usbharu
/
Hideout
mirror of https://github.com/usbharu/Hideout.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

fix: instanceの一意性を保証できるように

This commit is contained in:
usbharu 2023-11-21 16:25:31 +09:00
parent 8fa96b771e
commit 4655156e35
5 changed files with 24 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/main/kotlin/dev/usbharu/hideout/application/config/SecurityConfig.kt
View File

@ -6,6 +6,7 @@ import com.nimbusds.jose.jwk.RSAKey
import com.nimbusds.jose.jwk.source.ImmutableJWKSet import com.nimbusds.jose.jwk.source.ImmutableJWKSet
import com.nimbusds.jose.jwk.source.JWKSource import com.nimbusds.jose.jwk.source.JWKSource
import com.nimbusds.jose.proc.SecurityContext import com.nimbusds.jose.proc.SecurityContext
import dev.usbharu.hideout.activitypub.service.objects.user.APUserService
import dev.usbharu.hideout.application.external.Transaction import dev.usbharu.hideout.application.external.Transaction
import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureFilter import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureFilter
import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureUserDetailsService import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureUserDetailsService
@ -113,8 +114,12 @@ class SecurityConfig {
} }
@Bean @Bean
fun getHttpSignatureFilter(authenticationManager: AuthenticationManager): HttpSignatureFilter { fun getHttpSignatureFilter(
val httpSignatureFilter = HttpSignatureFilter(DefaultSignatureHeaderParser()) authenticationManager: AuthenticationManager,
transaction: Transaction,
apUserService: APUserService
): HttpSignatureFilter {
val httpSignatureFilter = HttpSignatureFilter(DefaultSignatureHeaderParser(), transaction, apUserService)
httpSignatureFilter.setAuthenticationManager(authenticationManager) httpSignatureFilter.setAuthenticationManager(authenticationManager)
httpSignatureFilter.setContinueFilterChainOnUnsuccessfulAuthentication(false) httpSignatureFilter.setContinueFilterChainOnUnsuccessfulAuthentication(false)
val authenticationEntryPointFailureHandler = val authenticationEntryPointFailureHandler =

2
src/main/kotlin/dev/usbharu/hideout/core/infrastructure/exposedquery/InstanceQueryServiceImpl.kt
View File

@ -12,5 +12,5 @@ import dev.usbharu.hideout.core.domain.model.instance.Instance as InstanceEntity
@Repository @Repository
class InstanceQueryServiceImpl : InstanceQueryService { class InstanceQueryServiceImpl : InstanceQueryService {
override suspend fun findByUrl(url: String): InstanceEntity = Instance.select { Instance.url eq url } override suspend fun findByUrl(url: String): InstanceEntity = Instance.select { Instance.url eq url }
.singleOr { FailedToGetResourcesException("url is doesn't exist") }.toInstance() .singleOr { FailedToGetResourcesException("$url is doesn't exist", it) }.toInstance()
} }

4
src/main/kotlin/dev/usbharu/hideout/core/infrastructure/exposedrepository/InstanceRepositoryImpl.kt
View File

@ -79,9 +79,9 @@ object Instance : Table("instance") {
val id = long("id") val id = long("id")
val name = varchar("name", 1000) val name = varchar("name", 1000)
val description = varchar("description", 5000) val description = varchar("description", 5000)
val url = varchar("url", 255) val url = varchar("url", 255).uniqueIndex()
val iconUrl = varchar("icon_url", 255) val iconUrl = varchar("icon_url", 255)
val sharedInbox = varchar("shared_inbox", 255).nullable() val sharedInbox = varchar("shared_inbox", 255).nullable().uniqueIndex()
val software = varchar("software", 255) val software = varchar("software", 255)
val version = varchar("version", 255) val version = varchar("version", 255)
val isBlocked = bool("is_blocked") val isBlocked = bool("is_blocked")

14
src/main/kotlin/dev/usbharu/hideout/core/infrastructure/springframework/httpsignature/HttpSignatureFilter.kt
View File

@ -1,14 +1,21 @@
package dev.usbharu.hideout.core.infrastructure.springframework.httpsignature package dev.usbharu.hideout.core.infrastructure.springframework.httpsignature
import dev.usbharu.hideout.activitypub.service.objects.user.APUserService
import dev.usbharu.hideout.application.external.Transaction
import dev.usbharu.httpsignature.common.HttpHeaders import dev.usbharu.httpsignature.common.HttpHeaders
import dev.usbharu.httpsignature.common.HttpMethod import dev.usbharu.httpsignature.common.HttpMethod
import dev.usbharu.httpsignature.common.HttpRequest import dev.usbharu.httpsignature.common.HttpRequest
import dev.usbharu.httpsignature.verify.SignatureHeaderParser import dev.usbharu.httpsignature.verify.SignatureHeaderParser
import jakarta.servlet.http.HttpServletRequest import jakarta.servlet.http.HttpServletRequest
import kotlinx.coroutines.runBlocking
import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
import java.net.URL import java.net.URL
class HttpSignatureFilter(private val httpSignatureHeaderParser: SignatureHeaderParser) : class HttpSignatureFilter(
private val httpSignatureHeaderParser: SignatureHeaderParser,
private val transaction: Transaction,
private val apUserService: APUserService
) :
AbstractPreAuthenticatedProcessingFilter() { AbstractPreAuthenticatedProcessingFilter() {
override fun getPreAuthenticatedPrincipal(request: HttpServletRequest?): Any? { override fun getPreAuthenticatedPrincipal(request: HttpServletRequest?): Any? {
val headersList = request?.headerNames?.toList().orEmpty() val headersList = request?.headerNames?.toList().orEmpty()
@ -23,6 +30,11 @@ class HttpSignatureFilter(private val httpSignatureHeaderParser: SignatureHeader
} catch (_: RuntimeException) { } catch (_: RuntimeException) {
return "" return ""
} }
runBlocking {
transaction.transaction {
apUserService.fetchPerson(signature.keyId)
}
}
return signature.keyId return signature.keyId
} }

2
src/main/kotlin/dev/usbharu/hideout/core/service/instance/InstanceService.kt
View File

@ -31,7 +31,7 @@ class InstanceServiceImpl(
val resolveInstanceUrl = u.protocol + "://" + u.host val resolveInstanceUrl = u.protocol + "://" + u.host
try { try {
return instanceQueryService.findByUrl(url) return instanceQueryService.findByUrl(resolveInstanceUrl)
} catch (e: FailedToGetResourcesException) { } catch (e: FailedToGetResourcesException) {
logger.info("Instance not found. try fetch instance info. url: {}", resolveInstanceUrl) logger.info("Instance not found. try fetch instance info. url: {}", resolveInstanceUrl)
logger.debug("Failed to get resources. url: {}", resolveInstanceUrl, e) logger.debug("Failed to get resources. url: {}", resolveInstanceUrl, e)