cabdbb7f9c
* If an Update is signed with known key, skip re-following procedure
Because it means the remote actor did *not* lose their database
* Add CLI method for rotating keys
bin/tootctl accounts rotate [USERNAME]
Generates a new RSA key per account and sends out an Update activity
signed with the old key.
* Key rotation: Space out Update fan-outs every 5 minutes per 1000 accounts
* Skip suspended accounts in key rotation
17 lines
475 B
Ruby
17 lines
475 B
Ruby
# frozen_string_literal: true
|
|
|
|
class ActivityPub::Activity::Update < ActivityPub::Activity
|
|
SUPPORTED_TYPES = %w(Application Group Organization Person Service).freeze
|
|
|
|
def perform
|
|
update_account if equals_or_includes_any?(@object['type'], SUPPORTED_TYPES)
|
|
end
|
|
|
|
private
|
|
|
|
def update_account
|
|
return if @account.uri != object_uri
|
|
ActivityPub::ProcessAccountService.new.call(@account.username, @account.domain, @object, signed_with_known_key: true)
|
|
end
|
|
end
|