diff --git a/src/queue/processors/inbox.ts b/src/queue/processors/inbox.ts index 481bcbb1c..35b0ce538 100644 --- a/src/queue/processors/inbox.ts +++ b/src/queue/processors/inbox.ts @@ -13,6 +13,7 @@ import { instanceChart } from '../../services/chart'; import { UserPublickey } from '../../models/entities/user-publickey'; import fetchMeta from '../../misc/fetch-meta'; import { toPuny } from '../../misc/convert-host'; +import { validActor } from '../../remote/activitypub/type'; const logger = new Logger('inbox'); @@ -93,7 +94,7 @@ export default async (job: Bull.Job): Promise => { // Update Person activityの場合は、ここで署名検証/更新処理まで実施して終了 if (activity.type === 'Update') { - if (activity.object && activity.object.type === 'Person') { + if (activity.object && validActor.includes(activity.object.type)) { if (user == null) { logger.warn('Update activity received, but user not registed.'); } else if (!httpSignature.verifySignature(signature, key.keyPem)) { diff --git a/src/remote/activitypub/models/person.ts b/src/remote/activitypub/models/person.ts index e13ef21eb..b2edf3973 100644 --- a/src/remote/activitypub/models/person.ts +++ b/src/remote/activitypub/models/person.ts @@ -24,6 +24,7 @@ import { UserPublickey } from '../../../models/entities/user-publickey'; import { isDuplicateKeyValueError } from '../../../misc/is-duplicate-key-value-error'; import { toPuny } from '../../../misc/convert-host'; import { UserProfile } from '../../../models/entities/user-profile'; +import { validActor } from '../../../remote/activitypub/type'; const logger = apLogger; /** @@ -38,7 +39,7 @@ function validatePerson(x: any, uri: string) { return new Error('invalid person: object is null'); } - if (x.type != 'Person' && x.type != 'Service') { + if (!validActor.includes(x.type)) { return new Error(`invalid person: object is not a person or service '${x.type}'`); } diff --git a/src/remote/activitypub/type.ts b/src/remote/activitypub/type.ts index c381e6350..7e81a7cc4 100644 --- a/src/remote/activitypub/type.ts +++ b/src/remote/activitypub/type.ts @@ -65,6 +65,8 @@ interface IQuestionChoice { _misskey_votes?: number; } +export const validActor = ['Person', 'Service']; + export interface IPerson extends IObject { type: 'Person'; name: string; diff --git a/src/server/api/endpoints/ap/show.ts b/src/server/api/endpoints/ap/show.ts index 7378e3edc..35c5dd318 100644 --- a/src/server/api/endpoints/ap/show.ts +++ b/src/server/api/endpoints/ap/show.ts @@ -10,6 +10,7 @@ import { Users, Notes } from '../../../../models'; import { Note } from '../../../../models/entities/note'; import { User } from '../../../../models/entities/user'; import fetchMeta from '../../../../misc/fetch-meta'; +import { validActor } from '../../../../remote/activitypub/type'; export const meta = { tags: ['federation'], @@ -110,7 +111,7 @@ async function fetchAny(uri: string) { } // それでもみつからなければ新規であるため登録 - if (object.type === 'Person') { + if (validActor.includes(object.type)) { const user = await createPerson(object.id); return { type: 'User',