http_signatures: only compute request-target aliases when needed

Activity db queries are not cached
and most request will not actually need these aliases

lib/pleroma/web/plugs/http_signature_plug.ex

@@ -29,14 +29,19 @@ def call(conn, _opts) do
     end
   end
 
-  def route_aliases(%{path_info: ["objects", id], query_string: query_string}) do
+  def route_aliases(%{path_info: ["objects", id], query_string: query_string, method: method}) do
     ap_id = url(~p[/objects/#{id}])
+    method = String.downcase(method)
 
-    with %Activity{} = activity <- Activity.get_by_object_ap_id_with_object(ap_id) do
-      [~p"/notice/#{activity.id}", "/notice/#{activity.id}?#{query_string}"]
-    else
-      _ -> []
-    end
+    [
+      fn ->
+        with %Activity{} = activity <- Activity.get_by_object_ap_id_with_object(ap_id) do
+          ["#{method} /notice/#{activity.id}", "#{method} /notice/#{activity.id}?#{query_string}"]
+        else
+          _ -> []
+        end
+      end
+    ]
   end
 
   def route_aliases(_), do: []
@@ -115,9 +120,13 @@ defp maybe_assign_valid_signature(conn) do
     if has_signature_header?(conn) do
       # set (request-target) header to the appropriate value
       # we also replace the digest header with the one we computed
+      method = String.downcase(conn.method)
+
       request_targets =
-        [conn.request_path, conn.request_path <> "?#{conn.query_string}" | route_aliases(conn)]
-        |> Enum.map(fn path -> String.downcase("#{conn.method}") <> " #{path}" end)
+        [
+          "#{method} " <> conn.request_path,
+          "#{method} " <> conn.request_path <> "?#{conn.query_string}" | route_aliases(conn)
+        ]
 
       conn =
         case conn do

mix.exs

@@ -162,7 +162,7 @@ defp deps do
       {:linkify, "~> 0.5.3"},
       {:http_signatures,
        git: "https://akkoma.dev/Oneric/http_signatures.git",
-       ref: "cbdd21b2f0eb04f3641bc6d6eb2b5e1a2a17dd84"},
+       ref: "750f817fda9986bfc1e96b7d828b9a98950d60d9"},
       {:telemetry, "~> 1.2"},
       {:telemetry_poller, "~> 1.0"},
       {:telemetry_metrics, "~> 0.6"},

