Upgrade to PubSubHubbub 0.4 (removing verify_token)

This commit is contained in:
Eugen Rochko 2016-09-20 02:43:20 +02:00
parent a86f21cf90
commit 608a2bfffc
9 changed files with 19 additions and 19 deletions

View File

@ -171,7 +171,7 @@ GEM
pkg-config (~> 1.1.7) pkg-config (~> 1.1.7)
oj (2.17.3) oj (2.17.3)
orm_adapter (0.5.0) orm_adapter (0.5.0)
ostatus2 (0.2.1) ostatus2 (0.3)
addressable (~> 2.4) addressable (~> 2.4)
http (~> 1.0) http (~> 1.0)
nokogiri (~> 1.6) nokogiri (~> 1.6)

View File

@ -3,7 +3,7 @@ class Api::SubscriptionsController < ApiController
respond_to :txt respond_to :txt
def show def show
if @account.subscription(api_subscription_url(@account.id)).valid?(params['hub.topic'], params['hub.verify_token']) if @account.subscription(api_subscription_url(@account.id)).valid?(params['hub.topic'])
@account.update(subscription_expires_at: Time.now + (params['hub.lease_seconds'].to_i).seconds) @account.update(subscription_expires_at: Time.now + (params['hub.lease_seconds'].to_i).seconds)
render plain: HTMLEntities.new.encode(params['hub.challenge']), status: 200 render plain: HTMLEntities.new.encode(params['hub.challenge']), status: 200
else else

View File

@ -66,7 +66,7 @@ class Account < ApplicationRecord
end end
def subscribed? def subscribed?
!(self.secret.blank? || self.verify_token.blank?) !self.subscription_expires_at.nil?
end end
def favourited?(status) def favourited?(status)
@ -82,7 +82,7 @@ class Account < ApplicationRecord
end end
def subscription(webhook_url) def subscription(webhook_url)
OStatus2::Subscription.new(self.remote_url, secret: self.secret, token: self.verify_token, webhook: webhook_url, hub: self.hub_url) OStatus2::Subscription.new(self.remote_url, secret: self.secret, lease_seconds: 86400 * 30, webhook: webhook_url, hub: self.hub_url)
end end
def ping!(atom_url, hubs) def ping!(atom_url, hubs)

View File

@ -1,15 +1,12 @@
class SubscribeService < BaseService class SubscribeService < BaseService
def call(account) def call(account)
account.secret = SecureRandom.hex account.secret = SecureRandom.hex
account.verify_token = SecureRandom.hex
subscription = account.subscription(api_subscription_url(account.id)) subscription = account.subscription(api_subscription_url(account.id))
response = subscription.subscribe response = subscription.subscribe
unless response.successful? unless response.successful?
account.secret = '' account.secret = ''
account.verify_token = ''
Rails.logger.debug "PuSH subscription request for #{account.acct} failed: #{response.message}" Rails.logger.debug "PuSH subscription request for #{account.acct} failed: #{response.message}"
end end

View File

@ -0,0 +1,5 @@
class RemoveVerifyTokenFromAccounts < ActiveRecord::Migration[5.0]
def change
remove_column :accounts, :verify_token, :string, null: false, default: ''
end
end

View File

@ -10,7 +10,7 @@
# #
# It's strongly recommended that you check this file into your version control system. # It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20160919221059) do ActiveRecord::Schema.define(version: 20160920003904) do
# These are extensions that must be enabled in order to support this database # These are extensions that must be enabled in order to support this database
enable_extension "plpgsql" enable_extension "plpgsql"
@ -18,7 +18,6 @@ ActiveRecord::Schema.define(version: 20160919221059) do
create_table "accounts", force: :cascade do |t| create_table "accounts", force: :cascade do |t|
t.string "username", default: "", null: false t.string "username", default: "", null: false
t.string "domain" t.string "domain"
t.string "verify_token", default: "", null: false
t.string "secret", default: "", null: false t.string "secret", default: "", null: false
t.text "private_key" t.text "private_key"
t.text "public_key", default: "", null: false t.text "public_key", default: "", null: false

View File

@ -13,12 +13,13 @@ namespace :mastodon do
task clear: :environment do task clear: :environment do
Account.remote.without_followers.find_each do |a| Account.remote.without_followers.find_each do |a|
Rails.logger.debug "PuSH unsubscribing from #{a.acct}" Rails.logger.debug "PuSH unsubscribing from #{a.acct}"
begin begin
a.subscription('').unsubscribe a.subscription('').unsubscribe
rescue HTTP::Error, OpenSSL::SSL::SSLError rescue HTTP::Error, OpenSSL::SSL::SSLError
Rails.logger.debug "PuSH unsubscribing from #{a.acct} failed due to an HTTP or SSL error" Rails.logger.debug "PuSH unsubscribing from #{a.acct} failed due to an HTTP or SSL error"
ensure ensure
a.update!(verify_token: '', secret: '', subscription_expires_at: nil) a.update!(secret: '', subscription_expires_at: nil)
end end
end end
end end

View File

@ -3,11 +3,11 @@ require 'rails_helper'
RSpec.describe Api::SubscriptionsController, type: :controller do RSpec.describe Api::SubscriptionsController, type: :controller do
render_views render_views
let(:account) { Fabricate(:account, username: 'gargron', domain: 'quitter.no', verify_token: '123', remote_url: 'topic_url', secret: 'abc') } let(:account) { Fabricate(:account, username: 'gargron', domain: 'quitter.no', remote_url: 'topic_url', secret: 'abc') }
describe 'GET #show' do describe 'GET #show' do
before do before do
get :show, params: { :id => account.id, 'hub.topic' => 'topic_url', 'hub.verify_token' => 123, 'hub.challenge' => '456' } get :show, params: { :id => account.id, 'hub.topic' => 'topic_url', 'hub.challenge' => '456', 'hub.lease_seconds' => "#{86400 * 30}" }
end end
it 'returns http success' do it 'returns http success' do

View File

@ -66,14 +66,12 @@ RSpec.describe Account, type: :model do
end end
describe '#subscribed?' do describe '#subscribed?' do
it 'returns false when no secrets and tokens have been set' do it 'returns false when no subscription expiration information is present' do
expect(subject.subscribed?).to be false expect(subject.subscribed?).to be false
end end
it 'returns true when the secret and token have been set' do it 'returns true when subscription expiration has been set' do
subject.secret = 'a' subject.subscription_expires_at = 30.days.from_now
subject.verify_token = 'b'
expect(subject.subscribed?).to be true expect(subject.subscribed?).to be true
end end
end end