From ecdaf52bac011cdd0f17c94abf1174fc722331fa Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Mon, 18 Mar 2019 22:33:48 +0300
Subject: WebFinger is HTTPS-only protocol

---
 .../java/com/juick/server/SignatureManager.java    | 30 +++++++++++++---------
 1 file changed, 18 insertions(+), 12 deletions(-)

(limited to 'src/main/java/com/juick/server')

diff --git a/src/main/java/com/juick/server/SignatureManager.java b/src/main/java/com/juick/server/SignatureManager.java
index 755575ce..904f89af 100644
--- a/src/main/java/com/juick/server/SignatureManager.java
+++ b/src/main/java/com/juick/server/SignatureManager.java
@@ -9,11 +9,11 @@ import com.juick.server.api.webfinger.model.Account;
 import com.juick.server.api.webfinger.model.Link;
 import com.juick.service.UserService;
 import com.juick.util.DateFormattersHolder;
-import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
 import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Component;
 import org.springframework.web.client.RestTemplate;
@@ -130,17 +130,23 @@ public class SignatureManager {
         return Optional.empty();
     }
     public Optional<Context> discoverPerson(String acct) {
-        String[] accountParts = acct.split(":", 2);
-        String account = accountParts[0];
-        int port = accountParts.length > 1 ? Integer.valueOf(accountParts[1]) : 80;
-        Jid acctId = Jid.of(account);
-        URI resourceUri = UriComponentsBuilder.fromUriString(
-                String.format("http://%s:%d/.well-known/webfinger?resource=acct:%s", acctId.getDomain(), port, account)).build().toUri();
-        Account acctData = apClient.getForEntity(resourceUri, Account.class).getBody();
-        if (acctData != null) {
-            for (Link l : acctData.getLinks()) {
-                if (l.getRel().equals("self") && l.getType().equals(ACTIVITY_MEDIA_TYPE)) {
-                    return getContext(URI.create(l.getHref()));
+        Jid acctId = Jid.of(acct);
+        URI resourceUri = UriComponentsBuilder.fromPath("/.well-known/webfinger")
+                .host(acctId.getDomain())
+                .scheme("https")
+                .queryParam("resource", String.format("%s", acctId.toEscapedString())).build().toUri();
+        HttpHeaders headers = new HttpHeaders();
+        headers.add("Accept", "application/jrd+json");
+        HttpEntity<Void> webfingerRequest = new HttpEntity<>(headers);
+        ResponseEntity<Account> response = apClient.exchange(
+                resourceUri, HttpMethod.GET, webfingerRequest, Account.class);
+        if (response.getStatusCode().is2xxSuccessful()) {
+            Account acctData = response.getBody();
+            if (acctData != null) {
+                for (Link l : acctData.getLinks()) {
+                    if (l.getRel().equals("self") && l.getType().equals(ACTIVITY_MEDIA_TYPE)) {
+                        return getContext(URI.create(l.getHref()));
+                    }
                 }
             }
         }
-- 
cgit v1.2.3