@fedify/fedify
Version:
An ActivityPub server framework
121 lines (120 loc) • 3.94 kB
JavaScript
import "@js-temporal/polyfill";
import "urlpattern-polyfill";
globalThis.addEventListener = () => {};
import { n as version, t as name } from "./deno-DMg4SgCb.mjs";
import "./key-BAQuZEU1.mjs";
import { CryptographicKey, Object as Object$1, isActor } from "@fedify/vocab";
import { SpanKind, SpanStatusCode, trace } from "@opentelemetry/api";
import { getDocumentLoader } from "@fedify/vocab-runtime";
//#region src/sig/owner.ts
/**
* Checks if the actor of the given activity owns the specified key.
* @param activity The activity to check.
* @param key The public key to check.
* @param options Options for checking the key ownership.
* @returns Whether the actor is the owner of the key.
*/
async function doesActorOwnKey(activity, key, options) {
return await (options.tracerProvider ?? trace.getTracerProvider()).getTracer(name, version).startActiveSpan("activitypub.verify_key_ownership", {
kind: SpanKind.INTERNAL,
attributes: {
"activitypub.actor.id": activity.actorId?.href ?? "",
"activitypub.key.id": key.id?.href ?? ""
}
}, async (span) => {
try {
if (key.ownerId != null) {
const owns = key.ownerId.href === activity.actorId?.href;
span.setAttribute("activitypub.key_ownership.verified", owns);
span.setAttribute("activitypub.key_ownership.method", "owner_id");
return owns;
}
const actor = await activity.getActor(options);
if (actor == null || !isActor(actor)) {
span.setAttribute("activitypub.key_ownership.verified", false);
span.setAttribute("activitypub.key_ownership.method", "actor_fetch");
return false;
}
for (const publicKeyId of actor.publicKeyIds) if (key.id != null && publicKeyId.href === key.id.href) {
span.setAttribute("activitypub.key_ownership.verified", true);
span.setAttribute("activitypub.key_ownership.method", "actor_fetch");
return true;
}
span.setAttribute("activitypub.key_ownership.verified", false);
span.setAttribute("activitypub.key_ownership.method", "actor_fetch");
return false;
} catch (error) {
span.recordException(error);
span.setStatus({
code: SpanStatusCode.ERROR,
message: String(error)
});
throw error;
} finally {
span.end();
}
});
}
/**
* Gets the actor that owns the specified key. Returns `null` if the key has no
* known owner.
*
* @param keyId The ID of the key to check, or the key itself.
* @param options Options for getting the key owner.
* @returns The actor that owns the key, or `null` if the key has no known
* owner.
* @since 0.7.0
*/
async function getKeyOwner(keyId, options) {
const tracerProvider = options.tracerProvider ?? trace.getTracerProvider();
const documentLoader = options.documentLoader ?? getDocumentLoader();
const contextLoader = options.contextLoader ?? getDocumentLoader();
let object;
if (keyId instanceof CryptographicKey) {
object = keyId;
if (object.id == null) return null;
keyId = object.id;
} else {
let keyDoc;
try {
const { document } = await documentLoader(keyId.href);
keyDoc = document;
} catch (_) {
return null;
}
try {
object = await Object$1.fromJsonLd(keyDoc, {
documentLoader,
contextLoader,
tracerProvider
});
} catch (e) {
if (!(e instanceof TypeError)) throw e;
try {
object = await CryptographicKey.fromJsonLd(keyDoc, {
documentLoader,
contextLoader,
tracerProvider
});
} catch (e) {
if (e instanceof TypeError) return null;
throw e;
}
}
}
let owner = null;
if (object instanceof CryptographicKey) {
if (object.ownerId == null) return null;
owner = await object.getOwner({
documentLoader,
contextLoader,
tracerProvider
});
} else if (isActor(object)) owner = object;
else return null;
if (owner == null) return null;
for (const kid of owner.publicKeyIds) if (kid.href === keyId.href) return owner;
return null;
}
//#endregion
export { getKeyOwner as n, doesActorOwnKey as t };