user.go (3453B)
1 // GoToSocial 2 // Copyright (C) GoToSocial Authors admin@gotosocial.org 3 // SPDX-License-Identifier: AGPL-3.0-or-later 4 // 5 // This program is free software: you can redistribute it and/or modify 6 // it under the terms of the GNU Affero General Public License as published by 7 // the Free Software Foundation, either version 3 of the License, or 8 // (at your option) any later version. 9 // 10 // This program is distributed in the hope that it will be useful, 11 // but WITHOUT ANY WARRANTY; without even the implied warranty of 12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 // GNU Affero General Public License for more details. 14 // 15 // You should have received a copy of the GNU Affero General Public License 16 // along with this program. If not, see <http://www.gnu.org/licenses/>. 17 18 package fedi 19 20 import ( 21 "context" 22 "fmt" 23 "net/url" 24 25 "github.com/superseriousbusiness/activity/streams/vocab" 26 "github.com/superseriousbusiness/gotosocial/internal/ap" 27 "github.com/superseriousbusiness/gotosocial/internal/gtscontext" 28 "github.com/superseriousbusiness/gotosocial/internal/gtserror" 29 "github.com/superseriousbusiness/gotosocial/internal/uris" 30 ) 31 32 // UserGet handles the getting of a fedi/activitypub representation of a user/account, performing appropriate authentication 33 // before returning a JSON serializable interface to the caller. 34 func (p *Processor) UserGet(ctx context.Context, requestedUsername string, requestURL *url.URL) (interface{}, gtserror.WithCode) { 35 // Get the instance-local account the request is referring to. 36 requestedAccount, err := p.state.DB.GetAccountByUsernameDomain(ctx, requestedUsername, "") 37 if err != nil { 38 return nil, gtserror.NewErrorNotFound(fmt.Errorf("database error getting account with username %s: %s", requestedUsername, err)) 39 } 40 41 var requestedPerson vocab.ActivityStreamsPerson 42 43 if uris.IsPublicKeyPath(requestURL) { 44 // if it's a public key path, we don't need to authenticate but we'll only serve the bare minimum user profile needed for the public key 45 requestedPerson, err = p.tc.AccountToASMinimal(ctx, requestedAccount) 46 if err != nil { 47 return nil, gtserror.NewErrorInternalError(err) 48 } 49 } else { 50 // if it's any other path, we want to fully authenticate the request before we serve any data, and then we can serve a more complete profile 51 requestingAccountURI, errWithCode := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername) 52 if errWithCode != nil { 53 return nil, errWithCode 54 } 55 56 // if we're not already handshaking/dereferencing a remote account, dereference it now 57 if !p.federator.Handshaking(requestedUsername, requestingAccountURI) { 58 requestingAccount, _, err := p.federator.GetAccountByURI(gtscontext.SetFastFail(ctx), requestedUsername, requestingAccountURI) 59 if err != nil { 60 return nil, gtserror.NewErrorUnauthorized(err) 61 } 62 63 blocked, err := p.state.DB.IsEitherBlocked(ctx, requestedAccount.ID, requestingAccount.ID) 64 if err != nil { 65 return nil, gtserror.NewErrorInternalError(err) 66 } 67 68 if blocked { 69 return nil, gtserror.NewErrorUnauthorized(fmt.Errorf("block exists between accounts %s and %s", requestedAccount.ID, requestingAccount.ID)) 70 } 71 } 72 73 requestedPerson, err = p.tc.AccountToAS(ctx, requestedAccount) 74 if err != nil { 75 return nil, gtserror.NewErrorInternalError(err) 76 } 77 } 78 79 data, err := ap.Serialize(requestedPerson) 80 if err != nil { 81 return nil, gtserror.NewErrorInternalError(err) 82 } 83 84 return data, nil 85 }