Improve MediaTypeRouteFilterAttribute

2024-01-23 01:43:07 +01:00 · 2024-01-23 01:43:07 +01:00 · a4d787331b
commit a4d787331b
parent cb48468627
3 changed files with 14 additions and 7 deletions
--- a/Iceshrimp.Backend/Controllers/ActivityPubController.cs
+++ b/Iceshrimp.Backend/Controllers/ActivityPubController.cs
@ -11,8 +11,11 @@ namespace Iceshrimp.Backend.Controllers;

 [ApiController]
 [MediaTypeRouteFilter("application/activity+json", "application/ld+json")]
-[Produces("application/activity+json", "application/ld+json")]
-public class ActivityPubController(ILogger<ActivityPubController> logger, DatabaseContext db, APUserRenderer userRenderer) : Controller {
+[Produces("application/activity+json", "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"")]
+public class ActivityPubController(
+	ILogger<ActivityPubController> logger,
+	DatabaseContext db,
+	APUserRenderer userRenderer) : Controller {
 	/*
 	[HttpGet("/notes/{id}")]
 	[ProducesResponseType(StatusCodes.Status200OK, Type = typeof(Note))]
--- a/Iceshrimp.Backend/Controllers/Attributes/MediaTypeRouteFilterAttribute.cs
+++ b/Iceshrimp.Backend/Controllers/Attributes/MediaTypeRouteFilterAttribute.cs
@ -1,3 +1,4 @@
+using System.Net.Http.Headers;
 using Microsoft.AspNetCore.Mvc.ActionConstraints;

 namespace Iceshrimp.Backend.Controllers.Attributes;
@ -5,12 +6,14 @@ namespace Iceshrimp.Backend.Controllers.Attributes;
 [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
 public class MediaTypeRouteFilterAttribute(params string[] mediaTypes) : Attribute, IActionConstraint {
 	public bool Accept(ActionConstraintContext context) {
-		//TODO: this should parse the header properly, edge cases like profile=, charset=, q= are not currently handled.
 		//TODO: this should set the correct content type for the response as well
-		return context.RouteContext.HttpContext.Request.Headers.ContainsKey("Accept") &&
-		       mediaTypes.Any(p => context.RouteContext.HttpContext.Request.Headers.Accept.ToString() == p ||
-		                           context.RouteContext.HttpContext.Request.Headers.Accept.ToString()
-		                                  .StartsWith(p + ";"));
+		if (!context.RouteContext.HttpContext.Request.Headers.ContainsKey("Accept")) return false;
+
+		var accept = context.RouteContext.HttpContext.Request.Headers.Accept.ToString().Split(',')
+		                    .Select(MediaTypeWithQualityHeaderValue.Parse)
+		                    .Select(p => p.MediaType);
+
+		return accept.Any(mediaTypes.Contains);
 	}

 	public int Order => HttpMethodActionConstraint.HttpMethodConstraintOrder + 1;
--- a/Iceshrimp.Backend/Core/Federation/Cryptography/HttpSignature.cs
+++ b/Iceshrimp.Backend/Core/Federation/Cryptography/HttpSignature.cs
@ -32,6 +32,7 @@ public static class HttpSignature {
 		                      HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
 	}

+	//TODO: make this share code with the the regular Verify function
 	public static bool VerifySign(this HttpRequestMessage request, string key) {
 		var signatureHeader = request.Headers.GetValues("Signature").First();
 		var signature       = Parse(signatureHeader);