mastodon/app/services/resolve_account_service.rb

# frozen_string_literal: true

class ResolveAccountService < BaseService
  include JsonLdHelper
  include DomainControlHelper

  class WebfingerRedirectError < StandardError; end

  # Find or create an account record for a remote user. When creating,
  # look up the user's webfinger and fetch ActivityPub data
  # @param [String, Account] uri URI in the username@domain format or account record
  # @param [Hash] options
  # @option options [Boolean] :redirected Do not follow further Webfinger redirects
  # @option options [Boolean] :skip_webfinger Do not attempt to refresh account data
  # @return [Account]
  def call(uri, options = {})
    return if uri.blank?

    process_options!(uri, options)

    # First of all we want to check if we've got the account
    # record with the URI already, and if so, we can exit early

    return if domain_not_allowed?(@domain)

    @account ||= Account.find_remote(@username, @domain)

    return @account if @account&.local? || !webfinger_update_due?

    # At this point we are in need of a Webfinger query, which may
    # yield us a different username/domain through a redirect

    process_webfinger!(@uri)

    # Because the username/domain pair may be different than what
    # we already checked, we need to check if we've already got
    # the record with that URI, again

    return if domain_not_allowed?(@domain)

    @account ||= Account.find_remote(@username, @domain)

    return @account if @account&.local? || !webfinger_update_due?

    # Now it is certain, it is definitely a remote account, and it
    # either needs to be created, or updated from fresh data

    process_account!
  rescue Goldfinger::Error, WebfingerRedirectError, Oj::ParseError => e
    Rails.logger.debug "Webfinger query for #{@uri} failed: #{e}"
    nil
  end

  private

  def process_options!(uri, options)
    @options = options

    if uri.is_a?(Account)
      @account  = uri
      @username = @account.username
      @domain   = @account.domain
    else
      @username, @domain = uri.split('@')
    end

    @domain = begin
      if TagManager.instance.local_domain?(@domain)
        nil
      else
        TagManager.instance.normalize_domain(@domain)
      end
    end

    @uri = [@username, @domain].compact.join('@')
  end

  def process_webfinger!(uri, redirected = false)
    @webfinger                           = Goldfinger.finger("acct:#{uri}")
    confirmed_username, confirmed_domain = @webfinger.subject.gsub(/\Aacct:/, '').split('@')

    if confirmed_username.casecmp(@username).zero? && confirmed_domain.casecmp(@domain).zero?
      @username = confirmed_username
      @domain   = confirmed_domain
      @uri      = uri
    elsif !redirected
      return process_webfinger!("#{confirmed_username}@#{confirmed_domain}", true)
    else
      raise WebfingerRedirectError, "The URI #{uri} tries to hijack #{@username}@#{@domain}"
    end

    @domain = nil if TagManager.instance.local_domain?(@domain)
  end

  def process_account!
    return unless activitypub_ready?

    RedisLock.acquire(lock_options) do |lock|
      if lock.acquired?
        @account = Account.find_remote(@username, @domain)

        next if (@account.present? && !@account.activitypub?) || actor_json.nil?

        @account = ActivityPub::ProcessAccountService.new.call(@username, @domain, actor_json)
      else
        raise Mastodon::RaceConditionError
      end
    end

    @account
  end

  def webfinger_update_due?
    @account.nil? || ((!@options[:skip_webfinger] || @account.ostatus?) && @account.possibly_stale?)
  end

  def activitypub_ready?
    !@webfinger.link('self').nil? && ['application/activity+json', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'].include?(@webfinger.link('self').type)
  end

  def actor_url
    @actor_url ||= @webfinger.link('self').href
  end

  def actor_json
    return @actor_json if defined?(@actor_json)

    json        = fetch_resource(actor_url, false)
    @actor_json = supported_context?(json) && equals_or_includes_any?(json['type'], ActivityPub::FetchRemoteAccountService::SUPPORTED_TYPES) ? json : nil
  end

  def lock_options
    { redis: Redis.current, key: "resolve:#{@username}@#{@domain}" }
  end
end
Fix rubocop issues, introduce usage of frozen literal to improve performance 2016-11-15 07:56:29 -08:00			`# frozen_string_literal: true`

