Don't sign fetch when fetching actor for a given signature

Otherwise it's doing a loop Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-11-16 15:46:23 +01:00
parent 88067bd217
commit 84bd1ccfad
3 changed files with 9 additions and 7 deletions
--- a/lib/federation/activity_pub/fetcher.ex
+++ b/lib/federation/activity_pub/fetcher.ex
@@ -13,7 +13,7 @@ defmodule Mobilizon.Federation.ActivityPub.Fetcher do
  alias Mobilizon.Service.HTTP.ActivityPub, as: ActivityPubClient

  import Mobilizon.Federation.ActivityPub.Utils,
-    only: [maybe_date_fetch: 2, sign_fetch: 4, origin_check?: 2]
+    only: [maybe_date_fetch: 2, sign_fetch: 5, origin_check?: 2]

  import Mobilizon.Service.Guards, only: [is_valid_string: 1]

@@ -28,7 +28,7 @@ defmodule Mobilizon.Federation.ActivityPub.Fetcher do
    headers =
      [{:Accept, "application/activity+json"}]
      |> maybe_date_fetch(date)
-      |> sign_fetch(on_behalf_of, url, date)
+      |> sign_fetch(on_behalf_of, url, date, options)

    client = ActivityPubClient.client(headers: headers)

--- a/lib/federation/activity_pub/utils.ex
+++ b/lib/federation/activity_pub/utils.ex
@@ -650,9 +650,10 @@ defmodule Mobilizon.Federation.ActivityPub.Utils do
  @doc """
  Sign a request with an actor.
  """
-  @spec sign_fetch(Enum.t(), Actor.t(), String.t(), String.t()) :: Enum.t()
-  def sign_fetch(headers, actor, id, date) do
-    if Mobilizon.Config.get([:activitypub, :sign_object_fetches]) do
+  @spec sign_fetch(Enum.t(), Actor.t(), String.t(), String.t(), Keyword.t()) :: Enum.t()
+  def sign_fetch(headers, actor, id, date, options \\ []) do
+    if Mobilizon.Config.get([:activitypub, :sign_object_fetches]) and
+         Keyword.get(options, :ignore_sign_object_fetches, false) == false do
      headers ++ make_signature(actor, id, date)
    else
      headers