mirror of
https://github.com/superseriousbusiness/gotosocial
synced 2025-06-05 21:59:39 +02:00
[feature] Allow admins to expire remote public keys; refetch expired keys on demand (#2183)
This commit is contained in:
87
internal/processing/admin/domainkeysexpire.go
Normal file
87
internal/processing/admin/domainkeysexpire.go
Normal file
@@ -0,0 +1,87 @@
|
||||
// GoToSocial
|
||||
// Copyright (C) GoToSocial Authors admin@gotosocial.org
|
||||
// SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU Affero General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This program is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU Affero General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU Affero General Public License
|
||||
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
package admin
|
||||
|
||||
import (
|
||||
"context"
|
||||
"time"
|
||||
|
||||
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/id"
|
||||
)
|
||||
|
||||
// DomainKeysExpire iterates through all
|
||||
// accounts belonging to the given domain,
|
||||
// and expires the public key of each
|
||||
// account found this way.
|
||||
//
|
||||
// The PublicKey for each account will be
|
||||
// re-fetched next time a signed request
|
||||
// from that account is received.
|
||||
func (p *Processor) DomainKeysExpire(
|
||||
ctx context.Context,
|
||||
adminAcct *gtsmodel.Account,
|
||||
domain string,
|
||||
) (string, gtserror.WithCode) {
|
||||
actionID := id.NewULID()
|
||||
|
||||
// Process key expiration asynchronously.
|
||||
if errWithCode := p.actions.Run(
|
||||
ctx,
|
||||
>smodel.AdminAction{
|
||||
ID: actionID,
|
||||
TargetCategory: gtsmodel.AdminActionCategoryDomain,
|
||||
TargetID: domain,
|
||||
Type: gtsmodel.AdminActionExpireKeys,
|
||||
AccountID: adminAcct.ID,
|
||||
},
|
||||
func(ctx context.Context) gtserror.MultiError {
|
||||
return p.domainKeysExpireSideEffects(ctx, domain)
|
||||
},
|
||||
); errWithCode != nil {
|
||||
return actionID, errWithCode
|
||||
}
|
||||
|
||||
return actionID, nil
|
||||
}
|
||||
|
||||
func (p *Processor) domainKeysExpireSideEffects(ctx context.Context, domain string) gtserror.MultiError {
|
||||
var (
|
||||
expiresAt = time.Now()
|
||||
errs gtserror.MultiError
|
||||
)
|
||||
|
||||
// For each account on this domain, expire
|
||||
// the public key and update the account.
|
||||
if err := p.rangeDomainAccounts(ctx, domain, func(account *gtsmodel.Account) {
|
||||
account.PublicKeyExpiresAt = expiresAt
|
||||
|
||||
if err := p.state.DB.UpdateAccount(
|
||||
ctx,
|
||||
account,
|
||||
"public_key_expires_at",
|
||||
); err != nil {
|
||||
errs.Appendf("db error updating account: %w", err)
|
||||
}
|
||||
}); err != nil {
|
||||
errs.Appendf("db error ranging through accounts: %w", err)
|
||||
}
|
||||
|
||||
return errs
|
||||
}
|
@@ -48,7 +48,7 @@ func (p *Processor) authenticate(ctx context.Context, requestedUsername string)
|
||||
|
||||
// Ensure request signed, and use signature URI to
|
||||
// get requesting account, dereferencing if necessary.
|
||||
requestingAccountURI, errWithCode := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
|
||||
pubKeyAuth, errWithCode := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
|
||||
if errWithCode != nil {
|
||||
return nil, nil, errWithCode
|
||||
}
|
||||
@@ -56,10 +56,10 @@ func (p *Processor) authenticate(ctx context.Context, requestedUsername string)
|
||||
requestingAccount, _, err := p.federator.GetAccountByURI(
|
||||
gtscontext.SetFastFail(ctx),
|
||||
requestedUsername,
|
||||
requestingAccountURI,
|
||||
pubKeyAuth.OwnerURI,
|
||||
)
|
||||
if err != nil {
|
||||
err = gtserror.Newf("error getting account %s: %w", requestingAccountURI, err)
|
||||
err = gtserror.Newf("error getting account %s: %w", pubKeyAuth.OwnerURI, err)
|
||||
return nil, nil, gtserror.NewErrorUnauthorized(err)
|
||||
}
|
||||
|
||||
|
@@ -66,7 +66,7 @@ func (p *Processor) UserGet(ctx context.Context, requestedUsername string, reque
|
||||
// If the request is not on a public key path, we want to
|
||||
// try to authenticate it before we serve any data, so that
|
||||
// we can serve a more complete profile.
|
||||
requestingAccountURI, errWithCode := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
|
||||
pubKeyAuth, errWithCode := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
|
||||
if errWithCode != nil {
|
||||
return nil, errWithCode // likely 401
|
||||
}
|
||||
@@ -89,7 +89,7 @@ func (p *Processor) UserGet(ctx context.Context, requestedUsername string, reque
|
||||
// Instead, we end up in an 'I'll show you mine if you show me
|
||||
// yours' situation, where we sort of agree to reveal each
|
||||
// other's profiles at the same time.
|
||||
if p.federator.Handshaking(requestedUsername, requestingAccountURI) {
|
||||
if p.federator.Handshaking(requestedUsername, pubKeyAuth.OwnerURI) {
|
||||
return data(person)
|
||||
}
|
||||
|
||||
@@ -98,10 +98,11 @@ func (p *Processor) UserGet(ctx context.Context, requestedUsername string, reque
|
||||
requestingAccount, _, err := p.federator.GetAccountByURI(
|
||||
// On a hot path so fail quickly.
|
||||
gtscontext.SetFastFail(ctx),
|
||||
requestedUsername, requestingAccountURI,
|
||||
requestedUsername,
|
||||
pubKeyAuth.OwnerURI,
|
||||
)
|
||||
if err != nil {
|
||||
err := gtserror.Newf("error getting account %s: %w", requestingAccountURI, err)
|
||||
err := gtserror.Newf("error getting account %s: %w", pubKeyAuth.OwnerURI, err)
|
||||
return nil, gtserror.NewErrorUnauthorized(err)
|
||||
}
|
||||
|
||||
|
Reference in New Issue
Block a user