Rename ResolveRemoteAccountService to ResolveAccountService (#6327) The service used to be named ResolveRemoteAccountService resolves local accounts as well. 2018-01-22 05:25:09 -08:00			`class ResolveAccountService < BaseService`
Add ActivityPub inbox (#4216) * Add ActivityPub inbox * Handle ActivityPub deletes * Handle ActivityPub creates * Handle ActivityPub announces * Stubs for handling all activities that need to be handled * Add ActivityPub actor resolving * Handle conversation URI passing in ActivityPub * Handle content language in ActivityPub * Send accept header when fetching actor, handle JSON parse errors * Test for ActivityPub::FetchRemoteAccountService * Handle public key and icon/image when embedded/as array/as resolvable URI * Implement ActivityPub::FetchRemoteStatusService * Add stubs for more interactions * Undo activities implemented * Handle out of order activities * Hook up ActivityPub to ResolveRemoteAccountService, handle Update Account activities * Add fragment IDs to all transient activity serializers * Add tests and fixes * Add stubs for missing tests * Add more tests * Add more tests 2017-08-08 12:52:15 -07:00			`include JsonLdHelper`
Refactor domain block checks (#11268) 2019-07-08 18:27:35 -07:00			`include DomainControlHelper`

			`class WebfingerRedirectError < StandardError; end`
Improve Friendica support (but still not there yet) 2016-10-12 12:07:00 -07:00
Refactor domain block checks (#11268) 2019-07-08 18:27:35 -07:00			`# Find or create an account record for a remote user. When creating,`
			`# look up the user's webfinger and fetch ActivityPub data`
			`# @param [String, Account] uri URI in the username@domain format or account record`
Optimize the process of following someone (#9220) * Eliminate extra accounts select query from FollowService * Optimistically update follow state in web UI and hide loading bar Fix #6205 * Asynchronize NotifyService in FollowService And fix failing test * Skip Webfinger resolve routine when called from FollowService if possible If an account is ActivityPub, then webfinger re-resolving is not necessary when called from FollowService. Improve options of ResolveAccountService 2018-11-08 12:05:42 -08:00			`# @param [Hash] options`
Refactor domain block checks (#11268) 2019-07-08 18:27:35 -07:00			`# @option options [Boolean] :redirected Do not follow further Webfinger redirects`
			`# @option options [Boolean] :skip_webfinger Do not attempt to refresh account data`
Send Salmon interactions 2016-02-24 03:57:29 -08:00			`# @return [Account]`
Optimize the process of following someone (#9220) * Eliminate extra accounts select query from FollowService * Optimistically update follow state in web UI and hide loading bar Fix #6205 * Asynchronize NotifyService in FollowService And fix failing test * Skip Webfinger resolve routine when called from FollowService if possible If an account is ActivityPub, then webfinger re-resolving is not necessary when called from FollowService. Improve options of ResolveAccountService 2018-11-08 12:05:42 -08:00			`def call(uri, options = {})`
Refactor domain block checks (#11268) 2019-07-08 18:27:35 -07:00			`return if uri.blank?`

			`process_options!(uri, options)`

			`# First of all we want to check if we've got the account`
			`# record with the URI already, and if so, we can exit early`

			`return if domain_not_allowed?(@domain)`

			`@account \|\|= Account.find_remote(@username, @domain)`

			`return @account if @account&.local? \|\| !webfinger_update_due?`

			`# At this point we are in need of a Webfinger query, which may`
			`# yield us a different username/domain through a redirect`

Fix handling of webfinger redirects in ResolveAccountService (#11279) 2019-07-10 08:10:12 -07:00			`process_webfinger!(@uri)`
Refactor domain block checks (#11268) 2019-07-08 18:27:35 -07:00
			`# Because the username/domain pair may be different than what`
			`# we already checked, we need to check if we've already got`
			`# the record with that URI, again`

