gtsocial-umbx

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit c54510bc7407f22b58bd56ad65b2e3f60e8e4dc5
parent 4f322f527f6c6e043f9efa13034fed1dbd35f1eb
Author: tobi <31960611+tsmethurst@users.noreply.github.com>
Date:   Thu,  6 Apr 2023 13:19:55 +0200

[bugfix] Normalize status content (don't parse status content as IRI) (#1665)

* start fannying about

* finish up Normalize

* tidy up

* pin to tag

* move errors about just a little bit
Diffstat:
Mgo.mod | 2+-
Mgo.sum | 4++--
Ainternal/ap/error.go | 35+++++++++++++++++++++++++++++++++++
Minternal/ap/interfaces.go | 6++++++
Ainternal/ap/normalize.go | 116+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Ainternal/ap/normalize_test.go | 110+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Ainternal/ap/resolve.go | 118+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Minternal/federation/dereferencing/account.go | 30++----------------------------
Minternal/federation/dereferencing/error.go | 14--------------
Minternal/federation/dereferencing/status.go | 75++-------------------------------------------------------------------------
Minternal/federation/federatingactor.go | 271++++++++++++++++++++++++++++++++++++++++++++++++++++---------------------------
Minternal/federation/federatingprotocol.go | 89++++++++++++++++++++++++++++++++++++++++++-------------------------------------
Dinternal/federation/handshake.go | 18------------------
Minternal/processing/search.go | 7+++++--
Mvendor/github.com/superseriousbusiness/activity/pub/base_actor.go | 17++++++++---------
Mvendor/github.com/superseriousbusiness/activity/pub/side_effect_actor.go | 76++++++++++++++++++++++++++++++++++++++++++++++++++--------------------------
Mvendor/modules.txt | 2+-
17 files changed, 681 insertions(+), 309 deletions(-)

diff --git a/go.mod b/go.mod @@ -42,7 +42,7 @@ require ( github.com/spf13/cobra v1.6.1 github.com/spf13/viper v1.15.0 github.com/stretchr/testify v1.8.2 - github.com/superseriousbusiness/activity v1.2.1-gts + github.com/superseriousbusiness/activity v1.2.2-gts github.com/superseriousbusiness/exif-terminator v0.5.0 github.com/superseriousbusiness/oauth2/v4 v4.3.2-SSB.0.20230227143000-f4900831d6c8 github.com/tdewolff/minify/v2 v2.12.5 diff --git a/go.sum b/go.sum @@ -543,8 +543,8 @@ github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o github.com/subosito/gotenv v1.4.2 h1:X1TuBLAMDFbaTAChgCBLu3DU3UPyELpnF2jjJ2cz/S8= github.com/subosito/gotenv v1.4.2/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= github.com/sunfish-shogi/bufseekio v0.0.0-20210207115823-a4185644b365/go.mod h1:dEzdXgvImkQ3WLI+0KQpmEx8T/C/ma9KeS3AfmU899I= -github.com/superseriousbusiness/activity v1.2.1-gts h1:wh7v0zYa1mJmqB35PSfvgl4cs51Dh5PyfKvcZLSxMQU= -github.com/superseriousbusiness/activity v1.2.1-gts/go.mod h1:AZw0Xb4Oju8rmaJCZ21gc5CPg47MmNgyac+Hx5jo8VM= +github.com/superseriousbusiness/activity v1.2.2-gts h1:7duR8MCbYIKyM4UkeSkze2S/2+ve1XHs8kVfaFg58UI= +github.com/superseriousbusiness/activity v1.2.2-gts/go.mod h1:AZw0Xb4Oju8rmaJCZ21gc5CPg47MmNgyac+Hx5jo8VM= github.com/superseriousbusiness/exif-terminator v0.5.0 h1:57SO/geyaOl2v/lJSQLVcQbdghpyFuK8ZTtaHL81fUQ= github.com/superseriousbusiness/exif-terminator v0.5.0/go.mod h1:d5IkskXco/3XRXzOrI73uGYn+wahJEqPlQSSqn6jxSw= github.com/superseriousbusiness/go-jpeg-image-structure/v2 v2.0.0-20220321154430-d89a106fdabe h1:ksl2oCx/Qo8sNDc3Grb8WGKBM9nkvhCm25uvlT86azE= diff --git a/internal/ap/error.go b/internal/ap/error.go @@ -0,0 +1,35 @@ +// GoToSocial +// Copyright (C) GoToSocial Authors admin@gotosocial.org +// SPDX-License-Identifier: AGPL-3.0-or-later +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. + +package ap + +import "fmt" + +// ErrWrongType indicates that we tried to resolve a type into +// an interface that it's not compatible with, eg a Person into +// a Statusable. +type ErrWrongType struct { + wrapped error +} + +func (err *ErrWrongType) Error() string { + return fmt.Sprintf("wrong received type: %v", err.wrapped) +} + +func newErrWrongType(err error) error { + return &ErrWrongType{wrapped: err} +} diff --git a/internal/ap/interfaces.go b/internal/ap/interfaces.go @@ -60,6 +60,7 @@ type Statusable interface { WithSensitive WithConversation WithContent + WithSetContent WithAttachment WithTag WithReplies @@ -281,6 +282,11 @@ type WithContent interface { GetActivityStreamsContent() vocab.ActivityStreamsContentProperty } +// WithSetContent represents an activity that can have content set on it. +type WithSetContent interface { + SetActivityStreamsContent(vocab.ActivityStreamsContentProperty) +} + // WithPublished represents an activity with ActivityStreamsPublishedProperty type WithPublished interface { GetActivityStreamsPublished() vocab.ActivityStreamsPublishedProperty diff --git a/internal/ap/normalize.go b/internal/ap/normalize.go @@ -0,0 +1,116 @@ +// GoToSocial +// Copyright (C) GoToSocial Authors admin@gotosocial.org +// SPDX-License-Identifier: AGPL-3.0-or-later +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. + +package ap + +import ( + "github.com/superseriousbusiness/activity/pub" + "github.com/superseriousbusiness/activity/streams" +) + +// NormalizeActivityObject normalizes the 'object'.'content' field of the given Activity. +// +// The rawActivity map should the freshly deserialized json representation of the Activity. +// +// This function is a noop if the type passed in is anything except a Create with a Statusable as its Object. +func NormalizeActivityObject(activity pub.Activity, rawActivity map[string]interface{}) { + if activity.GetTypeName() != ActivityCreate { + // Only interested in Create right now. + return + } + + withObject, ok := activity.(WithObject) + if !ok { + // Create was not a WithObject. + return + } + + createObject := withObject.GetActivityStreamsObject() + if createObject == nil { + // No object set. + return + } + + if createObject.Len() != 1 { + // Not interested in Object arrays. + return + } + + // We now know length is 1 so get the first + // item from the iter. We need this to be + // a Statusable if we're to continue. + i := createObject.At(0) + if i == nil { + // This is awkward. + return + } + + t := i.GetType() + if t == nil { + // This is also awkward. + return + } + + statusable, ok := t.(Statusable) + if !ok { + // Object is not Statusable; + // we're not interested. + return + } + + object, ok := rawActivity["object"] + if !ok { + // No object in raw map. + return + } + + rawStatusable, ok := object.(map[string]interface{}) + if !ok { + // Object wasn't a json object. + return + } + + // Pass in the statusable and its raw JSON representation. + NormalizeStatusableContent(statusable, rawStatusable) +} + +// NormalizeStatusableContent replaces the Content of the given statusable +// with the raw 'content' value from the given json object map. +// +// noop if there was no content in the json object map or the content was +// not a plain string. +func NormalizeStatusableContent(statusable Statusable, rawStatusable map[string]interface{}) { + content, ok := rawStatusable["content"] + if !ok { + // No content in rawStatusable. + // TODO: In future we might also + // look for "contentMap" property. + return + } + + rawContent, ok := content.(string) + if !ok { + // Not interested in content arrays. + return + } + + // Set normalized content property from the raw string; this + // will replace any existing content property on the statusable. + contentProp := streams.NewActivityStreamsContentProperty() + contentProp.AppendXMLSchemaString(rawContent) + statusable.SetActivityStreamsContent(contentProp) +} diff --git a/internal/ap/normalize_test.go b/internal/ap/normalize_test.go @@ -0,0 +1,110 @@ +// GoToSocial +// Copyright (C) GoToSocial Authors admin@gotosocial.org +// SPDX-License-Identifier: AGPL-3.0-or-later +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. + +package ap_test + +import ( + "context" + "encoding/json" + "testing" + + "github.com/stretchr/testify/suite" + "github.com/superseriousbusiness/activity/streams" + "github.com/superseriousbusiness/activity/streams/vocab" + "github.com/superseriousbusiness/gotosocial/internal/ap" + "github.com/superseriousbusiness/gotosocial/testrig" +) + +type NormalizeTestSuite struct { + suite.Suite +} + +func (suite *NormalizeTestSuite) GetStatusable() (vocab.ActivityStreamsNote, map[string]interface{}) { + rawJson := `{ + "@context": [ + "https://www.w3.org/ns/activitystreams", + "https://example.org/schemas/litepub-0.1.jsonld", + { + "@language": "und" + } + ], + "actor": "https://example.org/users/someone", + "attachment": [], + "attributedTo": "https://example.org/users/someone", + "cc": [ + "https://example.org/users/someone/followers" + ], + "content": "UPDATE: As of this morning there are now more than 7 million Mastodon users, most from the <a class=\"hashtag\" data-tag=\"twittermigration\" href=\"https://example.org/tag/twittermigration\" rel=\"tag ugc\">#TwitterMigration</a>.<br><br>In fact, 100,000 new accounts have been created since last night.<br><br>Since last night&#39;s spike 8,000-12,000 new accounts are being created every hour.<br><br>Yesterday, I estimated that Mastodon would have 8 million users by the end of the week. That might happen a lot sooner if this trend continues.", + "context": "https://example.org/contexts/01GX0MSHPER1E0FT022Q209EJZ", + "conversation": "https://example.org/contexts/01GX0MSHPER1E0FT022Q209EJZ", + "id": "https://example.org/objects/01GX0MT2PA58JNSMK11MCS65YD", + "published": "2022-11-18T17:43:58.489995Z", + "replies": { + "items": [ + "https://example.org/objects/01GX0MV12MGEG3WF9SWB5K3KRJ" + ], + "type": "Collection" + }, + "repliesCount": 0, + "sensitive": null, + "source": "UPDATE: As of this morning there are now more than 7 million Mastodon users, most from the #TwitterMigration.\r\n\r\nIn fact, 100,000 new accounts have been created since last night.\r\n\r\nSince last night's spike 8,000-12,000 new accounts are being created every hour.\r\n\r\nYesterday, I estimated that Mastodon would have 8 million users by the end of the week. That might happen a lot sooner if this trend continues.", + "summary": "", + "tag": [ + { + "href": "https://example.org/tags/twittermigration", + "name": "#twittermigration", + "type": "Hashtag" + } + ], + "to": [ + "https://www.w3.org/ns/activitystreams#Public" + ], + "type": "Note" + }` + + var rawNote map[string]interface{} + err := json.Unmarshal([]byte(rawJson), &rawNote) + if err != nil { + panic(err) + } + + t, err := streams.ToType(context.Background(), rawNote) + if err != nil { + panic(err) + } + + return t.(vocab.ActivityStreamsNote), rawNote +} + +func (suite *NormalizeTestSuite) TestNormalizeActivityObject() { + note, rawNote := suite.GetStatusable() + suite.Equal(`update: As of this morning there are now more than 7 million Mastodon users, most from the <a class="hashtag" data-tag="twittermigration" href="https://example.org/tag/twittermigration" rel="tag ugc">#TwitterMigration%3C/a%3E.%3Cbr%3E%3Cbr%3EIn%20fact,%20100,000%20new%20accounts%20have%20been%20created%20since%20last%20night.%3Cbr%3E%3Cbr%3ESince%20last%20night&%2339;s%20spike%208,000-12,000%20new%20accounts%20are%20being%20created%20every%20hour.%3Cbr%3E%3Cbr%3EYesterday,%20I%20estimated%20that%20Mastodon%20would%20have%208%20million%20users%20by%20the%20end%20of%20the%20week.%20That%20might%20happen%20a%20lot%20sooner%20if%20this%20trend%20continues.`, ap.ExtractContent(note)) + + create := testrig.WrapAPNoteInCreate( + testrig.URLMustParse("https://example.org/create_something"), + testrig.URLMustParse("https://example.org/users/someone"), + testrig.TimeMustParse("2022-11-18T17:43:58.489995Z"), + note, + ) + + ap.NormalizeActivityObject(create, map[string]interface{}{"object": rawNote}) + suite.Equal(`UPDATE: As of this morning there are now more than 7 million Mastodon users, most from the <a class="hashtag" data-tag="twittermigration" href="https://example.org/tag/twittermigration" rel="tag ugc">#TwitterMigration</a>.<br><br>In fact, 100,000 new accounts have been created since last night.<br><br>Since last night&#39;s spike 8,000-12,000 new accounts are being created every hour.<br><br>Yesterday, I estimated that Mastodon would have 8 million users by the end of the week. That might happen a lot sooner if this trend continues.`, ap.ExtractContent(note)) +} + +func TestNormalizeTestSuite(t *testing.T) { + suite.Run(t, new(NormalizeTestSuite)) +} diff --git a/internal/ap/resolve.go b/internal/ap/resolve.go @@ -0,0 +1,118 @@ +// GoToSocial +// Copyright (C) GoToSocial Authors admin@gotosocial.org +// SPDX-License-Identifier: AGPL-3.0-or-later +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. + +package ap + +import ( + "context" + "encoding/json" + "fmt" + + "github.com/superseriousbusiness/activity/streams" + "github.com/superseriousbusiness/activity/streams/vocab" +) + +// ResolveStatusable tries to resolve the given bytes into an ActivityPub Statusable representation. +// It will then perform normalization on the Statusable by calling NormalizeStatusable, so that +// callers don't need to bother doing extra steps. +// +// Works for: Article, Document, Image, Video, Note, Page, Event, Place, Profile +func ResolveStatusable(ctx context.Context, b []byte) (Statusable, error) { + rawStatusable := make(map[string]interface{}) + if err := json.Unmarshal(b, &rawStatusable); err != nil { + return nil, fmt.Errorf("ResolveStatusable: error unmarshalling bytes into json: %w", err) + } + + t, err := streams.ToType(ctx, rawStatusable) + if err != nil { + return nil, fmt.Errorf("ResolveStatusable: error resolving json into ap vocab type: %w", err) + } + + var ( + statusable Statusable + ok bool + ) + + switch t.GetTypeName() { + case ObjectArticle: + statusable, ok = t.(vocab.ActivityStreamsArticle) + case ObjectDocument: + statusable, ok = t.(vocab.ActivityStreamsDocument) + case ObjectImage: + statusable, ok = t.(vocab.ActivityStreamsImage) + case ObjectVideo: + statusable, ok = t.(vocab.ActivityStreamsVideo) + case ObjectNote: + statusable, ok = t.(vocab.ActivityStreamsNote) + case ObjectPage: + statusable, ok = t.(vocab.ActivityStreamsPage) + case ObjectEvent: + statusable, ok = t.(vocab.ActivityStreamsEvent) + case ObjectPlace: + statusable, ok = t.(vocab.ActivityStreamsPlace) + case ObjectProfile: + statusable, ok = t.(vocab.ActivityStreamsProfile) + } + + if !ok { + err = fmt.Errorf("ResolveStatusable: could not resolve %T to Statusable", t) + return nil, newErrWrongType(err) + } + + NormalizeStatusableContent(statusable, rawStatusable) + return statusable, nil +} + +// ResolveStatusable tries to resolve the given bytes into an ActivityPub Accountable representation. +// +// Works for: Application, Group, Organization, Person, Service +func ResolveAccountable(ctx context.Context, b []byte) (Accountable, error) { + rawAccountable := make(map[string]interface{}) + if err := json.Unmarshal(b, &rawAccountable); err != nil { + return nil, fmt.Errorf("ResolveAccountable: error unmarshalling bytes into json: %w", err) + } + + t, err := streams.ToType(ctx, rawAccountable) + if err != nil { + return nil, fmt.Errorf("ResolveAccountable: error resolving json into ap vocab type: %w", err) + } + + var ( + accountable Accountable + ok bool + ) + + switch t.GetTypeName() { + case ActorApplication: + accountable, ok = t.(vocab.ActivityStreamsApplication) + case ActorGroup: + accountable, ok = t.(vocab.ActivityStreamsGroup) + case ActorOrganization: + accountable, ok = t.(vocab.ActivityStreamsOrganization) + case ActorPerson: + accountable, ok = t.(vocab.ActivityStreamsPerson) + case ActorService: + accountable, ok = t.(vocab.ActivityStreamsService) + } + + if !ok { + err = fmt.Errorf("ResolveAccountable: could not resolve %T to Accountable", t) + return nil, newErrWrongType(err) + } + + return accountable, nil +} diff --git a/internal/federation/dereferencing/account.go b/internal/federation/dereferencing/account.go @@ -357,39 +357,13 @@ func (d *deref) enrichAccount(ctx context.Context, requestUser string, uri *url. // dereferenceAccountable calls remoteAccountID with a GET request, and tries to parse whatever // it finds as something that an account model can be constructed out of. -// -// Will work for Person, Application, or Service models. func (d *deref) dereferenceAccountable(ctx context.Context, transport transport.Transport, remoteAccountID *url.URL) (ap.Accountable, error) { b, err := transport.Dereference(ctx, remoteAccountID) if err != nil { - return nil, fmt.Errorf("DereferenceAccountable: error deferencing %s: %w", remoteAccountID.String(), err) - } - - m := make(map[string]interface{}) - if err := json.Unmarshal(b, &m); err != nil { - return nil, fmt.Errorf("DereferenceAccountable: error unmarshalling bytes into json: %w", err) - } - - t, err := streams.ToType(ctx, m) - if err != nil { - return nil, fmt.Errorf("DereferenceAccountable: error resolving json into ap vocab type: %w", err) - } - - //nolint:forcetypeassert - switch t.GetTypeName() { - case ap.ActorApplication: - return t.(vocab.ActivityStreamsApplication), nil - case ap.ActorGroup: - return t.(vocab.ActivityStreamsGroup), nil - case ap.ActorOrganization: - return t.(vocab.ActivityStreamsOrganization), nil - case ap.ActorPerson: - return t.(vocab.ActivityStreamsPerson), nil - case ap.ActorService: - return t.(vocab.ActivityStreamsService), nil + return nil, fmt.Errorf("dereferenceAccountable: error deferencing %s: %w", remoteAccountID.String(), err) } - return nil, newErrWrongType(fmt.Errorf("DereferenceAccountable: type name %s not supported as Accountable", t.GetTypeName())) + return ap.ResolveAccountable(ctx, b) } func (d *deref) fetchRemoteAccountAvatar(ctx context.Context, tsport transport.Transport, avatarURL string, accountID string) (string, error) { diff --git a/internal/federation/dereferencing/error.go b/internal/federation/dereferencing/error.go @@ -66,20 +66,6 @@ func newErrTransportError(err error) error { return &ErrTransportError{wrapped: err} } -// ErrWrongType indicates that an unexpected type was returned from a remote call; -// for example, we were served a Person when we were looking for a statusable. -type ErrWrongType struct { - wrapped error -} - -func (err *ErrWrongType) Error() string { - return fmt.Sprintf("wrong received type: %v", err.wrapped) -} - -func newErrWrongType(err error) error { - return &ErrWrongType{wrapped: err} -} - // ErrOther denotes some other kind of weird error, perhaps from a malformed json // or some other weird crapola. type ErrOther struct { diff --git a/internal/federation/dereferencing/status.go b/internal/federation/dereferencing/status.go @@ -19,14 +19,11 @@ package dereferencing import ( "context" - "encoding/json" "errors" "fmt" "net/url" "strings" - "github.com/superseriousbusiness/activity/streams" - "github.com/superseriousbusiness/activity/streams/vocab" "github.com/superseriousbusiness/gotosocial/internal/ap" "github.com/superseriousbusiness/gotosocial/internal/config" "github.com/superseriousbusiness/gotosocial/internal/db" @@ -161,78 +158,10 @@ func (d *deref) dereferenceStatusable(ctx context.Context, tsport transport.Tran b, err := tsport.Dereference(ctx, remoteStatusID) if err != nil { - return nil, fmt.Errorf("DereferenceStatusable: error deferencing %s: %s", remoteStatusID.String(), err) + return nil, fmt.Errorf("dereferenceStatusable: error deferencing %s: %w", remoteStatusID.String(), err) } - m := make(map[string]interface{}) - if err := json.Unmarshal(b, &m); err != nil { - return nil, fmt.Errorf("DereferenceStatusable: error unmarshalling bytes into json: %s", err) - } - - t, err := streams.ToType(ctx, m) - if err != nil { - return nil, fmt.Errorf("DereferenceStatusable: error resolving json into ap vocab type: %s", err) - } - - // Article, Document, Image, Video, Note, Page, Event, Place, Mention, Profile - switch t.GetTypeName() { - case ap.ObjectArticle: - p, ok := t.(vocab.ActivityStreamsArticle) - if !ok { - return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsArticle") - } - return p, nil - case ap.ObjectDocument: - p, ok := t.(vocab.ActivityStreamsDocument) - if !ok { - return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsDocument") - } - return p, nil - case ap.ObjectImage: - p, ok := t.(vocab.ActivityStreamsImage) - if !ok { - return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsImage") - } - return p, nil - case ap.ObjectVideo: - p, ok := t.(vocab.ActivityStreamsVideo) - if !ok { - return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsVideo") - } - return p, nil - case ap.ObjectNote: - p, ok := t.(vocab.ActivityStreamsNote) - if !ok { - return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsNote") - } - return p, nil - case ap.ObjectPage: - p, ok := t.(vocab.ActivityStreamsPage) - if !ok { - return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsPage") - } - return p, nil - case ap.ObjectEvent: - p, ok := t.(vocab.ActivityStreamsEvent) - if !ok { - return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsEvent") - } - return p, nil - case ap.ObjectPlace: - p, ok := t.(vocab.ActivityStreamsPlace) - if !ok { - return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsPlace") - } - return p, nil - case ap.ObjectProfile: - p, ok := t.