fix(activitypub-base): lookup_actor fetches WebFinger via HTTPS directly
Some checks failed
lint / lint (push) Has been cancelled
test / unit (push) Has been cancelled
test / integration (push) Has been cancelled
lint / lint (pull_request) Failing after 9m40s
test / unit (pull_request) Successful in 16m33s
test / integration (pull_request) Failing after 17m33s
Some checks failed
lint / lint (push) Has been cancelled
test / unit (push) Has been cancelled
test / integration (push) Has been cancelled
lint / lint (pull_request) Failing after 9m40s
test / unit (pull_request) Successful in 16m33s
test / integration (pull_request) Failing after 17m33s
This commit is contained in:
@@ -1336,13 +1336,52 @@ impl domain::ports::FederationActionPort for ActivityPubService {
|
|||||||
&self,
|
&self,
|
||||||
handle: &str,
|
handle: &str,
|
||||||
) -> Result<domain::models::remote_actor::RemoteActor, domain::errors::DomainError> {
|
) -> Result<domain::models::remote_actor::RemoteActor, domain::errors::DomainError> {
|
||||||
let data = self.federation_config.to_request_data();
|
use activitypub_federation::fetch::object_id::ObjectId;
|
||||||
|
|
||||||
let normalized = handle.trim_start_matches('@');
|
let normalized = handle.trim_start_matches('@');
|
||||||
let actor: crate::actors::DbActor = webfinger_resolve_actor(normalized, &data)
|
let at = normalized.rfind('@').ok_or_else(|| {
|
||||||
|
domain::errors::DomainError::InvalidInput("handle must be user@domain".into())
|
||||||
|
})?;
|
||||||
|
let (user, domain_str) = (&normalized[..at], &normalized[at + 1..]);
|
||||||
|
|
||||||
|
// Fetch WebFinger over HTTPS directly — the library's webfinger_resolve_actor
|
||||||
|
// tries HTTP first in debug mode, which fails on servers without HTTP→HTTPS redirect.
|
||||||
|
let wf_url = format!(
|
||||||
|
"https://{}/.well-known/webfinger?resource=acct:{}@{}",
|
||||||
|
domain_str, user, domain_str
|
||||||
|
);
|
||||||
|
let wf: serde_json::Value = reqwest::Client::new()
|
||||||
|
.get(&wf_url)
|
||||||
|
.header("Accept", "application/jrd+json, application/json")
|
||||||
|
.send()
|
||||||
|
.await
|
||||||
|
.map_err(|e| domain::errors::DomainError::ExternalService(e.to_string()))?
|
||||||
|
.json()
|
||||||
|
.await
|
||||||
|
.map_err(|e| domain::errors::DomainError::ExternalService(e.to_string()))?;
|
||||||
|
|
||||||
|
let self_href = wf["links"]
|
||||||
|
.as_array()
|
||||||
|
.and_then(|links| {
|
||||||
|
links.iter().find(|l| {
|
||||||
|
l["rel"].as_str() == Some("self")
|
||||||
|
&& l["type"].as_str() == Some("application/activity+json")
|
||||||
|
})
|
||||||
|
})
|
||||||
|
.and_then(|l| l["href"].as_str())
|
||||||
|
.ok_or(domain::errors::DomainError::NotFound)?;
|
||||||
|
|
||||||
|
let self_url = url::Url::parse(self_href)
|
||||||
|
.map_err(|e| domain::errors::DomainError::ExternalService(e.to_string()))?;
|
||||||
|
|
||||||
|
let data = self.federation_config.to_request_data();
|
||||||
|
let actor: crate::actors::DbActor = ObjectId::from(self_url)
|
||||||
|
.dereference(&data)
|
||||||
.await
|
.await
|
||||||
.map_err(|e: crate::error::Error| {
|
.map_err(|e: crate::error::Error| {
|
||||||
domain::errors::DomainError::ExternalService(e.to_string())
|
domain::errors::DomainError::ExternalService(e.to_string())
|
||||||
})?;
|
})?;
|
||||||
|
|
||||||
Ok(domain::models::remote_actor::RemoteActor {
|
Ok(domain::models::remote_actor::RemoteActor {
|
||||||
url: actor.ap_id.to_string(),
|
url: actor.ap_id.to_string(),
|
||||||
handle: actor.username.clone(),
|
handle: actor.username.clone(),
|
||||||
|
|||||||
Reference in New Issue
Block a user