			`return if domain_not_allowed?(@domain)`

			`@account \|\|= Account.find_remote(@username, @domain)`

			`return @account if @account&.local? \|\| !webfinger_update_due?`

			`# Now it is certain, it is definitely a remote account, and it`
			`# either needs to be created, or updated from fresh data`

			`process_account!`
			`rescue Goldfinger::Error, WebfingerRedirectError, Oj::ParseError => e`
			`Rails.logger.debug "Webfinger query for #{@uri} failed: #{e}"`
			`nil`
			`end`

			`private`

			`def process_options!(uri, options)`
Optimize the process of following someone (#9220) * Eliminate extra accounts select query from FollowService * Optimistically update follow state in web UI and hide loading bar Fix #6205 * Asynchronize NotifyService in FollowService And fix failing test * Skip Webfinger resolve routine when called from FollowService if possible If an account is ActivityPub, then webfinger re-resolving is not necessary when called from FollowService. Improve options of ResolveAccountService 2018-11-08 12:05:42 -08:00			`@options = options`
Adding Turbolinks, adding status posting form on homepage 2016-03-21 10:26:47 -07:00
Optimize the process of following someone (#9220) * Eliminate extra accounts select query from FollowService * Optimistically update follow state in web UI and hide loading bar Fix #6205 * Asynchronize NotifyService in FollowService And fix failing test * Skip Webfinger resolve routine when called from FollowService if possible If an account is ActivityPub, then webfinger re-resolving is not necessary when called from FollowService. Improve options of ResolveAccountService 2018-11-08 12:05:42 -08:00			`if uri.is_a?(Account)`
			`@account = uri`
			`@username = @account.username`
			`@domain = @account.domain`
			`else`
			`@username, @domain = uri.split('@')`
			`end`
Separate PuSH subscriptions from following, add mastodon:push:refresh task, respect hub.lease_seconds (fix #46) 2016-09-19 15:39:03 -07:00
Fix acct URIs with IDN domains not being resolved (#11520) Fix #11494 2019-08-07 12:14:08 -07:00			`@domain = begin`
			`if TagManager.instance.local_domain?(@domain)`
			`nil`
			`else`
			`TagManager.instance.normalize_domain(@domain)`
			`end`
			`end`

			`@uri = [@username, @domain].compact.join('@')`
Refactor domain block checks (#11268) 2019-07-08 18:27:35 -07:00			`end`
Initial commit 2016-02-20 13:53:20 -08:00
Fix handling of webfinger redirects in ResolveAccountService (#11279) 2019-07-10 08:10:12 -07:00			`def process_webfinger!(uri, redirected = false)`
Fix acct URIs with IDN domains not being resolved (#11520) Fix #11494 2019-08-07 12:14:08 -07:00			`@webfinger = Goldfinger.finger("acct:#{uri}")`
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock 2017-07-19 05:44:04 -07:00			`confirmed_username, confirmed_domain = @webfinger.subject.gsub(/\Aacct:/, '').split('@')`
Allow @username@domain/@username in follow form, prevent duplicate accounts created via remote look-up when domains differ but point to the same resource 2016-11-03 08:57:44 -07:00
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock 2017-07-19 05:44:04 -07:00			`if confirmed_username.casecmp(@username).zero? && confirmed_domain.casecmp(@domain).zero?`
			`@username = confirmed_username`
			`@domain = confirmed_domain`
Fix handling of webfinger redirects in ResolveAccountService (#11279) 2019-07-10 08:10:12 -07:00			`@uri = uri`
			`elsif !redirected`
			`return process_webfinger!("#{confirmed_username}@#{confirmed_domain}", true)`
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock 2017-07-19 05:44:04 -07:00			`else`
Refactor domain block checks (#11268) 2019-07-08 18:27:35 -07:00			`raise WebfingerRedirectError, "The URI #{uri} tries to hijack #{@username}@#{@domain}"`
Fix possibility of unrightful webfinger redirect (#2147) * Fix possibility of unrightful webfinger redirect * Add more tests for FollowRemoteAccountService 2017-04-19 08:28:35 -07:00			`end`

