Get Mastodon signed fetch working (#98)

* debug signed fetch * regex * content-type * no dbg * clippy
2024-05-04 02:08:45 +00:00 · 2024-03-08 15:26:57 +01:00 · 2024-03-08 15:26:57 +01:00 · 9b31a7b44b
parent 147f144769
commit 9b31a7b44b
3 changed files with 16 additions and 5 deletions
--- a/src/fetch/mod.rs
+++ b/src/fetch/mod.rs
@ -57,11 +57,14 @@ pub async fn fetch_object_http<T: Clone, Kind: DeserializeOwned>(
    static ALT_CONTENT_TYPE: HeaderValue = HeaderValue::from_static(
        r#"application/ld+json; profile="https://www.w3.org/ns/activitystreams""#,
    );
+    static ALT_CONTENT_TYPE_MASTODON: HeaderValue =
+        HeaderValue::from_static(r#"application/activity+json; charset=utf-8"#);
    let res = fetch_object_http_with_accept(url, data, &CONTENT_TYPE).await?;

    // Ensure correct content-type to prevent vulnerabilities.
    if res.content_type.as_ref() != Some(&CONTENT_TYPE)
        && res.content_type.as_ref() != Some(&ALT_CONTENT_TYPE)
+        && res.content_type.as_ref() != Some(&ALT_CONTENT_TYPE_MASTODON)
    {
        return Err(Error::FetchInvalidContentType(res.url));
    }
--- a/src/fetch/object_id.rs
+++ b/src/fetch/object_id.rs
@ -197,9 +197,9 @@ static ACTOR_REFETCH_INTERVAL_SECONDS_DEBUG: i64 = 20;
 fn should_refetch_object(last_refreshed: DateTime<Utc>) -> bool {
    let update_interval = if cfg!(debug_assertions) {
        // avoid infinite loop when fetching community outbox
-        ChronoDuration::seconds(ACTOR_REFETCH_INTERVAL_SECONDS_DEBUG)
+        ChronoDuration::try_seconds(ACTOR_REFETCH_INTERVAL_SECONDS_DEBUG).expect("valid duration")
    } else {
-        ChronoDuration::seconds(ACTOR_REFETCH_INTERVAL_SECONDS)
+        ChronoDuration::try_seconds(ACTOR_REFETCH_INTERVAL_SECONDS).expect("valid duration")
    };
    let refresh_limit = Utc::now() - update_interval;
    last_refreshed.lt(&refresh_limit)
@ -362,10 +362,10 @@ pub mod tests {

    #[test]
    fn test_should_refetch_object() {
-        let one_second_ago = Utc::now() - ChronoDuration::seconds(1);
+        let one_second_ago = Utc::now() - ChronoDuration::try_seconds(1).unwrap();
        assert!(!should_refetch_object(one_second_ago));

-        let two_days_ago = Utc::now() - ChronoDuration::days(2);
+        let two_days_ago = Utc::now() - ChronoDuration::try_days(2).unwrap();
        assert!(should_refetch_object(two_days_ago));
    }
 }
--- a/src/fetch/webfinger.rs
+++ b/src/fetch/webfinger.rs
@ -121,7 +121,7 @@ where
    T: Clone,
 {
    static WEBFINGER_REGEX: Lazy<Regex> =
-        Lazy::new(|| Regex::new(r"^acct:([\p{L}0-9_]+)@(.*)$").expect("compile regex"));
+        Lazy::new(|| Regex::new(r"^acct:([\p{L}0-9_\.\-]+)@(.*)$").expect("compile regex"));
    // Regex to extract usernames from webfinger query. Supports different alphabets using `\p{L}`.
    // TODO: This should use a URL parser
    let captures = WEBFINGER_REGEX
@ -288,6 +288,14 @@ mod tests {
            Ok("Владимир"),
            extract_webfinger_name("acct:Владимир@example.com", &data)
        );
+        assert_eq!(
+            Ok("example.com"),
+            extract_webfinger_name("acct:example.com@example.com", &data)
+        );
+        assert_eq!(
+            Ok("da-sh"),
+            extract_webfinger_name("acct:da-sh@example.com", &data)
+        );
        assert_eq!(
            Ok("تجريب"),
            extract_webfinger_name("acct:تجريب@example.com", &data)