44 lines
1.2 KiB
Ruby
44 lines
1.2 KiB
Ruby
class WebKeyDirectoryController < WellKnownController
|
|
before_action :allow_cross_origin_requests
|
|
|
|
# /.well-known/openpgpkey/hu/:hashed_username(.txt)?l=username
|
|
def show
|
|
if params[:l].blank?
|
|
# TODO store hashed username in db if existing implementations trigger
|
|
# this a lot
|
|
msg = "WKD request with \"l\" param omitted for hu: #{params[:hashed_username]}"
|
|
Sentry.capture_message(msg) if Setting.sentry_enabled?
|
|
http_status :bad_request and return
|
|
end
|
|
|
|
@user = User.find_by(cn: params[:l].downcase)
|
|
|
|
if @user.nil? ||
|
|
@user.pgp_pubkey.blank? ||
|
|
!@user.pgp_pubkey_contains_user_address?
|
|
http_status :not_found and return
|
|
end
|
|
|
|
if params[:hashed_username] != @user.wkd_hash
|
|
http_status :unprocessable_entity and return
|
|
end
|
|
|
|
respond_to do |format|
|
|
format.text do
|
|
response.headers['Content-Type'] = 'text/plain'
|
|
render plain: @user.pgp_pubkey
|
|
end
|
|
|
|
format.any do
|
|
key = @user.gnupg_key.export
|
|
send_data key, filename: "#{@user.wkd_hash}.pem",
|
|
type: "application/octet-stream"
|
|
end
|
|
end
|
|
end
|
|
|
|
def policy
|
|
head :ok
|
|
end
|
|
end
|