[chore] Refactor AP authentication, other small bits of tidying up (#1874)

This commit is contained in:
tobi
2023-06-13 16:47:56 +02:00
committed by GitHub
parent 433b56d2f9
commit 24fbdf2b0a
38 changed files with 1280 additions and 996 deletions

View File

@@ -19,6 +19,10 @@ package gtscontext
import (
"context"
"net/url"
"github.com/go-fed/httpsig"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
)
// package private context key type.
@@ -29,8 +33,14 @@ const (
_ ctxkey = iota
barebonesKey
fastFailKey
pubKeyIDKey
outgoingPubKeyIDKey
requestIDKey
receivingAccountKey
requestingAccountKey
otherIRIsKey
httpSigVerifierKey
httpSigKey
httpSigPubKeyIDKey
)
// RequestID returns the request ID associated with context. This value will usually
@@ -48,18 +58,97 @@ func SetRequestID(ctx context.Context, id string) context.Context {
return context.WithValue(ctx, requestIDKey, id)
}
// PublicKeyID returns the public key ID (URI) associated with context. This
// OutgoingPublicKeyID returns the public key ID (URI) associated with context. This
// value is useful for logging situations in which a given public key URI is
// relevant, e.g. for outgoing requests being signed by the given key.
func PublicKeyID(ctx context.Context) string {
id, _ := ctx.Value(pubKeyIDKey).(string)
func OutgoingPublicKeyID(ctx context.Context) string {
id, _ := ctx.Value(outgoingPubKeyIDKey).(string)
return id
}
// SetPublicKeyID stores the given public key ID value and returns the wrapped
// SetOutgoingPublicKeyID stores the given public key ID value and returns the wrapped
// context. See PublicKeyID() for further information on the public key ID value.
func SetPublicKeyID(ctx context.Context, id string) context.Context {
return context.WithValue(ctx, pubKeyIDKey, id)
func SetOutgoingPublicKeyID(ctx context.Context, id string) context.Context {
return context.WithValue(ctx, outgoingPubKeyIDKey, id)
}
// ReceivingAccount returns the local account who owns the resource being
// interacted with (inbox, uri, etc) in the current ActivityPub request chain.
func ReceivingAccount(ctx context.Context) *gtsmodel.Account {
acct, _ := ctx.Value(receivingAccountKey).(*gtsmodel.Account)
return acct
}
// SetReceivingAccount stores the given receiving account value and returns the wrapped
// context. See ReceivingAccount() for further information on the receiving account value.
func SetReceivingAccount(ctx context.Context, acct *gtsmodel.Account) context.Context {
return context.WithValue(ctx, receivingAccountKey, acct)
}
// RequestingAccount returns the remote account interacting with a local
// resource (inbox, uri, etc) in the current ActivityPub request chain.
func RequestingAccount(ctx context.Context) *gtsmodel.Account {
acct, _ := ctx.Value(requestingAccountKey).(*gtsmodel.Account)
return acct
}
// SetRequestingAccount stores the given requesting account value and returns the wrapped
// context. See RequestingAccount() for further information on the requesting account value.
func SetRequestingAccount(ctx context.Context, acct *gtsmodel.Account) context.Context {
return context.WithValue(ctx, requestingAccountKey, acct)
}
// OtherIRIs returns other IRIs which are involved in the current ActivityPub request
// chain. This usually means: other accounts who are mentioned, CC'd, TO'd, or boosted
// by the current inbox POST request.
func OtherIRIs(ctx context.Context) []*url.URL {
iris, _ := ctx.Value(otherIRIsKey).([]*url.URL)
return iris
}
// SetOtherIRIs stores the given IRIs slice and returns the wrapped context.
// See OtherIRIs() for further information on the IRIs slice value.
func SetOtherIRIs(ctx context.Context, iris []*url.URL) context.Context {
return context.WithValue(ctx, otherIRIsKey, iris)
}
// HTTPSignatureVerifier returns an http signature verifier for the current ActivityPub
// request chain. This verifier can be called to authenticate the current request.
func HTTPSignatureVerifier(ctx context.Context) httpsig.Verifier {
verifier, _ := ctx.Value(httpSigVerifierKey).(httpsig.Verifier)
return verifier
}
// SetHTTPSignatureVerifier stores the given http signature verifier and returns the
// wrapped context. See HTTPSignatureVerifier() for further information on the verifier value.
func SetHTTPSignatureVerifier(ctx context.Context, verifier httpsig.Verifier) context.Context {
return context.WithValue(ctx, httpSigVerifierKey, verifier)
}
// HTTPSignature returns the http signature string
// value for the current ActivityPub request chain.
func HTTPSignature(ctx context.Context) string {
signature, _ := ctx.Value(httpSigKey).(string)
return signature
}
// SetHTTPSignature stores the given http signature string and returns the wrapped
// context. See HTTPSignature() for further information on the verifier value.
func SetHTTPSignature(ctx context.Context, signature string) context.Context {
return context.WithValue(ctx, httpSigKey, signature)
}
// HTTPSignaturePubKeyID returns the public key id of the http signature
// for the current ActivityPub request chain.
func HTTPSignaturePubKeyID(ctx context.Context) *url.URL {
pubKeyID, _ := ctx.Value(httpSigPubKeyIDKey).(*url.URL)
return pubKeyID
}
// SetHTTPSignaturePubKeyID stores the given http signature public key id and returns
// the wrapped context. See HTTPSignaturePubKeyID() for further information on the value.
func SetHTTPSignaturePubKeyID(ctx context.Context, pubKeyID *url.URL) context.Context {
return context.WithValue(ctx, httpSigPubKeyIDKey, pubKeyID)
}
// IsFastFail returns whether the "fastfail" context key has been set. This