191 lines
5.5 KiB
Go
191 lines
5.5 KiB
Go
// GoToSocial
|
|
// Copyright (C) GoToSocial Authors admin@gotosocial.org
|
|
// SPDX-License-Identifier: AGPL-3.0-or-later
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU Affero General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
package util
|
|
|
|
import (
|
|
"fmt"
|
|
"net/url"
|
|
"strings"
|
|
|
|
"github.com/superseriousbusiness/gotosocial/internal/regexes"
|
|
"github.com/superseriousbusiness/gotosocial/internal/uris"
|
|
)
|
|
|
|
// ExtractNamestringParts extracts the username test_user and
|
|
// the domain example.org from a string like @test_user@example.org.
|
|
//
|
|
// If nothing is matched, it will return an error.
|
|
func ExtractNamestringParts(namestring string) (username, host string, err error) {
|
|
matches := regexes.MentionName.FindStringSubmatch(namestring)
|
|
switch len(matches) {
|
|
case 2:
|
|
return matches[1], "", nil
|
|
case 3:
|
|
return matches[1], matches[2], nil
|
|
default:
|
|
return "", "", fmt.Errorf("couldn't match namestring %s", namestring)
|
|
}
|
|
}
|
|
|
|
// ExtractWebfingerParts returns the username and domain from the "subject"
|
|
// part of a webfinger response: either an account namestring or an actor URI.
|
|
//
|
|
// All AP implementations in the wild perform webfinger account resource
|
|
// queries with the "acct" scheme and without a leading "@"" on the username.
|
|
// This is also the format the "subject" in a webfinger response adheres to.
|
|
//
|
|
// Despite this fact, we're permissive about a single leading @. This makes
|
|
// a query for "acct:user@domain.tld" and "acct:@user@domain.tld" equivalent.
|
|
//
|
|
// We also permit a resource of "user@domain.tld" or "@user@domain.tld", without
|
|
// a scheme. In that case it gets interpreted as if it was using "acct:".
|
|
//
|
|
// Will error if parsing fails, or if the extracted username or domain are empty.
|
|
func ExtractWebfingerParts(subject string) (
|
|
string, // username
|
|
string, // domain
|
|
error,
|
|
) {
|
|
u, err := url.ParseRequestURI(subject)
|
|
if err != nil {
|
|
// Most likely reason for failing to parse is if
|
|
// the "acct" scheme was missing but a :port was
|
|
// included. So try an extra time with the scheme.
|
|
u, err = url.ParseRequestURI("acct:" + subject)
|
|
}
|
|
if err != nil {
|
|
return "", "", fmt.Errorf("failed to parse %s: %w", subject, err)
|
|
}
|
|
|
|
switch u.Scheme {
|
|
|
|
// Subject looks like
|
|
// "https://example.org/users/whatever"
|
|
// or "https://example.org/@whatever".
|
|
case "http", "https":
|
|
return partsFromURI(u)
|
|
|
|
// Subject looks like
|
|
// "acct:whatever@example.org"
|
|
// or "acct:@whatever@example.org".
|
|
case "acct":
|
|
// Pass string without "acct:" prefix.
|
|
return partsFromNamestring(u.Opaque)
|
|
|
|
// Subject was probably a relative URL.
|
|
// Fail since we need the domain.
|
|
case "":
|
|
return "", "", fmt.Errorf("no scheme for resource %s", subject)
|
|
}
|
|
|
|
return "", "", fmt.Errorf("unsupported scheme %s for resource %s", u.Scheme, subject)
|
|
}
|
|
|
|
// partsFromNamestring returns the username
|
|
// and host parts extracted from a passed-in actor
|
|
// namestring of the format "whatever@example.org".
|
|
//
|
|
// The function returns an error if username or
|
|
// host cannot be extracted.
|
|
func partsFromNamestring(namestring string) (
|
|
string, // username
|
|
string, // host
|
|
error,
|
|
) {
|
|
// Trim all leading "@" symbols,
|
|
// and then inject just one "@".
|
|
namestring = strings.TrimLeft(namestring, "@")
|
|
namestring = "@" + namestring
|
|
|
|
username, host, err := ExtractNamestringParts(namestring)
|
|
if err != nil {
|
|
return "", "", err
|
|
}
|
|
|
|
if username == "" {
|
|
err := fmt.Errorf("failed to extract username from: %s", namestring)
|
|
return "", "", err
|
|
}
|
|
|
|
if host == "" {
|
|
err := fmt.Errorf("failed to extract domain from: %s", namestring)
|
|
return "", "", err
|
|
}
|
|
|
|
return username, host, nil
|
|
}
|
|
|
|
// partsFromURI returns the username and host
|
|
// extracted from the passed in actor URI.
|
|
//
|
|
// The username will be extracted from one of
|
|
// the patterns "/@whatever" or "/users/whatever".
|
|
// These paths match the "aliases" and "links"
|
|
// we include in our own webfinger responses.
|
|
//
|
|
// This function tries to be permissive with
|
|
// regard to leading "@" symbols. Nevertheless,
|
|
// an error will be returned if username or host
|
|
// cannot be extracted.
|
|
func partsFromURI(uri *url.URL) (
|
|
string, // username
|
|
string, // host
|
|
error,
|
|
) {
|
|
host := uri.Host
|
|
if host == "" {
|
|
err := fmt.Errorf("failed to extract domain from: %s", uri)
|
|
return "", "", err
|
|
}
|
|
|
|
// Copy the URL, taking
|
|
// only the parts we need.
|
|
short := &url.URL{
|
|
Path: uri.Path,
|
|
}
|
|
|
|
// Try "/users/whatever".
|
|
username, err := uris.ParseUserPath(short)
|
|
if err == nil && username != "" {
|
|
return username, host, nil
|
|
}
|
|
|
|
// Try "/@whatever"
|
|
username, err = uris.ParseUserWebPath(short)
|
|
if err == nil && username != "" {
|
|
return username, host, nil
|
|
}
|
|
|
|
// Try some exotic fallbacks like
|
|
// "/users/@whatever", "/@@whatever", etc.
|
|
short.Path = strings.TrimLeft(short.Path, "/")
|
|
segs := strings.Split(short.Path, "/")
|
|
if segs[0] == "users" {
|
|
username = segs[1]
|
|
} else {
|
|
username = segs[0]
|
|
}
|
|
|
|
username = strings.TrimLeft(username, "@")
|
|
if username != "" {
|
|
return username, host, nil
|
|
}
|
|
|
|
return "", "", fmt.Errorf("failed to extract username from: %s", uri)
|
|
}
|