fix: instanceの一意性を保証できるように

2023-11-21 16:25:31 +09:00 · 2023-11-21 16:25:31 +09:00 · 4655156e35
parent 8fa96b771e
commit 4655156e35
5 changed files with 24 additions and 7 deletions
--- a/src/main/kotlin/dev/usbharu/hideout/application/config/SecurityConfig.kt
+++ b/src/main/kotlin/dev/usbharu/hideout/application/config/SecurityConfig.kt
@ -6,6 +6,7 @@ import com.nimbusds.jose.jwk.RSAKey
 import com.nimbusds.jose.jwk.source.ImmutableJWKSet
 import com.nimbusds.jose.jwk.source.JWKSource
 import com.nimbusds.jose.proc.SecurityContext
+import dev.usbharu.hideout.activitypub.service.objects.user.APUserService
 import dev.usbharu.hideout.application.external.Transaction
 import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureFilter
 import dev.usbharu.hideout.core.infrastructure.springframework.httpsignature.HttpSignatureUserDetailsService
@ -113,8 +114,12 @@ class SecurityConfig {
    }

    @Bean
-    fun getHttpSignatureFilter(authenticationManager: AuthenticationManager): HttpSignatureFilter {
-        val httpSignatureFilter = HttpSignatureFilter(DefaultSignatureHeaderParser())
+    fun getHttpSignatureFilter(
+        authenticationManager: AuthenticationManager,
+        transaction: Transaction,
+        apUserService: APUserService
+    ): HttpSignatureFilter {
+        val httpSignatureFilter = HttpSignatureFilter(DefaultSignatureHeaderParser(), transaction, apUserService)
        httpSignatureFilter.setAuthenticationManager(authenticationManager)
        httpSignatureFilter.setContinueFilterChainOnUnsuccessfulAuthentication(false)
        val authenticationEntryPointFailureHandler =
--- a/src/main/kotlin/dev/usbharu/hideout/core/infrastructure/exposedquery/InstanceQueryServiceImpl.kt
+++ b/src/main/kotlin/dev/usbharu/hideout/core/infrastructure/exposedquery/InstanceQueryServiceImpl.kt
@ -12,5 +12,5 @@ import dev.usbharu.hideout.core.domain.model.instance.Instance as InstanceEntity
@Repository
 class InstanceQueryServiceImpl : InstanceQueryService {
    override suspend fun findByUrl(url: String): InstanceEntity = Instance.select { Instance.url eq url }
-        .singleOr { FailedToGetResourcesException("url is doesn't exist") }.toInstance()
+        .singleOr { FailedToGetResourcesException("$url is doesn't exist", it) }.toInstance()
 }
--- a/src/main/kotlin/dev/usbharu/hideout/core/infrastructure/exposedrepository/InstanceRepositoryImpl.kt
+++ b/src/main/kotlin/dev/usbharu/hideout/core/infrastructure/exposedrepository/InstanceRepositoryImpl.kt
@ -79,9 +79,9 @@ object Instance : Table("instance") {
    val id = long("id")
    val name = varchar("name", 1000)
    val description = varchar("description", 5000)
-    val url = varchar("url", 255)
+    val url = varchar("url", 255).uniqueIndex()
    val iconUrl = varchar("icon_url", 255)
-    val sharedInbox = varchar("shared_inbox", 255).nullable()
+    val sharedInbox = varchar("shared_inbox", 255).nullable().uniqueIndex()
    val software = varchar("software", 255)
    val version = varchar("version", 255)
    val isBlocked = bool("is_blocked")
--- a/src/main/kotlin/dev/usbharu/hideout/core/infrastructure/springframework/httpsignature/HttpSignatureFilter.kt
+++ b/src/main/kotlin/dev/usbharu/hideout/core/infrastructure/springframework/httpsignature/HttpSignatureFilter.kt
@ -1,14 +1,21 @@
 package dev.usbharu.hideout.core.infrastructure.springframework.httpsignature

+import dev.usbharu.hideout.activitypub.service.objects.user.APUserService
+import dev.usbharu.hideout.application.external.Transaction
 import dev.usbharu.httpsignature.common.HttpHeaders
 import dev.usbharu.httpsignature.common.HttpMethod
 import dev.usbharu.httpsignature.common.HttpRequest
 import dev.usbharu.httpsignature.verify.SignatureHeaderParser
 import jakarta.servlet.http.HttpServletRequest
+import kotlinx.coroutines.runBlocking
 import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
 import java.net.URL

-class HttpSignatureFilter(private val httpSignatureHeaderParser: SignatureHeaderParser) :
+class HttpSignatureFilter(
+    private val httpSignatureHeaderParser: SignatureHeaderParser,
+    private val transaction: Transaction,
+    private val apUserService: APUserService
+) :
    AbstractPreAuthenticatedProcessingFilter() {
    override fun getPreAuthenticatedPrincipal(request: HttpServletRequest?): Any? {
        val headersList = request?.headerNames?.toList().orEmpty()
@ -23,6 +30,11 @@ class HttpSignatureFilter(private val httpSignatureHeaderParser: SignatureHeader
        } catch (_: RuntimeException) {
            return ""
        }
+        runBlocking {
+            transaction.transaction {
+                apUserService.fetchPerson(signature.keyId)
+            }
+        }
        return signature.keyId
    }

--- a/src/main/kotlin/dev/usbharu/hideout/core/service/instance/InstanceService.kt
+++ b/src/main/kotlin/dev/usbharu/hideout/core/service/instance/InstanceService.kt
@ -31,7 +31,7 @@ class InstanceServiceImpl(
        val resolveInstanceUrl = u.protocol + "://" + u.host

        try {
-            return instanceQueryService.findByUrl(url)
+            return instanceQueryService.findByUrl(resolveInstanceUrl)
        } catch (e: FailedToGetResourcesException) {
            logger.info("Instance not found. try fetch instance info. url: {}", resolveInstanceUrl)
            logger.debug("Failed to get resources. url: {}", resolveInstanceUrl, e)