Improve error reporting and logging when processing remote accounts (#15605)
* Add a more descriptive PrivateNetworkAddressError exception class * Remove unnecessary exception class to rescue clause * Remove unnecessary include to JsonLdHelper * Give more neutral error message when too many webfinger redirects * Remove unnecessary guard condition * Rework how “ActivityPub::FetchRemoteAccountService” handles errors Add “suppress_errors” keyword argument to avoid raising errors in ActivityPub::FetchRemoteAccountService#call (default/previous behavior). * Rework how “ActivityPub::FetchRemoteKeyService” handles errors Add “suppress_errors” keyword argument to avoid raising errors in ActivityPub::FetchRemoteKeyService#call (default/previous behavior). * Fix Webfinger::RedirectError not being a subclass of Webfinger::Error * Add suppress_errors option to ResolveAccountService Defaults to true (to preserve previous behavior). If set to false, errors will be raised instead of caught, allowing the caller to be informed of what went wrong. * Return more precise error when failing to fetch account signing AP payloads * Add tests * Fixes * Refactor error handling a bit * Fix various issues * Add specific error when provided Digest is not 256 bits of base64-encoded data * Please CodeClimate * Improve webfinger error reporting
This commit is contained in:
Claire
GitHub
parent
14c7c9e40e
commit
1145dbd327
10 changed files with 158 additions and 47 deletions
|
|
@ -1,7 +1,6 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class ResolveAccountService < BaseService
|
||||
include JsonLdHelper
|
||||
include DomainControlHelper
|
||||
include WebfingerHelper
|
||||
include Redisable
|
||||
|
|
@ -13,6 +12,7 @@ class ResolveAccountService < BaseService
|
|||
# @param [Hash] options
|
||||
# @option options [Boolean] :redirected Do not follow further Webfinger redirects
|
||||
# @option options [Boolean] :skip_webfinger Do not attempt any webfinger query or refreshing account data
|
||||
# @option options [Boolean] :suppress_errors When failing, return nil instead of raising an error
|
||||
# @return [Account]
|
||||
def call(uri, options = {})
|
||||
return if uri.blank?
|
||||
|
|
@ -52,15 +52,15 @@ class ResolveAccountService < BaseService
|
|||
# either needs to be created, or updated from fresh data
|
||||
|
||||
fetch_account!
|
||||
rescue Webfinger::Error, Oj::ParseError => e
|
||||
rescue Webfinger::Error => e
|
||||
Rails.logger.debug "Webfinger query for #{@uri} failed: #{e}"
|
||||
nil
|
||||
raise unless @options[:suppress_errors]
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def process_options!(uri, options)
|
||||
@options = options
|
||||
@options = { suppress_errors: true }.merge(options)
|
||||
|
||||
if uri.is_a?(Account)
|
||||
@account = uri
|
||||
|
|
@ -96,7 +96,7 @@ class ResolveAccountService < BaseService
|
|||
@username, @domain = split_acct(@webfinger.subject)
|
||||
|
||||
unless confirmed_username.casecmp(@username).zero? && confirmed_domain.casecmp(@domain).zero?
|
||||
raise Webfinger::RedirectError, "The URI #{uri} tries to hijack #{@username}@#{@domain}"
|
||||
raise Webfinger::RedirectError, "Too many webfinger redirects for URI #{uri} (stopped at #{@username}@#{@domain})"
|
||||
end
|
||||
rescue Webfinger::GoneError
|
||||
@gone = true
|
||||
|
|
@ -110,7 +110,7 @@ class ResolveAccountService < BaseService
|
|||
return unless activitypub_ready?
|
||||
|
||||
with_lock("resolve:#{@username}@#{@domain}") do
|
||||
@account = ActivityPub::FetchRemoteAccountService.new.call(actor_url)
|
||||
@account = ActivityPub::FetchRemoteAccountService.new.call(actor_url, suppress_errors: @options[:suppress_errors])
|
||||
end
|
||||
|
||||
@account
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue