2016-11-15 17:56:29 +02:00
# frozen_string_literal: true
2018-01-22 15:25:09 +02:00
class ResolveAccountService < BaseService
2019-07-09 04:27:35 +03:00
include DomainControlHelper
2020-05-10 12:41:43 +03:00
include WebfingerHelper
2022-04-28 18:47:34 +03:00
include Redisable
2022-05-13 01:02:35 +03:00
include Lockable
2019-07-09 04:27:35 +03:00
# Find or create an account record for a remote user. When creating,
# look up the user's webfinger and fetch ActivityPub data
# @param [String, Account] uri URI in the username@domain format or account record
2018-11-08 22:05:42 +02:00
# @param [Hash] options
2019-07-09 04:27:35 +03:00
# @option options [Boolean] :redirected Do not follow further Webfinger redirects
2021-02-24 07:32:13 +02:00
# @option options [Boolean] :skip_webfinger Do not attempt any webfinger query or refreshing account data
2022-10-29 02:31:45 +03:00
# @option options [Boolean] :skip_cache Get the latest data from origin even if cache is not due to update yet
2022-09-21 00:30:26 +03:00
# @option options [Boolean] :suppress_errors When failing, return nil instead of raising an error
2016-02-24 13:57:29 +02:00
# @return [Account]
2018-11-08 22:05:42 +02:00
def call ( uri , options = { } )
2019-07-09 04:27:35 +03:00
return if uri . blank?
process_options! ( uri , options )
# First of all we want to check if we've got the account
# record with the URI already, and if so, we can exit early
return if domain_not_allowed? ( @domain )
@account || = Account . find_remote ( @username , @domain )
2020-10-08 01:34:57 +03:00
return @account if @account & . local? || @domain . nil? || ! webfinger_update_due?
2019-07-09 04:27:35 +03:00
# At this point we are in need of a Webfinger query, which may
# yield us a different username/domain through a redirect
2019-07-10 18:10:12 +03:00
process_webfinger! ( @uri )
2020-11-19 20:52:06 +02:00
@domain = nil if TagManager . instance . local_domain? ( @domain )
2019-07-09 04:27:35 +03:00
# Because the username/domain pair may be different than what
# we already checked, we need to check if we've already got
# the record with that URI, again
return if domain_not_allowed? ( @domain )
@account || = Account . find_remote ( @username , @domain )
2020-11-08 01:28:39 +02:00
if gone_from_origin? && not_yet_deleted?
queue_deletion!
return
end
return @account if @account & . local? || gone_from_origin? || ! webfinger_update_due?
2019-07-09 04:27:35 +03:00
# Now it is certain, it is definitely a remote account, and it
# either needs to be created, or updated from fresh data
2020-12-19 00:26:26 +02:00
fetch_account!
2022-09-21 00:30:26 +03:00
rescue Webfinger :: Error = > e
2023-02-07 04:44:36 +02:00
Rails . logger . debug { " Webfinger query for #{ @uri } failed: #{ e } " }
2022-09-21 00:30:26 +03:00
raise unless @options [ :suppress_errors ]
2019-07-09 04:27:35 +03:00
end
private
def process_options! ( uri , options )
2022-09-21 00:30:26 +03:00
@options = { suppress_errors : true } . merge ( options )
2016-03-21 19:26:47 +02:00
2018-11-08 22:05:42 +02:00
if uri . is_a? ( Account )
@account = uri
@username = @account . username
@domain = @account . domain
else
2022-05-02 02:00:08 +03:00
@username , @domain = uri . strip . gsub ( / \ A@ / , '' ) . split ( '@' )
2018-11-08 22:05:42 +02:00
end
2016-09-20 01:39:03 +03:00
2023-02-19 00:09:40 +02:00
@domain = if TagManager . instance . local_domain? ( @domain )
nil
else
TagManager . instance . normalize_domain ( @domain )
end
2019-08-07 22:14:08 +03:00
@uri = [ @username , @domain ] . compact . join ( '@' )
2019-07-09 04:27:35 +03:00
end
2016-02-20 23:53:20 +02:00
2020-11-19 20:52:06 +02:00
def process_webfinger! ( uri )
2020-05-10 12:41:43 +03:00
@webfinger = webfinger! ( " acct: #{ uri } " )
2020-11-19 20:52:06 +02:00
confirmed_username , confirmed_domain = split_acct ( @webfinger . subject )
2016-11-03 17:57:44 +02:00
2017-07-19 15:44:04 +03:00
if confirmed_username . casecmp ( @username ) . zero? && confirmed_domain . casecmp ( @domain ) . zero?
