sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #53109 from TechnicalSuwako/master 

fix(settings): change Mastodon only URI to webfinger
pull/53845/head
Stephan Orbaugh 2025-07-07 12:02:11 +07:00 committed by GitHub
parent 77939fad04 e489713197
commit 4dcb282a47
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 49 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
AUTHORS
Unescape Escape View File

@ -620,6 +620,7 @@
- szaimen <szaimen@e.mail.de> - szaimen <szaimen@e.mail.de>
- tbartenstein <tbartenstein@users.noreply.github.com> - tbartenstein <tbartenstein@users.noreply.github.com>
- tbelau666 <thomas.belau@gmx.de> - tbelau666 <thomas.belau@gmx.de>
- TechnicalSuwako <suwako@076.moe>
- tgrant <tom.grant760@gmail.com> - tgrant <tom.grant760@gmail.com>
- timm2k <timm2k@gmx.de> - timm2k <timm2k@gmx.de>
- tux-rampage <tux-rampage@users.noreply.github.com> - tux-rampage <tux-rampage@users.noreply.github.com>

21
lib/private/Accounts/AccountManager.php
Unescape Escape View File

@ -734,7 +734,7 @@ class AccountManager implements IAccountManager {
try { try {
// try the public account lookup API of mastodon // try the public account lookup API of mastodon
$response = $client->get("https://{$instance}/api/v1/accounts/lookup?acct={$username}@{$instance}"); $response = $client->get("https://{$instance}/.well-known/webfinger?resource=acct:{$username}@{$instance}");
// should be a json response with account information // should be a json response with account information
$data = $response->getBody(); $data = $response->getBody();
if (is_resource($data)) { if (is_resource($data)) {
@ -743,9 +743,26 @@ class AccountManager implements IAccountManager {
$decoded = json_decode($data, true); $decoded = json_decode($data, true);
// ensure the username is the same the user passed // ensure the username is the same the user passed
// in this case we can assume this is a valid fediverse server and account // in this case we can assume this is a valid fediverse server and account
if (!is_array($decoded) || ($decoded['username'] ?? '') !== $username) { if (!is_array($decoded) || ($decoded['subject'] ?? '') !== "acct:{$username}@{$instance}") {
throw new InvalidArgumentException(); throw new InvalidArgumentException();
} }
// check for activitypub link
if (is_array($decoded['links']) && isset($decoded['links'])) {
$found = false;
foreach ($decoded['links'] as $link) {
// have application/activity+json or application/ld+json
if (isset($link['type']) && (
$link['type'] === 'application/activity+json' ||
$link['type'] === 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'
)) {
$found = true;
break;
}
}
if (!$found) {
throw new InvalidArgumentException();
}
}
} catch (InvalidArgumentException) { } catch (InvalidArgumentException) {
throw new InvalidArgumentException(self::PROPERTY_FEDIVERSE); throw new InvalidArgumentException(self::PROPERTY_FEDIVERSE);
} catch (\Exception $error) { } catch (\Exception $error) {

35
tests/lib/Accounts/AccountManagerTest.php
Unescape Escape View File

@ -786,20 +786,41 @@ class AccountManagerTest extends TestCase {
'@foo@example.com', '@foo@example.com',
'foo@example.com', 'foo@example.com',
true, true,
json_encode(['username' => 'foo']), json_encode([
'subject' => 'acct:foo@example.com',
'links' => [
[
'rel' => 'self',
'type' => 'application/activity+json',
'href' => 'https://example.com/users/foo',
],
],
]),
], ],
'valid response - no at' => [ 'valid response - no at' => [
'foo@example.com', 'foo@example.com',
'foo@example.com', 'foo@example.com',
true, true,
json_encode(['username' => 'foo']), json_encode([
'subject' => 'acct:foo@example.com',
'links' => [
[
'rel' => 'self',
'type' => 'application/activity+json',
'href' => 'https://example.com/users/foo',
],
],
]),
], ],
// failures // failures
'invalid response' => [ 'invalid response' => [
'@foo@example.com', '@foo@example.com',
null, null,
true, true,
json_encode(['not found']), json_encode([
'subject' => 'acct:foo@example.com',
'links' => [],
]),
], ],
'no response' => [ 'no response' => [
'@foo@example.com', '@foo@example.com',
@ -811,7 +832,9 @@ class AccountManagerTest extends TestCase {
'@foo@example.com', '@foo@example.com',
null, null,
true, true,
json_encode(['username' => 'foo@other.example.com']), json_encode([
'links' => [],
]),
], ],
]; ];
} }
@ -831,12 +854,12 @@ class AccountManagerTest extends TestCase {
->willReturn($serverResponse); ->willReturn($serverResponse);
$client->expects(self::once()) $client->expects(self::once())
->method('get') ->method('get')
->with('https://example.com/api/v1/accounts/lookup?acct=foo@example.com') ->with('https://example.com/.well-known/webfinger?resource=acct:foo@example.com')
->willReturn($response); ->willReturn($response);
} else { } else {
$client->expects(self::once()) $client->expects(self::once())
->method('get') ->method('get')
->with('https://example.com/api/v1/accounts/lookup?acct=foo@example.com') ->with('https://example.com/.well-known/webfinger?resource=acct:foo@example.com')
->willThrowException(new \Exception('404')); ->willThrowException(new \Exception('404'));
} }