(vocab.ActivityStreamsProfile) - if !ok { - return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsProfile") - } - return p, nil - } - - return nil, newErrWrongType(fmt.Errorf("DereferenceStatusable: type name %s not supported as Statusable", t.GetTypeName())) + return ap.ResolveStatusable(ctx, b) } // populateStatusFields fetches all the information we temporarily pinned to an incoming diff --git a/internal/federation/federatingactor.go b/internal/federation/federatingactor.go @@ -19,133 +19,218 @@ package federation import ( "context" + "encoding/json" + "fmt" + "io" "net/http" "net/url" + "strings" + "codeberg.org/gruf/go-kv" "github.com/superseriousbusiness/activity/pub" + "github.com/superseriousbusiness/activity/streams" "github.com/superseriousbusiness/activity/streams/vocab" + "github.com/superseriousbusiness/gotosocial/internal/ap" "github.com/superseriousbusiness/gotosocial/internal/log" ) -// federatingActor implements the go-fed federating protocol interface +// Potential incoming Content-Type header values; be +// lenient with whitespace and quotation mark placement. +var activityStreamsMediaTypes = []string{ + "application/activity+json", + "application/ld+json;profile=https://www.w3.org/ns/activitystreams", + "application/ld+json;profile=\"https://www.w3.org/ns/activitystreams\"", + "application/ld+json ;profile=https://www.w3.org/ns/activitystreams", + "application/ld+json ;profile=\"https://www.w3.org/ns/activitystreams\"", + "application/ld+json ; profile=https://www.w3.org/ns/activitystreams", + "application/ld+json ; profile=\"https://www.w3.org/ns/activitystreams\"", + "application/ld+json; profile=https://www.w3.org/ns/activitystreams", + "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"", +} + +// federatingActor wraps the pub.FederatingActor interface +// with some custom GoToSocial-specific logic. type federatingActor struct { - actor pub.FederatingActor + sideEffectActor pub.DelegateActor + wrapped pub.FederatingActor } -// newFederatingProtocol returns the gotosocial implementation of the GTSFederatingProtocol interface +// newFederatingProtocol returns a new federatingActor, which +// implements the pub.FederatingActor interface. func newFederatingActor(c pub.CommonBehavior, s2s pub.FederatingProtocol, db pub.Database, clock pub.Clock) pub.FederatingActor { - actor := pub.NewFederatingActor(c, s2s, db, clock) + sideEffectActor := pub.NewSideEffectActor(c, s2s, nil, db, clock) + customActor := pub.NewCustomActor(sideEffectActor, false, true, clock) return &federatingActor{ - actor: actor, + sideEffectActor: sideEffectActor, + wrapped: customActor, } } -// Send a federated activity. -// -// The provided url must be the outbox of the sender. All processing of -// the activity occurs similarly to the C2S flow: -// - If t is not an Activity, it is wrapped in a Create activity. -// - A new ID is generated for the activity. -// - The activity is added to the specified outbox. -// - The activity is prepared and delivered to recipients. -// -// Note that this function will only behave as expected if the -// implementation has been constructed to support federation. This -// method will guaranteed work for non-custom Actors. For custom actors, -// care should be used to not call this method if only C2S is supported. func (f *federatingActor) Send(c context.Context, outbox *url.URL, t vocab.Type) (pub.Activity, error) { log.Infof(c, "send activity %s via outbox %s", t.GetTypeName(), outbox) - return f.actor.Send(c, outbox, t) + return f.wrapped.Send(c, outbox, t) } -// PostInbox returns true if the request was handled as an ActivityPub -// POST to an actor's inbox. If false, the request was not an -// ActivityPub request and may still be handled by the caller in -// another way, such as serving a web page. -// -// If the error is nil, then the ResponseWriter's headers and response -// has already been written. If a non-nil error is returned, then no -// response has been written. -// -// If the Actor was constructed with the Federated Protocol enabled, -// side effects will occur. -// -// If the Federated Protocol is not enabled, writes the -// http.StatusMethodNotAllowed status code in the response. No side -// effects occur. func (f *federatingActor) PostInbox(c context.Context, w http.ResponseWriter, r *http.Request) (bool, error) { - return f.actor.PostInbox(c, w, r) + return f.PostInboxScheme(c, w, r, "https") } -// PostInboxScheme is similar to PostInbox, except clients are able to -// specify which protocol scheme to handle the incoming request and the -// data stored within the application (HTTP, HTTPS, etc). -func (f *federatingActor) PostInboxScheme(c context.Context, w http.ResponseWriter, r *http.Request, scheme string) (bool, error) { - return f.actor.PostInboxScheme(c, w, r, scheme) +// PostInboxScheme is a reimplementation of the default baseActor +// implementation of PostInboxScheme in pub/base_actor.go. +// +// Key differences from that implementation: +// - More explicit debug logging when a request is not processed. +// - Normalize content of activity object. +// - Return code 202 instead of 200 on successful POST, to reflect +// that we process most side effects asynchronously. +func (f *federatingActor) PostInboxScheme(ctx context.Context, w http.ResponseWriter, r *http.Request, scheme string) (bool, error) { + l := log. + WithContext(ctx). + WithFields([]kv.Field{ + {"userAgent", r.UserAgent()}, + {"path", r.URL.Path}, + }...) + + // Do nothing if this is not an ActivityPub POST request. + if !func() bool { + if r.Method != http.MethodPost { + l.Debugf("inbox request was %s rather than required POST", r.Method) + return false + } + + contentType := r.Header.Get("Content-Type") + for _, mediaType := range activityStreamsMediaTypes { + if strings.Contains(contentType, mediaType) { + return true + } + } + + l.Debugf("inbox POST request content-type %s was not recognized", contentType) + return false + }() { + return false, nil + } + + // Check the peer request is authentic. + ctx, authenticated, err := f.sideEffectActor.AuthenticatePostInbox(ctx, w, r) + if err != nil { + return true, err + } else if !authenticated { + return true, nil + } + + // Begin processing the request, but note that we have + // not yet applied authorization (ex: blocks). + // + // Obtain the activity and reject unknown activities. + b, err := io.ReadAll(r.Body) + if err != nil { + err = fmt.Errorf("PostInboxScheme: error reading request body: %w", err) + return true, err + } + + var rawActivity map[string]interface{} + if err := json.Unmarshal(b, &rawActivity); err != nil { + err = fmt.Errorf("PostInboxScheme: error unmarshalling request body: %w", err) + return true, err + } + + t, err := streams.ToType(ctx, rawActivity) + if err != nil { + if !streams.IsUnmatchedErr(err) { + // Real error. + err = fmt.Errorf("PostInboxScheme: error matching json to type: %w", err) + return true, err + } + // Respond with bad request; we just couldn't + // match the type to one that we know about. + l.Debug("json could not be resolved to ActivityStreams value") + w.WriteHeader(http.StatusBadRequest) + return true, nil + } + + activity, ok := t.