suppress JSON-LD errors when signing activities for relays
This commit is contained in:
Hazelnoot
parent
c83fa9fcd3
commit
11356acb98
2 changed files with 20 additions and 3 deletions
|
|
@ -16,9 +16,15 @@ import { deepClone } from '@/misc/clone.js';
|
|||
import { bindThis } from '@/decorators.js';
|
||||
import { SystemAccountService } from '@/core/SystemAccountService.js';
|
||||
import { CacheManagementService, ManagedMemorySingleCache } from '@/global/CacheManagementService.js';
|
||||
import { IActivity } from '@/core/activitypub/type.js';
|
||||
import { LoggerService } from '@/core/LoggerService.js';
|
||||
import type Logger from '@/logger.js';
|
||||
import { renderInlineError } from '@/misc/render-inline-error.js';
|
||||
import { Signed } from '@/core/activitypub/JsonLdService.js';
|
||||
|
||||
@Injectable()
|
||||
export class RelayService {
|
||||
private readonly logger: Logger;
|
||||
private readonly relaysCache: ManagedMemorySingleCache<MiRelay[]>;
|
||||
|
||||
constructor(
|
||||
|
|
@ -29,9 +35,11 @@ export class RelayService {
|
|||
private queueService: QueueService,
|
||||
private systemAccountService: SystemAccountService,
|
||||
private apRendererService: ApRendererService,
|
||||
private readonly loggerService: LoggerService,
|
||||
|
||||
cacheManagementService: CacheManagementService,
|
||||
) {
|
||||
this.logger = this.loggerService.getLogger('relay');
|
||||
this.relaysCache = cacheManagementService.createMemorySingleCache<MiRelay[]>('relay', 1000 * 60 * 10); // 10m
|
||||
}
|
||||
|
||||
|
|
@ -106,10 +114,19 @@ export class RelayService {
|
|||
const copy = deepClone(activity);
|
||||
if (!copy.to) copy.to = ['https://www.w3.org/ns/activitystreams#Public'];
|
||||
|
||||
const signed = await this.apRendererService.attachLdSignature(copy, user);
|
||||
const signed = await this.signActivity(copy, user);
|
||||
|
||||
for (const relay of relays) {
|
||||
this.queueService.deliver(user, signed, relay.inbox, false);
|
||||
}
|
||||
}
|
||||
|
||||
private async signActivity<T extends IActivity>(activity: T, user: { id: MiUser['id']; host: null; }): Promise<T | Signed<T>> {
|
||||
try {
|
||||
return await this.apRendererService.attachLdSignature(activity, user);
|
||||
} catch (err) {
|
||||
this.logger.warn(`Error signing activity ${activity.id}: ${renderInlineError(err)}`);
|
||||
return activity;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ import { CacheService } from '@/core/CacheService.js';
|
|||
import { isPureRenote, isQuote, isRenote } from '@/misc/is-renote.js';
|
||||
import { FederatedInstanceService } from '@/core/FederatedInstanceService.js';
|
||||
import { TimeService } from '@/global/TimeService.js';
|
||||
import { JsonLdService } from './JsonLdService.js';
|
||||
import { JsonLdService, type Signed } from './JsonLdService.js';
|
||||
import { ApMfmService } from './ApMfmService.js';
|
||||
import { CONTEXT } from './misc/contexts.js';
|
||||
import { getApId, ILink, IOrderedCollection, IOrderedCollectionPage } from './type.js';
|
||||
|
|
@ -804,7 +804,7 @@ export class ApRendererService {
|
|||
}
|
||||
|
||||
@bindThis
|
||||
public async attachLdSignature(activity: any, user: { id: MiUser['id']; host: null; }): Promise<IActivity> {
|
||||
public async attachLdSignature<T extends IActivity>(activity: T, user: { id: MiUser['id']; host: null; }): Promise<T | Signed<T>> {
|
||||
// Linked Data signatures are cryptographic signatures attached to each activity to provide proof of authenticity.
|
||||
// When using authorized fetch, this is often undesired as any signed activity can be forwarded to a blocked instance by relays and other instances.
|
||||
// This setting allows admins to disable LD signatures for increased privacy, at the expense of fewer relayed activities and additional inbound fetch (GET) requests.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue