2017-11-22 11:06:07 -07:00
|
|
|
defmodule Pleroma.Web.MediaProxy do
|
|
|
|
@base64_opts [padding: false]
|
|
|
|
|
|
|
|
def url(nil), do: nil
|
|
|
|
|
2017-12-12 04:30:24 -07:00
|
|
|
def url(url = "/" <> _), do: url
|
|
|
|
|
2017-11-22 11:06:07 -07:00
|
|
|
def url(url) do
|
2017-11-28 13:44:25 -07:00
|
|
|
config = Application.get_env(:pleroma, :media_proxy, [])
|
|
|
|
if !Keyword.get(config, :enabled, false) or String.starts_with?(url, Pleroma.Web.base_url) do
|
2017-11-22 11:06:07 -07:00
|
|
|
url
|
|
|
|
else
|
2017-11-28 13:44:25 -07:00
|
|
|
secret = Application.get_env(:pleroma, Pleroma.Web.Endpoint)[:secret_key_base]
|
2017-11-22 11:06:07 -07:00
|
|
|
base64 = Base.url_encode64(url, @base64_opts)
|
2017-11-28 13:44:25 -07:00
|
|
|
sig = :crypto.hmac(:sha, secret, base64)
|
2017-11-22 11:06:07 -07:00
|
|
|
sig64 = sig |> Base.url_encode64(@base64_opts)
|
2017-11-28 13:44:25 -07:00
|
|
|
Keyword.get(config, :base_url, Pleroma.Web.base_url) <> "/proxy/#{sig64}/#{base64}"
|
2017-11-22 11:06:07 -07:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def decode_url(sig, url) do
|
2017-11-28 13:44:25 -07:00
|
|
|
secret = Application.get_env(:pleroma, Pleroma.Web.Endpoint)[:secret_key_base]
|
2017-11-22 11:06:07 -07:00
|
|
|
sig = Base.url_decode64!(sig, @base64_opts)
|
2017-11-28 13:44:25 -07:00
|
|
|
local_sig = :crypto.hmac(:sha, secret, url)
|
2017-11-22 11:06:07 -07:00
|
|
|
if local_sig == sig do
|
|
|
|
{:ok, Base.url_decode64!(url, @base64_opts)}
|
|
|
|
else
|
|
|
|
{:error, :invalid_signature}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|