mix.lock

@@ -58,7 +58,7 @@
   "hackney": {:hex, :hackney, "1.22.0", "4efc68df70322d4d2e3d2744e9bd191a39a0cb8d08c35379a08d9fb0f040d595", [:rebar3], [{:certifi, "~> 2.14.0", [hex: :certifi, repo: "hexpm", optional: false]}, {:idna, "~> 6.1.0", [hex: :idna, repo: "hexpm", optional: false]}, {:metrics, "~> 1.0.0", [hex: :metrics, repo: "hexpm", optional: false]}, {:mimerl, "~> 1.1", [hex: :mimerl, repo: "hexpm", optional: false]}, {:parse_trans, "3.4.1", [hex: :parse_trans, repo: "hexpm", optional: false]}, {:ssl_verify_fun, "~> 1.1.0", [hex: :ssl_verify_fun, repo: "hexpm", optional: false]}, {:unicode_util_compat, "~> 0.7.0", [hex: :unicode_util_compat, repo: "hexpm", optional: false]}], "hexpm", "628569e451820950382be3d3e6481d7c59997e606c7823bddb4ce5d10812dfcb"},
   "hpax": {:hex, :hpax, "0.1.2", "09a75600d9d8bbd064cdd741f21fc06fc1f4cf3d0fcc335e5aa19be1a7235c84", [:mix], [], "hexpm", "2c87843d5a23f5f16748ebe77969880e29809580efdaccd615cd3bed628a8c13"},
   "html_entities": {:hex, :html_entities, "0.5.2", "9e47e70598da7de2a9ff6af8758399251db6dbb7eebe2b013f2bbd2515895c3c", [:mix], [], "hexpm", "c53ba390403485615623b9531e97696f076ed415e8d8058b1dbaa28181f4fdcc"},
-  "http_signatures": {:git, "https://akkoma.dev/Oneric/http_signatures.git", "cbdd21b2f0eb04f3641bc6d6eb2b5e1a2a17dd84", [ref: "cbdd21b2f0eb04f3641bc6d6eb2b5e1a2a17dd84"]},
+  "http_signatures": {:git, "https://akkoma.dev/Oneric/http_signatures.git", "750f817fda9986bfc1e96b7d828b9a98950d60d9", [ref: "750f817fda9986bfc1e96b7d828b9a98950d60d9"]},
   "httpoison": {:hex, :httpoison, "1.8.2", "9eb9c63ae289296a544842ef816a85d881d4a31f518a0fec089aaa744beae290", [:mix], [{:hackney, "~> 1.17", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm", "2bb350d26972e30c96e2ca74a1aaf8293d61d0742ff17f01e0279fef11599921"},
   "idna": {:hex, :idna, "6.1.1", "8a63070e9f7d0c62eb9d9fcb360a7de382448200fbbd1b106cc96d3d8099df8d", [:rebar3], [{:unicode_util_compat, "~> 0.7.0", [hex: :unicode_util_compat, repo: "hexpm", optional: false]}], "hexpm", "92376eb7894412ed19ac475e4a86f7b413c1b9fbb5bd16dccd57934157944cea"},
   "igniter": {:hex, :igniter, "0.5.27", "7c633dd99150e9cad68285ec8ad7e15833ff0c72d46774ed3be7728c661ec4cb", [:mix], [{:glob_ex, "~> 0.1.7", [hex: :glob_ex, repo: "hexpm", optional: false]}, {:inflex, "~> 2.0", [hex: :inflex, repo: "hexpm", optional: false]}, {:jason, "~> 1.4", [hex: :jason, repo: "hexpm", optional: false]}, {:owl, "~> 0.11", [hex: :owl, repo: "hexpm", optional: false]}, {:phx_new, "~> 1.7", [hex: :phx_new, repo: "hexpm", optional: true]}, {:req, "~> 0.5", [hex: :req, repo: "hexpm", optional: false]}, {:rewrite, ">= 1.1.1 and < 2.0.0-0", [hex: :rewrite, repo: "hexpm", optional: false]}, {:sourceror, "~> 1.4", [hex: :sourceror, repo: "hexpm", optional: false]}, {:spitfire, ">= 0.1.3 and < 1.0.0-0", [hex: :spitfire, repo: "hexpm", optional: false]}], "hexpm", "3042a71d4466e9c9b98a23d182eb02014a1c4802a35de0fa8233263d27c99550"},

test/pleroma/web/plugs/http_signature_plug_test.exs

@@ -116,8 +116,23 @@ test "aliases redirected /object endpoints", _ do
     path = URI.parse(obj.data["id"]).path
     conn = build_conn(:get, path, params)
 
-    assert ["/notice/#{act.id}", "/notice/#{act.id}?actor=someparam"] ==
-             HTTPSignaturePlug.route_aliases(conn)
+    aliases =
+      HTTPSignaturePlug.route_aliases(conn)
+      |> Enum.reduce([], fn
+        x, acc when is_binary(x) ->
+          acc ++ [x]
+
+        f, acc when is_function(f) ->
+          add =
+            case f.() do
+              a when is_binary(a) -> [a]
+              a -> a
+            end
+
+          acc ++ add
+      end)
+
+    assert ["get /notice/#{act.id}", "get /notice/#{act.id}?actor=someparam"] == aliases
   end
 
   test "fakes success on gone key when receiving Delete" do