) @@ -514,12 +513,12 @@ func (w FederatingWrappedCallbacks) accept(c context.Context, a vocab.ActivitySt if err != nil { return err } - b, err := tport.Dereference(c, iter.GetIRI()) + resp, err := tport.Dereference(c, iter.GetIRI()) if err != nil { return err } - var m map[string]interface{} - if err = json.Unmarshal(b, &m); err != nil { + m, err := readActivityPubResp(resp) + if err != nil { return err } t, err = streams.ToType(c, m) diff --git a/vendor/github.com/superseriousbusiness/activity/pub/side_effect_actor.go b/vendor/github.com/superseriousbusiness/activity/pub/side_effect_actor.go index 4fe300832..4062cf507 100644 --- a/vendor/github.com/superseriousbusiness/activity/pub/side_effect_actor.go +++ b/vendor/github.com/superseriousbusiness/activity/pub/side_effect_actor.go @@ -629,14 +629,14 @@ func (a *SideEffectActor) hasInboxForwardingValues(c context.Context, inboxIRI * if err != nil { return false, err } - b, err := tport.Dereference(c, iri) + resp, err := tport.Dereference(c, iri) if err != nil { // Do not fail the entire process if the data is // missing. continue } - var m map[string]interface{} - if err = json.Unmarshal(b, &m); err != nil { + m, err := readActivityPubResp(resp) + if err != nil { return false, err } t, err := streams.ToType(c, m) @@ -855,13 +855,14 @@ func (a *SideEffectActor) resolveActors(c context.Context, t Transport, r []*url // The returned actor could be nil, if it wasn't an actor (ex: a Collection or // OrderedCollection). func (a *SideEffectActor) dereferenceForResolvingInboxes(c context.Context, t Transport, actorIRI *url.URL) (actor vocab.Type, moreActorIRIs []*url.URL, err error) { - var resp []byte + var resp *http.Response resp, err = t.Dereference(c, actorIRI) if err != nil { return } var m map[string]interface{} - if err = json.Unmarshal(resp, &m); err != nil { + m, err = readActivityPubResp(resp) + if err != nil { return } actor, err = streams.ToType(c, m) diff --git a/vendor/github.com/superseriousbusiness/activity/pub/transport.go b/vendor/github.com/superseriousbusiness/activity/pub/transport.go index bdc58a97a..a770b8b46 100644 --- a/vendor/github.com/superseriousbusiness/activity/pub/transport.go +++ b/vendor/github.com/superseriousbusiness/activity/pub/transport.go @@ -5,7 +5,6 @@ import ( "context" "crypto" "fmt" - "io/ioutil" "net/http" "net/url" "strings" @@ -40,11 +39,13 @@ func isSuccess(code int) bool { // // It may be reused multiple times, but never concurrently. type Transport interface { - // Dereference fetches the ActivityStreams object located at this IRI - // with a GET request. - Dereference(c context.Context, iri *url.URL) ([]byte, error) + // Dereference fetches the ActivityStreams object located at this IRI with + // a GET request. Note that Response will only be returned on status = OK. + Dereference(c context.Context, iri *url.URL) (*http.Response, error) + // Deliver sends an ActivityStreams object. Deliver(c context.Context, b []byte, to *url.URL) error + // BatchDeliver sends an ActivityStreams object to multiple recipients. BatchDeliver(c context.Context, b []byte, recipients []*url.URL) error } @@ -107,9 +108,8 @@ func NewHttpSigTransport( } } -// Dereference sends a GET request signed with an HTTP Signature to obtain an -// ActivityStreams value. -func (h HttpSigTransport) Dereference(c context.Context, iri *url.URL) ([]byte, error) { +// Dereference sends a GET request signed with an HTTP Signature to obtain an ActivityStreams value. +func (h HttpSigTransport) Dereference(c context.Context, iri *url.URL) (*http.Response, error) { req, err := http.NewRequest("GET", iri.String(), nil) if err != nil { return nil, err @@ -130,11 +130,11 @@ func (h HttpSigTransport) Dereference(c context.Context, iri *url.URL) ([]byte, if err != nil { return nil, err } - defer resp.Body.Close() if resp.StatusCode != http.StatusOK { + _ = resp.Body.Close() return nil, fmt.Errorf("GET request to %s failed (%d): %s", iri.String(), resp.StatusCode, resp.Status) } - return ioutil.ReadAll(resp.Body) + return resp, nil } // Deliver sends a POST request with an HTTP Signature. @@ -166,8 +166,7 @@ func (h HttpSigTransport) Deliver(c context.Context, b []byte, to *url.URL) erro return nil } -// BatchDeliver sends concurrent POST requests. Returns an error if any of the -// requests had an error. +// BatchDeliver sends concurrent POST requests. Returns an error if any of the requests had an error. func (h HttpSigTransport) BatchDeliver(c context.Context, b []byte, recipients []*url.URL) error { var wg sync.WaitGroup errCh := make(chan error, len(recipients)) diff --git a/vendor/github.com/superseriousbusiness/activity/pub/util.go b/vendor/github.com/superseriousbusiness/activity/pub/util.go index a0675b76e..e917205ee 100644 --- a/vendor/github.com/superseriousbusiness/activity/pub/util.go +++ b/vendor/github.com/superseriousbusiness/activity/pub/util.go @@ -8,6 +8,7 @@ import ( "encoding/json" "errors" "fmt" + "io" "net/http" "net/url" "strings" @@ -71,6 +72,59 @@ const ( acceptHeader = "Accept" ) +// readActivityPubReq reads ActivityPub data from an incoming request, handling body close. +func readActivityPubReq(req *http.Request) (map[string]interface{}, error) { + // Ensure closed when done. + defer req.Body.Close() + + var m map[string]interface{} + + // Wrap body in a JSON decoder. + dec := json.NewDecoder(req.Body) + + // Decode JSON body as "raw" AP data map. + if err := dec.Decode(&m); err != nil { + return nil, err + } + + // Perform a final second decode to ensure no trailing + // garbage data or second JSON value (indicates malformed). + if err := dec.Decode(&struct{}{}); err != io.EOF { + return nil, errors.New("trailing data after json") + } + + return m, nil +} + +// readActivityPubResp reads ActivityPub data from a dereference response, handling media type check and body close. +func readActivityPubResp(resp *http.Response) (map[string]interface{}, error) { + // Ensure closed when done. + defer resp.Body.Close() + + // Check the incoming response media type is the expected ActivityPub content-type. + if mediaType := resp.Header.Get("Content-Type"); !headerIsActivityPubMediaType(mediaType) { + return nil, fmt.Errorf("%s %s resp was not ActivityPub media type: %s", resp.Request.Method, resp.Request.URL, mediaType) + } + + var m map[string]interface{} + + // Wrap body in a JSON decoder. + dec := json.NewDecoder(resp.Body) + + // Decode JSON body as "raw" AP data map. + if err := dec.Decode(&m); err != nil { + return nil, err + } + + // Perform a final second decode to ensure no trailing + // garbage data or second JSON value (indicates malformed). + if err := dec.Decode(&struct{}{}); err != io.EOF { + return nil, errors.New("trailing data after json") + } + + return m, nil +} + // isActivityPubPost returns true if the request is a POST request that has the // ActivityStreams content type header func isActivityPubPost(r *http.Request) bool { @@ -774,12 +828,12 @@ func mustHaveActivityActorsMatchObjectActors(c context.Context, if err != nil { return err } - b, err := tport.Dereference(c, iri) + resp, err := tport.Dereference(c, iri) if err != nil { return err } - var m map[string]interface{} - if err = json.Unmarshal(b, &m); err != nil { + m, err := readActivityPubResp(resp) + if err != nil { return err } t, err := streams.ToType(c, m) |