mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-04-18 21:22:49 +00:00
77b0275572
- Set the right keyID and use the right signing keys for outgoing requests. - Verify the HTTP signature of all incoming requests, except for the server actor. - Caches keys of incoming requests for users and servers actors. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7035 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: famfo <famfo@famfo.xyz> Co-committed-by: famfo <famfo@famfo.xyz>
44 lines
1 KiB
Go
44 lines
1 KiB
Go
// Copyright 2025 The Forgejo Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package user
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"net/url"
|
|
|
|
"forgejo.org/models/db"
|
|
"forgejo.org/modules/setting"
|
|
"forgejo.org/modules/validation"
|
|
)
|
|
|
|
// APActorID returns the IRI to the api endpoint of the user
|
|
func (u *User) APActorID() string {
|
|
if u.IsAPServerActor() {
|
|
return fmt.Sprintf("%sapi/v1/activitypub/actor", setting.AppURL)
|
|
}
|
|
|
|
return fmt.Sprintf("%sapi/v1/activitypub/user-id/%s", setting.AppURL, url.PathEscape(fmt.Sprintf("%d", u.ID)))
|
|
}
|
|
|
|
// APActorKeyID returns the ID of the user's public key
|
|
func (u *User) APActorKeyID() string {
|
|
return u.APActorID() + "#main-key"
|
|
}
|
|
|
|
func GetUserByFederatedURI(ctx context.Context, federatedURI string) (*User, error) {
|
|
user := new(User)
|
|
has, err := db.GetEngine(ctx).Where("normalized_federated_uri=?", federatedURI).Get(user)
|
|
if err != nil {
|
|
return nil, err
|
|
} else if !has {
|
|
return nil, nil
|
|
}
|
|
|
|
if res, err := validation.IsValid(*user); !res {
|
|
return nil, err
|
|
}
|
|
|
|
return user, nil
|
|
}
|