From cee8fa9172d2833b35b73038f571c2b2d348ad1b Mon Sep 17 00:00:00 2001
From: Yarmo Mackenbach <yarmo@yarmo.eu>
Date: Tue, 2 Mar 2021 15:10:46 +0100
Subject: [PATCH] Add Twitter proxy verification

---
 src/serviceproviders/twitter.js | 54 ++++++++++++++++++++++++---------
 1 file changed, 39 insertions(+), 15 deletions(-)

diff --git a/src/serviceproviders/twitter.js b/src/serviceproviders/twitter.js
index fcaeacb..5994eda 100644
--- a/src/serviceproviders/twitter.js
+++ b/src/serviceproviders/twitter.js
@@ -16,24 +16,48 @@ limitations under the License.
 const bent = require('bent')
 const req = bent('GET')
 const serviceproviders = require('../serviceproviders')
+const utils = require('../utils')
 const reURI = /^https:\/\/twitter\.com\/(.*)\/status\/([0-9]*)(?:\?.*)?/
 
 const customRequestHandler = async (spData, opts) => {
   const match = spData.proof.uri.match(reURI)
-  if ('twitterBearerToken' in opts && opts.twitterBearerToken) {
-    const res = await req(`https://api.twitter.com/1.1/statuses/show.json?id=${match[2]}`, null, {
-      Accept: 'application/json',
-      Authorization: `Bearer ${opts.twitterBearerToken}`
-    })
-    const json = await res.json()
-    return json.text
-  } else if ('nitterInstance' in opts && opts.nitterInstance) {
-    spData.proof.fetch = `https://${opts.nitterInstance}/${match[1]}/status/${match[2]}`
-    const res = await serviceproviders.proxyRequestHandler(spData, opts)
-    return res
-  } else {
-    return null
+
+  // Attempt direct verification if policy allows it
+  if (opts.proxyPolicy !== 'always') {
+    if ('twitterBearerToken' in opts && opts.twitterBearerToken) {
+      const res = await req(`https://api.twitter.com/1.1/statuses/show.json?id=${match[2]}`, null, {
+        Accept: 'application/json',
+        Authorization: `Bearer ${opts.twitterBearerToken}`
+      })
+      const json = await res.json()
+      return json.text
+    } else if ('nitterInstance' in opts && opts.nitterInstance) {
+      spData.proof.fetch = `https://${opts.nitterInstance}/${match[1]}/status/${match[2]}`
+      const res = await serviceproviders.proxyRequestHandler(spData, opts)
+      return res
+    } else {
+      return null
+    }
   }
+
+  // Attempt proxy verification if policy allows it
+  if (opts.proxyPolicy !== 'never' && spData.proof.fetch) {
+    return req(utils.generateProxyURL('twitter', match[2], opts), null, {
+      Accept: 'application/json',
+    })
+    .then(async (res) => {
+      return await res.json()
+    })
+    .then((res) => {
+      return res.data.text
+    })
+    .catch((e) => {
+      reject(e)
+    })
+  }
+
+  // No verification
+  return null
 }
 
 const processURI = (uri, opts) => {
@@ -54,8 +78,8 @@ const processURI = (uri, opts) => {
     },
     proof: {
       uri: uri,
-      fetch: null,
-      useProxy: true,
+      fetch: utils.generateProxyURL('twitter', match[2], opts),
+      useProxy: false,
       format: 'text',
     },
     claim: {