Refactor domain block checks (#11268) 2019-07-08 18:27:35 -07:00			`@domain = nil if TagManager.instance.local_domain?(@domain)`
			`end`

			`def process_account!`
Remove Salmon and PubSubHubbub (#11205) * Remove Salmon and PubSubHubbub endpoints * Add error when trying to follow OStatus accounts * Fix new accounts not being created in ResolveAccountService 2019-07-06 14:26:16 -07:00			`return unless activitypub_ready?`
Allow @username@domain/@username in follow form, prevent duplicate accounts created via remote look-up when domains differ but point to the same resource 2016-11-03 08:57:44 -07:00
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock 2017-07-19 05:44:04 -07:00			`RedisLock.acquire(lock_options) do \|lock\|`
			`if lock.acquired?`
			`@account = Account.find_remote(@username, @domain)`
Allow @username@domain/@username in follow form, prevent duplicate accounts created via remote look-up when domains differ but point to the same resource 2016-11-03 08:57:44 -07:00
Refactor domain block checks (#11268) 2019-07-08 18:27:35 -07:00			`next if (@account.present? && !@account.activitypub?) \|\| actor_json.nil?`
Remove Salmon and PubSubHubbub (#11205) * Remove Salmon and PubSubHubbub endpoints * Add error when trying to follow OStatus accounts * Fix new accounts not being created in ResolveAccountService 2019-07-06 14:26:16 -07:00
Refactor domain block checks (#11268) 2019-07-08 18:27:35 -07:00			`@account = ActivityPub::ProcessAccountService.new.call(@username, @domain, actor_json)`
Raise Mastodon::RaceConditionError if Redis lock failed (#7511) An explicit error allows user agents to know the error and Sidekiq to retry. 2018-05-16 03:29:45 -07:00			`else`
			`raise Mastodon::RaceConditionError`
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock 2017-07-19 05:44:04 -07:00			`end`
Refresh webfinger (#1323) * Refresh local info for remote accounts when webfinger returns new values It only refreshes account info if one of the URLs or the public-key changes, in which cases it refreshes the full info, re-downloading the feeds from that user. Some special handling should probably be done when the public key changes, but I have been unable to find any use for it in Mastodon yet. * Re-fetch remote users we aren't subscribed to. This might induce performance issues, we might want to only do that for users we explicitly attempted to subscribe but failed to. * Refactor changes * Do not refresh existing remote account details more than once a day * Avoid re-fetching webfinger info in tests unless otherwise specified 2017-04-14 18:16:05 -07:00			`end`
Allow @username@domain/@username in follow form, prevent duplicate accounts created via remote look-up when domains differ but point to the same resource 2016-11-03 08:57:44 -07:00
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock 2017-07-19 05:44:04 -07:00			`@account`
			`end`
Domain blocks now have varying severity - auto-suspend vs auto-silence 2017-01-23 08:38:38 -08:00
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock 2017-07-19 05:44:04 -07:00			`def webfinger_update_due?`
Optimize the process of following someone (#9220) * Eliminate extra accounts select query from FollowService * Optimistically update follow state in web UI and hide loading bar Fix #6205 * Asynchronize NotifyService in FollowService And fix failing test * Skip Webfinger resolve routine when called from FollowService if possible If an account is ActivityPub, then webfinger re-resolving is not necessary when called from FollowService. Improve options of ResolveAccountService 2018-11-08 12:05:42 -08:00			`@account.nil? \|\| ((!@options[:skip_webfinger] \|\| @account.ostatus?) && @account.possibly_stale?)`
Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock 2017-07-19 05:44:04 -07:00			`end`
Fixes and general progress 2016-02-22 09:10:30 -08:00
Add ActivityPub inbox (#4216) * Add ActivityPub inbox * Handle ActivityPub deletes * Handle ActivityPub creates * Handle ActivityPub announces * Stubs for handling all activities that need to be handled * Add ActivityPub actor resolving * Handle conversation URI passing in ActivityPub * Handle content language in ActivityPub * Send accept header when fetching actor, handle JSON parse errors * Test for ActivityPub::FetchRemoteAccountService * Handle public key and icon/image when embedded/as array/as resolvable URI * Implement ActivityPub::FetchRemoteStatusService * Add stubs for more interactions * Undo activities implemented * Handle out of order activities * Hook up ActivityPub to ResolveRemoteAccountService, handle Update Account activities * Add fragment IDs to all transient activity serializers * Add tests and fixes * Add stubs for missing tests * Add more tests * Add more tests 2017-08-08 12:52:15 -07:00			`def activitypub_ready?`
Remove Salmon and PubSubHubbub (#11205) * Remove Salmon and PubSubHubbub endpoints * Add error when trying to follow OStatus accounts * Fix new accounts not being created in ResolveAccountService 2019-07-06 14:26:16 -07:00			`!@webfinger.link('self').nil? && ['application/activity+json', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'].include?(@webfinger.link('self').type)`
Add ActivityPub inbox (#4216) * Add ActivityPub inbox * Handle ActivityPub deletes * Handle ActivityPub creates * Handle ActivityPub announces * Stubs for handling all activities that need to be handled * Add ActivityPub actor resolving * Handle conversation URI passing in ActivityPub * Handle content language in ActivityPub * Send accept header when fetching actor, handle JSON parse errors * Test for ActivityPub::FetchRemoteAccountService * Handle public key and icon/image when embedded/as array/as resolvable URI * Implement ActivityPub::FetchRemoteStatusService * Add stubs for more interactions * Undo activities implemented * Handle out of order activities * Hook up ActivityPub to ResolveRemoteAccountService, handle Update Account activities * Add fragment IDs to all transient activity serializers * Add tests and fixes * Add stubs for missing tests * Add more tests * Add more tests 2017-08-08 12:52:15 -07:00			`end`