(pub.Activity) + if !ok { + err = fmt.Errorf("ActivityStreams value with type %T is not a pub.Activity", t) + return true, err + } + + if activity.GetJSONLDId() == nil { + l.Debugf("incoming Activity %s did not have required id property set", activity.GetTypeName()) + w.WriteHeader(http.StatusBadRequest) + return true, nil + } + + // If activity Object is a Statusable, we'll want to replace the + // parsed `content` value with the value from the raw JSON instead. + // See https://github.com/superseriousbusiness/gotosocial/issues/1661 + ap.NormalizeActivityObject(activity, rawActivity) + + // Allow server implementations to set context data with a hook. + ctx, err = f.sideEffectActor.PostInboxRequestBodyHook(ctx, r, activity) + if err != nil { + return true, err + } + + // Check authorization of the activity. + authorized, err := f.sideEffectActor.AuthorizePostInbox(ctx, w, activity) + if err != nil { + return true, err + } else if !authorized { + return true, nil + } + + // Copy existing URL + add request host and scheme. + inboxID := func() *url.URL { + id := &url.URL{} + *id = *r.URL + id.Host = r.Host + id.Scheme = scheme + return id + }() + + // Post the activity to the actor's inbox and trigger side effects for + // that particular Activity type. It is up to the delegate to resolve + // the given map. + if err := f.sideEffectActor.PostInbox(ctx, inboxID, activity); err != nil { + // Special case: We know it is a bad request if the object or + // target properties needed to be populated, but weren't. + // + // Send the rejection to the peer. + if err == pub.ErrObjectRequired || err == pub.ErrTargetRequired { + l.Debugf("malformed incoming Activity: %s", err) + w.WriteHeader(http.StatusBadRequest) + return true, nil + } + err = fmt.Errorf("PostInboxScheme: error calling sideEffectActor.PostInbox: %w", err) + return true, err + } + + // Our side effects are complete, now delegate determining whether to do inbox forwarding, as well as the action to do it. + if err := f.sideEffectActor.InboxForwarding(ctx, inboxID, activity); err != nil { + err = fmt.Errorf("PostInboxScheme: error calling sideEffectActor.InboxForwarding: %w", err) + return true, err + } + + // Request is now undergoing processing. + // Respond with an Accepted status. + w.WriteHeader(http.StatusAccepted) + return true, nil } -// GetInbox returns true if the request was handled as an ActivityPub -// GET to an actor's inbox. If false, the request was not an ActivityPub -// request and may still be handled by the caller in another way, such -// as serving a web page. -// -// If the error is nil, then the ResponseWriter's headers and response -// has already been written. If a non-nil error is returned, then no -// response has been written. -// -// If the request is an ActivityPub request, the Actor will defer to the -// application to determine the correct authorization of the request and -// the resulting OrderedCollection to respond with. The Actor handles -// serializing this OrderedCollection and responding with the correct -// headers and http.StatusOK. func (f *federatingActor) GetInbox(c context.Context, w http.ResponseWriter, r *http.Request) (bool, error) { - return f.actor.GetInbox(c, w, r) + return f.wrapped.GetInbox(c, w, r) } -// PostOutbox returns true if the request was handled as an ActivityPub -// POST to an actor's outbox. If false, the request was not an -// ActivityPub request and may still be handled by the caller in another -// way, such as serving a web page. -// -// If the error is nil, then the ResponseWriter's headers and response -// has already been written. If a non-nil error is returned, then no -// response has been written. -// -// If the Actor was constructed with the Social Protocol enabled, side -// effects will occur. -// -// If the Social Protocol is not enabled, writes the -// http.StatusMethodNotAllowed status code in the response. No side -// effects occur. -// -// If the Social and Federated Protocol are both enabled, it will handle -// the side effects of receiving an ActivityStream Activity, and then -// federate the Activity to peers. func (f *federatingActor) PostOutbox(c context.Context, w http.ResponseWriter, r *http.Request) (bool, error) { - return f.actor.PostOutbox(c, w, r) + return f.wrapped.PostOutbox(c, w, r) } -// PostOutboxScheme is similar to PostOutbox, except clients are able to -// specify which protocol scheme to handle the incoming request and the -// data stored within the application (HTTP, HTTPS, etc). func (f *federatingActor) PostOutboxScheme(c context.Context, w http.ResponseWriter, r *http.Request, scheme string) (bool, error) { - return f.actor.PostOutboxScheme(c, w, r, scheme) + return f.wrapped.PostOutboxScheme(c, w, r, scheme) } -// GetOutbox returns true if the request was handled as an ActivityPub -// GET to an actor's outbox. If false, the request was not an -// ActivityPub request. -// -// If the error is nil, then the ResponseWriter's headers and response -// has already been written. If a non-nil error is returned, then no -// response has been written. -// -// If the request is an ActivityPub request, the Actor will defer to the -// application to determine the correct authorization of the request and -// the resulting OrderedCollection to respond with. The Actor handles -// serializing this OrderedCollection and responding with the correct -// headers and http.StatusOK. func (f *federatingActor) GetOutbox(c context.Context, w http.ResponseWriter, r *http.Request) (bool, error) { - return f.actor.GetOutbox(c, w, r) + return f.wrapped.GetOutbox(c, w, r) } diff --git a/internal/federation/federatingprotocol.go b/internal/federation/federatingprotocol.go @@ -24,7 +24,6 @@ import ( "net/http" "net/url" - "codeberg.org/gruf/go-kv" "github.com/superseriousbusiness/activity/pub" "github.com/superseriousbusiness/activity/streams" "github.com/superseriousbusiness/activity/streams/vocab" @@ -138,74 +137,80 @@ func (f *federator) PostInboxRequestBodyHook(ctx context.Context, r *http.Reques // authenticated must be true and error nil. The request will continue // to be processed. func (f *federator) AuthenticatePostInbox(ctx context.Context, w http.ResponseWriter, r *http.Request) (context.Context, bool, error) { - l := log.WithContext(ctx). - WithFields(kv.Fields{ - {"useragent", r.UserAgent()}, - {"url", r.URL.String()}, - }...) - l.Trace("received request to authenticate") - - if !uris.IsInboxPath(r.URL) { - return nil, false, fmt.Errorf("path %s was not an inbox path", r.URL.String()) - } + log.Tracef(ctx, "received request to authenticate inbox %s", r.URL.String()) + // Ensure this is an inbox path, and fetch the inbox owner + // account by parsing username from `/users/{username}/inbox`. username, err := uris.ParseInboxPath(r.URL) if err != nil { - return nil, false, fmt.Errorf("could not parse path %s: %s", r.URL.String(), err) + err = fmt.Errorf("AuthenticatePostInbox: could not parse %s as inbox path: %w", r.URL.String(), err) + return nil, false, err } if username == "" { - return nil, false, errors.New("username was empty") + err = errors.New("AuthenticatePostInbox: inbox username was empty") + return nil, false, err } receivingAccount, err := f.db.GetAccountByUsernameDomain(ctx, username, "") if err != nil { - return nil, false, fmt.Errorf("could not fetch receiving account with username %s: %s", username, err) + err = fmt.Errorf("AuthenticatePostInbox: could not fetch receiving account %s: %w", username, err) + return nil, false, err } + // Check who's delivering by inspecting the http signature. publicKeyOwnerURI, errWithCode := f.AuthenticateFederatedRequest(ctx, receivingAccount.Username) if errWithCode != nil { switch errWithCode.Code() { case