search

Traewelling / traewelling

Free check-in service to log your public transit journeys
https://traewelling.de
GNU Affero General Public License v3.0
225 stars 43 forks source link

Login with Mastodon for an instance with subdomain not working? #1182

Closed ePirat closed 3 months ago

ePirat commented 1 year ago

Describe the bug Trying to login with Mastodon for the instance https://mastodon.sergal.org I get an error: domain ist keine gültige Internet-Adresse.

To Reproduce

  1. Go to https://traewelling.de/login
  2. In the Mastodon instance field enter https://mastodon.sergal.org
  3. Press enter or click the Mastodon button
  4. There is an error: domain ist keine gültige Internet-Adresse.

Expected behavior Login should work

Screenshots

Bildschirmfoto 2022-11-15 um 14 15 50

Desktop:

jeyemwey commented 1 year ago

Hi, I'm sorry that this happened to you. #1179 changes the logic of how the url is formatted, and according to the test, the provided domain should work out.

After @MrKrisKrisu has reviewed and deployed the aforementioned PR, maybe this issues is resolved. I would kindly ask you, @ePirat, to report after that. :)

MrKrisKrisu commented 1 year ago

1179 is merged and rolled out.

This PR didn't fix this issue. We need to have a look at the validator.

MrKrisKrisu commented 1 year ago

I'm a little bit confused.

In my local environment I can use https://mastodon.sergal.org without problems. In the production environment with exactly the same code base the error occurs.

MrKrisKrisu commented 1 year ago

When I remove the active_url validator in our productive env. the domain also works there. But this isn't a valid solution.

MrKrisKrisu commented 1 year ago

This test already checks whether https://mastodon.sergal.org will be accepted by the active_url validator. The test is successful locally and on Github.

https://github.com/Traewelling/traewelling/blob/63469f96c0af2a28752472721a095b2672a2f31e/tests/Feature/Social/MastodonControllerTest.php#L17-L35

MrKrisKrisu commented 1 year ago

The server can also successfully access the Mastodon instance. DNS resolution and access is possible.

kris@maglev:~# curl -vL "https://mastodon.sergal.org/"
*   Trying 167.114.35.50:443...
* Connected to mastodon.sergal.org (167.114.35.50) port 443 (#0)
[...]
*  SSL certificate verify ok.
[...]
< HTTP/2 200 
[...]
* Connection #0 to host mastodon.sergal.org left intact
MrKrisKrisu commented 1 year ago

Tested with some other subdomain instances found on https://joinmastodon.org/servers

All of them are working on prod-server:

Sooo... what is wrong with the domain that the validator doesn't like it?

MrKrisKrisu commented 1 year ago

Laravels documentation describes how the validator is working:

[active_url](https://laravel.com/docs/9.x/validation#rule-active-url)
The field under validation must have a valid A or AAAA record according to the dns_get_record PHP function. The hostname of the provided URL is extracted using the parse_url PHP function before being passed to dns_get_record.

So.. I tried to reproduce this... The DNS Server blocks ANY-Requests. (Edit: This is not relevant as of the validator requests directly A and AAAA)

$domain = 'https://mastodon.sergal.org';
$parsed = parse_url($domain);
dump($parsed);
$result = dns_get_record($parsed['host']);
dump($result);

...and got:

array:2 [
  "scheme" => "https"
  "host" => "mastodon.sergal.org"
]
array:1 [
  0 => array:6 [
    "host" => "mastodon.sergal.org"
    "class" => "IN"
    "ttl" => 3753
    "type" => "HINFO"
    "cpu" => "RFC8482"
    "os" => ""
  ]
]

Other DNS Servers are returning A and AAAA Records:

array:2 [
  "scheme" => "https"
  "host" => "social.4netguides.org"
]
array:2 [
  0 => array:5 [
    "host" => "social.4netguides.org"
    "class" => "IN"
    "ttl" => 1324
    "type" => "A"
    "ip" => "37.120.163.132"
  ]
  1 => array:5 [
    "host" => "social.4netguides.org"
    "class" => "IN"
    "ttl" => 1324
    "type" => "AAAA"
    "ipv6" => "2a03:4000:6:34f0::1"
  ]
]

With the dns_get_records function we can explicitly request A or AAAA records. Then we got a correct answer:

array:2 [
  "scheme" => "https"
  "host" => "mastodon.sergal.org"
]
array:1 [
  0 => array:5 [
    "host" => "mastodon.sergal.org"
    "class" => "IN"
    "ttl" => 38
    "type" => "A"
    "ip" => "167.114.35.50"
  ]
]
MrKrisKrisu commented 1 year ago

Laravels validation rule can be found here: https://github.com/laravel/framework/blob/81ea922574b5244e6710a82f6e27cd885deec612/src/Illuminate/Validation/Concerns/ValidatesAttributes.php#L112-L131

Testing with this original validator function returned this error: dns_get_record(): A temporary server error occurred.

This only occurs on for mastodon.sergal.org. Other domains are working. Therefore the validator returnes false because of the try/catch.

https://github.com/laravel/framework/blob/81ea922574b5244e6710a82f6e27cd885deec612/src/Illuminate/Validation/Concerns/ValidatesAttributes.php#L126

MrKrisKrisu commented 1 year ago

@ePirat I just randomly tried this again. It works for me now with your example domain. No idea why, but can you try it again too?