			`def actor_url`
			`@actor_url \|\|= @webfinger.link('self').href`
			`end`

Require "inbox" to be set on actor to be ActivityPub-ready (#4595) 2017-08-14 02:27:25 -07:00			`def actor_json`
			`return @actor_json if defined?(@actor_json)`

Validate id of ActivityPub representations (#5114) Additionally, ActivityPub::FetchRemoteStatusService no longer parses activities. OStatus::Activity::Creation no longer delegates to ActivityPub because the provided ActivityPub representations are not signed while OStatus representations are. 2017-10-03 16:13:48 -07:00			`json = fetch_resource(actor_url, false)`
Support Actors/Statuses with multiple types (#7305) * Add equals_or_includes_any? helper in JsonLdHelper * Support arrays in JSON-LD type fields for actors/tags/objects. * Spec for resolving accounts with extension types * Style tweaks for codeclimate 2018-05-02 03:40:24 -07:00			`@actor_json = supported_context?(json) && equals_or_includes_any?(json['type'], ActivityPub::FetchRemoteAccountService::SUPPORTED_TYPES) ? json : nil`
Require "inbox" to be set on actor to be ActivityPub-ready (#4595) 2017-08-14 02:27:25 -07:00			`end`

Refactor ResolveRemoteAccountService (#4258) * Refactor ResolveRemoteAccountService * Remove trailing whitespace * Use redis locks around critical ResolveRemoteAccountService code * Add test for race condition of lock 2017-07-19 05:44:04 -07:00			`def lock_options`
			`{ redis: Redis.current, key: "resolve:#{@username}@#{@domain}" }`
Update profile information and download avatar of remote accounts 2016-02-28 05:26:26 -08:00			`end`
Initial commit 2016-02-20 13:53:20 -08:00			`end`