http.StatusUnauthorized, http.StatusForbidden, http.StatusBadRequest: - // if 400, 401, or 403, obey the interface by writing the header and bailing + // If codes 400, 401, or 403, obey the go-fed + // interface by writing the header and bailing. w.WriteHeader(errWithCode.Code()) return ctx, false, nil case http.StatusGone: - // if the requesting account has gone (http 410) then likely - // inbox post was a delete, we can just write 202 and leave, - // since we didn't know about the account anyway, so we can't - // do any further processing + // If the requesting account's key has gone + // (410) then likely inbox post was a delete. + // + // We can just write 202 and leave: we didn't + // know about the account anyway, so we can't + // do any further processing. w.WriteHeader(http.StatusAccepted) return ctx, false, nil default: - // if not, there's been a proper error + // Proper error. return ctx, false, err } } - // authentication has passed, so add an instance entry for this instance if it hasn't been done already - i := &gtsmodel.Instance{} - if err := f.db.GetWhere(ctx, []db.Where{{Key: "domain", Value: publicKeyOwnerURI.Host}}, i); err != nil { - if err != db.ErrNoEntries { - // there's been an actual error - return ctx, false, fmt.Errorf("error getting requesting account with public key id %s: %s", publicKeyOwnerURI.String(), err) + // Authentication has passed, check if we need to create a + // new instance entry for the Host of the requesting account. + if _, err := f.db.GetInstance(ctx, publicKeyOwnerURI.Host); err != nil { + if !errors.Is(err, db.ErrNoEntries) { + // There's been an actual error. + err = fmt.Errorf("AuthenticatePostInbox: error getting instance %s: %w", publicKeyOwnerURI.Host, err) + return ctx, false, err } - // we don't have an entry for this instance yet so dereference it - i, err = f.GetRemoteInstance(transport.WithFastfail(ctx), username, &url.URL{ + // We don't yet have an entry for + // the instance, go dereference it. + instance, err := f.GetRemoteInstance(transport.WithFastfail(ctx), username, &url.URL{ Scheme: publicKeyOwnerURI.Scheme, Host: publicKeyOwnerURI.Host, }) if err != nil { - return nil, false, fmt.Errorf("could not dereference new remote instance %s during AuthenticatePostInbox: %s", publicKeyOwnerURI.Host, err) + err = fmt.Errorf("AuthenticatePostInbox: error dereferencing instance %s: %w", publicKeyOwnerURI.Host, err) + return nil, false, err } - // and put it in the db - if err := f.db.Put(ctx, i); err != nil { - return nil, false, fmt.Errorf("error inserting newly dereferenced instance %s: %s", publicKeyOwnerURI.Host, err) + if err := f.db.Put(ctx, instance); err != nil { + err = fmt.Errorf("AuthenticatePostInbox: error inserting instance entry for %s: %w", publicKeyOwnerURI.Host, err) + return nil, false, err } } + // We know the public key owner URI now, so we can + // dereference the remote account (or just get it + // from the db if we already have it). requestingAccount, err := f.GetAccountByURI( transport.WithFastfail(ctx), username, publicKeyOwnerURI, false, ) @@ -220,9 +225,12 @@ func (f *federator) AuthenticatePostInbox(ctx context.Context, w http.ResponseWr w.WriteHeader(http.StatusAccepted) return ctx, false, nil } - return nil, false, fmt.Errorf("couldn't get requesting account %s: %s", publicKeyOwnerURI, err) + err = fmt.Errorf("AuthenticatePostInbox: couldn't get requesting account %s: %w", publicKeyOwnerURI, err) + return nil, false, err } + // We have everything we need now, set the requesting + // and receiving accounts on the context for later use. withRequesting := context.WithValue(ctx, ap.ContextRequestingAccount, requestingAccount) withReceiving := context.WithValue(withRequesting, ap.ContextReceivingAccount, receivingAccount) return withReceiving, true, nil @@ -351,14 +359,15 @@ func (f *federator) Blocked(ctx context.Context, actorIRIs []*url.URL) (bool, er // type and extension. The unhandled ones are passed to DefaultCallback. func (f *federator) FederatingCallbacks(ctx context.Context) (wrapped pub.FederatingWrappedCallbacks, other []interface{}, err error) { wrapped = pub.FederatingWrappedCallbacks{ - // OnFollow determines what action to take for this particular callback - // if a Follow Activity is handled. + // OnFollow determines what action to take for this + // particular callback if a Follow Activity is handled. // - // For our implementation, we always want to do nothing because we have internal logic for handling follows. + // For our implementation, we always want to do nothing + // because we have internal logic for handling follows. OnFollow: pub.OnFollowDoNothing, } - // override some default behaviors and trigger our own side effects + // Override some default behaviors to trigger our own side effects. other = []interface{}{ func(ctx context.Context, undo vocab.ActivityStreamsUndo) error { return f.FederatingDB().Undo(ctx, undo) @@ -385,11 +394,7 @@ func (f *federator) FederatingCallbacks(ctx context.Context) (wrapped pub.Federa // type and extension, so the unhandled ones are passed to // DefaultCallback. func (f *federator) DefaultCallback(ctx context.Context, activity pub.Activity) error { - l := log.WithContext(ctx). - WithFields(kv.Fields{ - {"aptype", activity.GetTypeName()}, - }...) - l.Debug("received unhandle-able activity type so ignoring it") + log.Debugf(ctx, "received unhandle-able activity type (%s) so ignoring it", activity.GetTypeName()) return nil } diff --git a/internal/federation/handshake.go b/internal/federation/handshake.go @@ -1,18 +0,0 @@ -// GoToSocial -// Copyright (C) GoToSocial Authors admin@gotosocial.org -// SPDX-License-Identifier: AGPL-3.0-or-later -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU Affero General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU Affero General Public License for more details. -// -// You should have received a copy of the GNU Affero General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -package federation diff --git a/internal/processing/search.go b/internal/processing/search.go @@ -25,6 +25,7 @@ import ( "strings" "codeberg.org/gruf/go-kv" + "github.com/superseriousbusiness/gotosocial/internal/ap" apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model" "github.com/superseriousbusiness/gotosocial/internal/config" "github.com/superseriousbusiness/gotosocial/internal/db" @@ -131,9 +132,10 @@ func (p *Processor) SearchGet(ctx context.Context, authed *oauth.Auth, search *a // check if it's a status... foundStatus, err := p.searchStatusByURI(ctx, authed, uri) if err != nil { + // Check for semi-expected error types. var ( errNotRetrievable *dereferencing.ErrNotRetrievable - errWrongType *dereferencing.ErrWrongType + errWrongType *ap.ErrWrongType ) if !errors.As(err, &errNotRetrievable) && !errors.As(err, &errWrongType) { return nil, gtserror.NewErrorInternalError(fmt.Errorf("error looking up status: %w", err)) @@ -148,9 +150,10 @@ func (p *Processor) SearchGet(ctx context.Context, authed *oauth.Auth, search *a if !foundOne { foundAccount, err := p.searchAccountByURI(ctx, authed, uri, search.Resolve) if err != nil { + // Check for semi-expected error types. var ( errNotRetrievable *dereferencing.ErrNotRetrievable - errWrongType *dereferencing.ErrWrongType + errWrongType *ap.ErrWrongType ) if !errors.As(err, &errNotRetrievable) && !errors.As(err, &errWrongType) { return nil, gtserror.NewErrorInternalError(fmt.Errorf("error looking up account: %w", err)) diff --git a/vendor/github.com/superseriousbusiness/activity/pub/base_actor.go b/vendor/github.com/superseriousbusiness/activity/pub/base_actor.go @@ -67,7 +67,8 @@ func NewSocialActor(c CommonBehavior, db Database, clock Clock) Actor { return &baseActor{ - delegate: &sideEffectActor{ + // Use SideEffectActor without s2s. + delegate: &SideEffectActor{ common: c, c2s: c2s, db: db, @@ -96,7 +97,8 @@ func NewFederatingActor(c CommonBehavior, clock Clock) FederatingActor { return &baseActorFederating{ baseActor{ - delegate: &sideEffectActor{ + // Use SideEffectActor without c2s. + delegate: &SideEffectActor{ common: c, s2s: s2s, db: db, @@ -124,13 +126,7 @@ func NewActor(c CommonBehavior, clock Clock) FederatingActor { return &baseActorFederating{ baseActor{ - delegate: &sideEffectActor{ - common: c, - c2s: c2s, - s2s: s2s, - db: db, - clock: clock, - }, + delegate: NewSideEffectActor(c, s2s, c2s, db, clock), enableSocialProtocol: true, enableFederatedProtocol: true, clock: clock, @@ -147,6 +143,9 @@ func NewActor(c CommonBehavior, // // It is possible to create a DelegateActor that is not ActivityPub compliant. // Use with due care. +// +// If you find yourself passing a SideEffectActor in as the DelegateActor, +// consider using NewActor, NewFederatingActor, or NewSocialActor instead. func NewCustomActor(delegate DelegateActor, enableSocialProtocol, enableFederatedProtocol bool, clock Clock) FederatingActor { diff --git a/vendor/github.com/superseriousbusiness/activity/pub/side_effect_actor.go b/vendor/github.com/superseriousbusiness/activity/pub/side_effect_actor.go @@ -12,16 +12,16 @@ import ( ) // sideEffectActor must satisfy the DelegateActor interface. -var _ DelegateActor = &sideEffectActor{} +var _ DelegateActor = &SideEffectActor{} -// sideEffectActor is a DelegateActor that handles the ActivityPub +// SideEffectActor is a DelegateActor that handles the ActivityPub // implementation side effects, but requires a more opinionated application to // be written. // -// Note that when using the sideEffectActor with an application that good-faith +// Note that when using the SideEffectActor with an application that good-faith // implements its required interfaces, the ActivityPub specification is // guaranteed to be correctly followed. -type sideEffectActor struct { +type SideEffectActor struct { common CommonBehavior s2s FederatingProtocol c2s SocialProtocol @@ -29,49 +29,73 @@ type sideEffectActor struct { clock Clock } +// NewSideEffectActor returns a new SideEffectActor, which satisfies the +// DelegateActor interface. Most of the time you will not need to call this +// function, and should instead rely on the NewSocialActor, NewFederatingActor, +// and NewActor functions, all of which use a SideEffectActor under the hood. +// Nevertheless, this function is exposed in case application developers need +// a SideEffectActor for some other reason (tests, monkey patches, etc). +// +// If you are using the returned SideEffectActor for federation, ensure that s2s +// is not nil. Likewise, if you are using it for the social protocol, ensure +// that c2s is not nil. +func NewSideEffectActor(c CommonBehavior, + s2s FederatingProtocol, + c2s SocialProtocol, + db Database, + clock Clock) *SideEffectActor { + return &SideEffectActor{ + common: c, + s2s: s2s, + c2s: c2s, + db: db, + clock: clock, + } +} + // PostInboxRequestBodyHook defers to the delegate. -func (a *sideEffectActor) PostInboxRequestBodyHook(c context.Context, r *http.Request, activity Activity) (context.Context, error) { +func (a *SideEffectActor) PostInboxRequestBodyHook(c context.Context, r *http.Request, activity Activity) (context.Context, error) { return a.s2s.PostInboxRequestBodyHook(c, r, activity) } // PostOutboxRequestBodyHook defers to the delegate. -func (a *sideEffectActor) PostOutboxRequestBodyHook(c context.Context, r *http.Request, data vocab.Type) (context.Context, error) { +func (a *SideEffectActor) PostOutboxRequestBodyHook(c context.Context, r *http.Request, data vocab.Type) (context.Context, error) { return a.c2s.PostOutboxRequestBodyHook(c, r, data) } // AuthenticatePostInbox defers to the delegate to authenticate the request. -func (a *sideEffectActor) AuthenticatePostInbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) { +func (a *SideEffectActor) AuthenticatePostInbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) { return a.s2s.AuthenticatePostInbox(c, w, r) } // AuthenticateGetInbox defers to the delegate to authenticate the request. -func (a *sideEffectActor) AuthenticateGetInbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) { +func (a *SideEffectActor) AuthenticateGetInbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) { return a.common.AuthenticateGetInbox(c, w, r) } // AuthenticatePostOutbox defers to the delegate to authenticate the request. -func (a *sideEffectActor) AuthenticatePostOutbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) { +func (a *SideEffectActor) AuthenticatePostOutbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) { return a.c2s.AuthenticatePostOutbox(c, w, r) } // AuthenticateGetOutbox defers to the delegate to authenticate the request. -func (a *sideEffectActor) AuthenticateGetOutbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) { +func (a *SideEffectActor) AuthenticateGetOutbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) { return a.common.AuthenticateGetOutbox(c, w, r) } // GetOutbox delegates to the SocialProtocol. -func (a *sideEffectActor) GetOutbox(c context.Context, r *http.Request) (vocab.ActivityStreamsOrderedCollectionPage, error) { +func (a *SideEffectActor) GetOutbox(c context.Context, r *http.Request) (vocab.ActivityStreamsOrderedCollectionPage, error) { return a.common.GetOutbox(c, r) } // GetInbox delegates to the FederatingProtocol. -func (a *sideEffectActor) GetInbox(c context.Context, r *http.Request) (vocab.ActivityStreamsOrderedCollectionPage, error) { +func (a *SideEffectActor) GetInbox(c context.Context, r *http.Request) (vocab.ActivityStreamsOrderedCollectionPage, error) { return a.s2s.GetInbox(c, r) } // AuthorizePostInbox defers to the federating protocol whether the peer request // is authorized based on the actors' ids. -func (a *sideEffectActor) AuthorizePostInbox(c context.Context, w http.ResponseWriter, activity Activity) (authorized bool, err error) { +func (a *SideEffectActor) AuthorizePostInbox(c context.Context, w http.ResponseWriter, activity Activity) (authorized bool, err error) { authorized = false actor := activity.GetActivityStreamsActor() if actor == nil { @@ -105,7 +129,7 @@ func (a *sideEffectActor) AuthorizePostInbox(c context.Context, w http.ResponseW // PostInbox handles the side effects of determining whether to block the peer's // request, adding the activity to the actor's inbox, and triggering side // effects based on the activity's type. -func (a *sideEffectActor) PostInbox(c context.Context, inboxIRI *url.URL, activity Activity) error { +func (a *SideEffectActor) PostInbox(c