modify comment

This commit is contained in:
tamaina 2024-07-18 00:24:47 +09:00
parent 99113d59f4
commit c00b61e90b
1 changed files with 24 additions and 8 deletions

View File

@ -146,9 +146,10 @@ export class ApDbResolverService implements OnApplicationShutdown {
* @param uri AP Actor id * @param uri AP Actor id
* @param keyId Key id to find. If not specified, main key will be selected. * @param keyId Key id to find. If not specified, main key will be selected.
* @returns * @returns
* 1. `null` * 1. `null` if the user and key host do not match
* 2. userが見つからない場合`{ user: null, key: null }` * 2. `{ user: null, key: null }` if the user is not found
* 3. keyが見つからない場合`{ user, key: null }` * 3. `{ user: MiRemoteUser, key: null }` if key is not found
* 4. `{ user: MiRemoteUser, key: MiUserPublickey }` if both are found
*/ */
@bindThis @bindThis
public async getAuthUserFromApId(uri: string, keyId?: string): Promise<{ public async getAuthUserFromApId(uri: string, keyId?: string): Promise<{
@ -165,11 +166,21 @@ export class ApDbResolverService implements OnApplicationShutdown {
* keyIdはURL形式かつkeyIdのホストはuriのホストと一致するはず * keyIdはURL形式かつkeyIdのホストはuriのホストと一致するはず
* ApPersonService.validateActorに由来 * ApPersonService.validateActorに由来
* *
* Mastodonはリプライ関連で他人のートをHTTP Signature署名して送ってくることがある * Mastodonはリプライ関連で他人のトゥートをHTTP Signature署名して送ってくることがある
* *
* uriとkeyIdのホストが一致しない場合は無視する * uriとkeyIdのホストが一致しない場合は無視する
* keyIdとuriの同一性を比べてみてもいいが`uri#*-key`keyIdを設定するのが * keyIdとuriの同一性を比べてみてもいいが`uri#*-key`keyIdを設定するのが
* *
*
*
* The keyId should be in URL format and its host should match the host of the uri
* (derived from ApPersonService.validateActor)
*
* However, Mastodon sometimes sends toots from other users with HTTP Signature signing for reply-related purposes
* Such signatures are of questionable validity, so we choose to ignore them
* Here, we ignore cases where the hosts of uri and keyId do not match
* We could also compare the equality of keyId without the hash and uri, but since setting a keyId like `uri#*-key`
* is not a strict rule, we decide to allow for some flexibility
*/ */
this.logger.warn(`actor uri and keyId are not matched uri=${uri} keyId=${keyId}`); this.logger.warn(`actor uri and keyId are not matched uri=${uri} keyId=${keyId}`);
return null; return null;
@ -187,7 +198,7 @@ export class ApDbResolverService implements OnApplicationShutdown {
} }
if (!keyId) { if (!keyId) {
// mainっぽいのを選ぶ // Choose the main-like
const mainKey = keys.find(x => { const mainKey = keys.find(x => {
try { try {
const url = new URL(x.keyId); const url = new URL(x.keyId);
@ -209,15 +220,20 @@ export class ApDbResolverService implements OnApplicationShutdown {
const exactKey = keys.find(x => x.keyId === keyId); const exactKey = keys.find(x => x.keyId === keyId);
if (exactKey) return { user, key: exactKey }; if (exactKey) return { user, key: exactKey };
// keyIdで見つからない場合 /**
// まずはキャッシュを更新して再取得 * keyIdで見つからない場合
* If not found with keyId, update cache and reacquire
*/
const cacheRaw = this.publicKeyByUserIdCache.cache.get(user.id); const cacheRaw = this.publicKeyByUserIdCache.cache.get(user.id);
if (cacheRaw && cacheRaw.date > Date.now() - 1000 * 60 * 12) { if (cacheRaw && cacheRaw.date > Date.now() - 1000 * 60 * 12) {
const exactKey = await this.refreshAndFindKey(user.id, keyId); const exactKey = await this.refreshAndFindKey(user.id, keyId);
if (exactKey) return { user, key: exactKey }; if (exactKey) return { user, key: exactKey };
} }
// lastFetchedAtでの更新制限を弱めて再取得 /**
* lastFetchedAtでの更新制限を弱めて再取得
* Reacquisition with weakened update limit at lastFetchedAt
*/
if (user.lastFetchedAt == null || user.lastFetchedAt < new Date(Date.now() - 1000 * 60 * 12)) { if (user.lastFetchedAt == null || user.lastFetchedAt < new Date(Date.now() - 1000 * 60 * 12)) {
this.logger.info(`Fetching user to find public key uri=${uri} userId=${user.id} keyId=${keyId}`); this.logger.info(`Fetching user to find public key uri=${uri} userId=${user.id} keyId=${keyId}`);
const renewed = await this.apPersonService.fetchPersonWithRenewal(uri, 0); const renewed = await this.apPersonService.fetchPersonWithRenewal(uri, 0);