@username = confirmed_username
@domain = confirmed_domain
2020-11-19 20:52:06 +02:00
return
2017-04-19 18:28:35 +03:00
end
2020-11-19 20:52:06 +02:00
# Account doesn't match, so it may have been redirected
@webfinger = webfinger! ( " acct: #{ confirmed_username } @ #{ confirmed_domain } " )
@username , @domain = split_acct ( @webfinger . subject )
2023-02-18 13:37:47 +02:00
raise Webfinger :: RedirectError , " Too many webfinger redirects for URI #{ uri } (stopped at #{ @username } @ #{ @domain } ) " unless confirmed_username . casecmp ( @username ) . zero? && confirmed_domain . casecmp ( @domain ) . zero?
2020-11-08 01:28:39 +02:00
rescue Webfinger :: GoneError
@gone = true
2019-07-09 04:27:35 +03:00
end
2020-11-19 20:52:06 +02:00
def split_acct ( acct )
2023-11-28 20:37:54 +02:00
acct . delete_prefix ( 'acct:' ) . split ( '@' ) . tap do | parts |
raise Webfinger :: Error , 'Webfinger response is missing user or host value' unless parts . size == 2
end
2020-11-19 20:52:06 +02:00
end
2020-12-19 00:26:26 +02:00
def fetch_account!
2019-07-07 00:26:16 +03:00
return unless activitypub_ready?
2016-11-03 17:57:44 +02:00
2023-05-02 19:16:07 +03:00
with_redis_lock ( " resolve: #{ @username } @ #{ @domain } " ) do
2022-09-21 00:30:26 +03:00
@account = ActivityPub :: FetchRemoteAccountService . new . call ( actor_url , suppress_errors : @options [ :suppress_errors ] )
2017-04-15 04:16:05 +03:00
end
2016-11-03 17:57:44 +02:00
2017-07-19 15:44:04 +03:00
@account
end
2017-01-23 18:38:38 +02:00
2017-07-19 15:44:04 +03:00
def webfinger_update_due?
2020-06-09 11:26:58 +03:00
return false if @options [ :check_delivery_availability ] && ! DeliveryFailureTracker . available? ( @domain )
2021-02-24 07:32:13 +02:00
return false if @options [ :skip_webfinger ]
2020-06-09 11:26:58 +03:00
2022-10-29 02:31:45 +03:00
@options [ :skip_cache ] || @account . nil? || @account . possibly_stale?
2017-07-19 15:44:04 +03:00
end
2016-02-22 19:10:30 +02:00
2017-08-08 22:52:15 +03:00
def activitypub_ready?
2020-10-08 01:34:57 +03:00
[ 'application/activity+json' , 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ] . include? ( @webfinger . link ( 'self' , 'type' ) )
2017-08-08 22:52:15 +03:00
end
def actor_url
2020-10-08 01:34:57 +03:00
@actor_url || = @webfinger . link ( 'self' , 'href' )
2017-08-08 22:52:15 +03:00
end
2020-11-08 01:28:39 +02:00
def gone_from_origin?
@gone
end
def not_yet_deleted?
@account . present? && ! @account . local?
end
def queue_deletion!
2021-08-20 09:40:33 +03:00
@account . suspend! ( origin : :remote )
2022-01-28 01:43:56 +02:00
AccountDeletionWorker . perform_async ( @account . id , { 'reserve_username' = > false , 'skip_activitypub' = > true } )
2020-11-08 01:28:39 +02:00
end
2016-02-20 23:53:20 +02:00
end