context.Context, inboxIRI *url.URL, activity Activity) error { isNew, err := a.addToInboxIfNew(c, inboxIRI, activity) if err != nil { return err @@ -142,7 +166,7 @@ func (a *sideEffectActor) PostInbox(c context.Context, inboxIRI *url.URL, activi // outbound requests as a side effect. // // InboxForwarding sets the federated data in the database. -func (a *sideEffectActor) InboxForwarding(c context.Context, inboxIRI *url.URL, activity Activity) error { +func (a *SideEffectActor) InboxForwarding(c context.Context, inboxIRI *url.URL, activity Activity) error { // 1. Must be first time we have seen this Activity. // // Obtain the id of the activity @@ -322,7 +346,7 @@ func (a *sideEffectActor) InboxForwarding(c context.Context, inboxIRI *url.URL, // // This implementation assumes all types are meant to be delivered except for // the ActivityStreams Block type. -func (a *sideEffectActor) PostOutbox(c context.Context, activity Activity, outboxIRI *url.URL, rawJSON map[string]interface{}) (deliverable bool, err error) { +func (a *SideEffectActor) PostOutbox(c context.Context, activity Activity, outboxIRI *url.URL, rawJSON map[string]interface{}) (deliverable bool, err error) { // TODO: Determine this if c2s is nil deliverable = true if a.c2s != nil { @@ -363,7 +387,7 @@ func (a *sideEffectActor) PostOutbox(c context.Context, activity Activity, outbo // AddNewIDs creates new 'id' entries on an activity and its objects if it is a // Create activity. -func (a *sideEffectActor) AddNewIDs(c context.Context, activity Activity) error { +func (a *SideEffectActor) AddNewIDs(c context.Context, activity Activity) error { id, err := a.db.NewID(c, activity) if err != nil { return err @@ -399,7 +423,7 @@ func (a *sideEffectActor) AddNewIDs(c context.Context, activity Activity) error // another server. // // Must be called if at least the federated protocol is supported. -func (a *sideEffectActor) Deliver(c context.Context, outboxIRI *url.URL, activity Activity) error { +func (a *SideEffectActor) Deliver(c context.Context, outboxIRI *url.URL, activity Activity) error { recipients, err := a.prepare(c, outboxIRI, activity) if err != nil { return err @@ -408,7 +432,7 @@ func (a *sideEffectActor) Deliver(c context.Context, outboxIRI *url.URL, activit } // WrapInCreate wraps an object with a Create activity. -func (a *sideEffectActor) WrapInCreate(c context.Context, obj vocab.Type, outboxIRI *url.URL) (create vocab.ActivityStreamsCreate, err error) { +func (a *SideEffectActor) WrapInCreate(c context.Context, obj vocab.Type, outboxIRI *url.URL) (create vocab.ActivityStreamsCreate, err error) { var unlock func() unlock, err = a.db.Lock(c, outboxIRI) if err != nil { @@ -426,7 +450,7 @@ func (a *sideEffectActor) WrapInCreate(c context.Context, obj vocab.Type, outbox // deliverToRecipients will take a prepared Activity and send it to specific // recipients on behalf of an actor. -func (a *sideEffectActor) deliverToRecipients(c context.Context, boxIRI *url.URL, activity Activity, recipients []*url.URL) error { +func (a *SideEffectActor) deliverToRecipients(c context.Context, boxIRI *url.URL, activity Activity, recipients []*url.URL) error { m, err := streams.Serialize(activity) if err != nil { return err @@ -444,7 +468,7 @@ func (a *sideEffectActor) deliverToRecipients(c context.Context, boxIRI *url.URL // addToOutbox adds the activity to the outbox and creates the activity in the // internal database as its own entry. -func (a *sideEffectActor) addToOutbox(c context.Context, outboxIRI *url.URL, activity Activity) error { +func (a *SideEffectActor) addToOutbox(c context.Context, outboxIRI *url.URL, activity Activity) error { // Set the activity in the database first. id := activity.GetJSONLDId() unlock, err := a.db.Lock(c, id.Get()) @@ -488,7 +512,7 @@ func (a *sideEffectActor) addToOutbox(c context.Context, outboxIRI *url.URL, act // It does not add the activity to this database's know federated data. // // Returns true when the activity is novel. -func (a *sideEffectActor) addToInboxIfNew(c context.Context, inboxIRI *url.URL, activity Activity) (isNew bool, err error) { +func (a *SideEffectActor) addToInboxIfNew(c context.Context, inboxIRI *url.URL, activity Activity) (isNew bool, err error) { // Acquire a lock to read the inbox. Defer release. var unlock func() unlock, err = a.db.Lock(c, inboxIRI) @@ -528,7 +552,7 @@ func (a *sideEffectActor) addToInboxIfNew(c context.Context, inboxIRI *url.URL, // // Recursion may be limited by providing a 'maxDepth' greater than zero. A // value of zero or a negative number will result in infinite recursion. -func (a *sideEffectActor) hasInboxForwardingValues(c context.Context, inboxIRI *url.URL, val vocab.Type, maxDepth, currDepth int) (bool, error) { +func (a *SideEffectActor) hasInboxForwardingValues(c context.Context, inboxIRI *url.URL, val vocab.Type, maxDepth, currDepth int) (bool, error) { // Stop recurring if we are exceeding the maximum depth and the maximum // is a positive number. if maxDepth > 0 && currDepth >= maxDepth { @@ -615,7 +639,7 @@ func (a *sideEffectActor) hasInboxForwardingValues(c context.Context, inboxIRI * // hidden recipients ("bto" and "bcc") stripped from it. // // Only call if both the social and federated protocol are supported. -func (a *sideEffectActor) prepare(c context.Context, outboxIRI *url.URL, activity Activity) (r []*url.URL, err error) { +func (a *SideEffectActor) prepare(c context.Context, outboxIRI *url.URL, activity Activity) (r []*url.URL, err error) { // Get inboxes of recipients if to := activity.GetActivityStreamsTo(); to != nil { for iter := to.Begin(); iter != to.End(); iter = iter.Next() { @@ -774,7 +798,7 @@ func (a *sideEffectActor) prepare(c context.Context, outboxIRI *url.URL, activit // dereference the collection, WITH the user's credentials. // // Note that this also applies to CollectionPage and OrderedCollectionPage. -func (a *sideEffectActor) resolveActors(c context.Context, t Transport, r []*url.URL, depth, maxDepth int) (actors []vocab.Type, err error) { +func (a *SideEffectActor) resolveActors(c context.Context, t Transport, r []*url.URL, depth, maxDepth int) (actors []vocab.Type, err error) { if maxDepth > 0 && depth >= maxDepth { return } @@ -806,7 +830,7 @@ func (a *sideEffectActor) resolveActors(c context.Context, t Transport, r []*url // // The returned actor could be nil, if it wasn't an actor (ex: a Collection or // OrderedCollection). -func (a *sideEffectActor) dereferenceForResolvingInboxes(c context.Context, t Transport, actorIRI *url.URL) (actor vocab.Type, moreActorIRIs []*url.URL, err error) { +func (a *SideEffectActor) dereferenceForResolvingInboxes(c context.Context, t Transport, actorIRI *url.URL) (actor vocab.Type, moreActorIRIs []*url.URL, err error) { var resp []byte resp, err = t.Dereference(c, actorIRI) if err != nil { diff --git a/vendor/modules.txt b/vendor/modules.txt @@ -445,7 +445,7 @@ github.com/stretchr/testify/suite # github.com/subosito/gotenv v1.4.2 ## explicit; go 1.18 github.com/subosito/gotenv -# github.com/superseriousbusiness/activity v1.2.1-gts +# github.com/superseriousbusiness/activity v1.2.2-gts ## explicit; go 1.18 github.com/superseriousbusiness/activity/pub github.com/superseriousbusiness/activity/streams