diff options
54 files changed, 1666 insertions, 97 deletions
diff --git a/config/config.exs b/config/config.exs index 01109b30f..e6c695215 100644 --- a/config/config.exs +++ b/config/config.exs @@ -27,7 +27,8 @@ config :logger, :console, metadata: [:request_id] config :mime, :types, %{ - "application/xrd+xml" => ["xrd+xml"] + "application/xrd+xml" => ["xrd+xml"], + "application/activity+json" => ["activity+json"] } config :pleroma, :websub, Pleroma.Web.Websub diff --git a/lib/pleroma/activity.ex b/lib/pleroma/activity.ex index afd09982f..a8154859a 100644 --- a/lib/pleroma/activity.ex +++ b/lib/pleroma/activity.ex @@ -7,6 +7,7 @@ defmodule Pleroma.Activity do field :data, :map field :local, :boolean, default: true field :actor, :string + field :recipients, {:array, :string} has_many :notifications, Notification, on_delete: :delete_all timestamps() diff --git a/lib/pleroma/plugs/http_signature.ex b/lib/pleroma/plugs/http_signature.ex new file mode 100644 index 000000000..b1e0d91a7 --- /dev/null +++ b/lib/pleroma/plugs/http_signature.ex @@ -0,0 +1,23 @@ +defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do + alias Pleroma.Web.HTTPSignatures + import Plug.Conn + + def init(options) do + options + end + + def call(%{assigns: %{valid_signature: true}} = conn, opts) do + conn + end + + def call(conn, opts) do + if get_req_header(conn, "signature") do + conn = conn + |> put_req_header("(request-target)", String.downcase("#{conn.method} #{conn.request_path}")) + + assign(conn, :valid_signature, HTTPSignatures.validate_conn(conn)) + else + conn + end + end +end diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 81cec8265..bc7f2601f 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -80,9 +80,15 @@ defmodule Pleroma.User do |> validate_length(:name, max: 100) |> put_change(:local, false) if changes.valid? do - followers = User.ap_followers(%User{nickname: changes.changes[:nickname]}) - changes - |> put_change(:follower_address, followers) + case changes.changes[:info]["source_data"] do + %{"followers" => followers} -> + changes + |> put_change(:follower_address, followers) + _ -> + followers = User.ap_followers(%User{nickname: changes.changes[:nickname]}) + changes + |> put_change(:follower_address, followers) + end else changes end @@ -144,11 +150,12 @@ defmodule Pleroma.User do def follow(%User{} = follower, %User{info: info} = followed) do ap_followers = followed.follower_address + if following?(follower, followed) or info["deactivated"] do {:error, "Could not follow user: #{followed.nickname} is already on your list."} else - if !followed.local && follower.local do + if !followed.local && follower.local && !ap_enabled?(followed) do Websub.subscribe(follower, followed) end @@ -221,12 +228,21 @@ defmodule Pleroma.User do Cachex.get!(:user_cache, key, fallback: fn(_) -> user_info(user) end) end + def fetch_by_nickname(nickname) do + ap_try = ActivityPub.make_user_from_nickname(nickname) + + case ap_try do + {:ok, user} -> {:ok, user} + _ -> OStatus.make_user(nickname) + end + end + def get_or_fetch_by_nickname(nickname) do with %User{} = user <- get_by_nickname(nickname) do user else _e -> with [_nick, _domain] <- String.split(nickname, "@"), - {:ok, user} <- OStatus.make_user(nickname) do + {:ok, user} <- fetch_by_nickname(nickname) do user else _e -> nil end @@ -288,7 +304,7 @@ defmodule Pleroma.User do update_and_set_cache(cs) end - def get_notified_from_activity(%Activity{data: %{"to" => to}}) do + def get_notified_from_activity(%Activity{recipients: to}) do query = from u in User, where: u.ap_id in ^to, where: u.local == true @@ -296,7 +312,7 @@ defmodule Pleroma.User do Repo.all(query) end - def get_recipients_from_activity(%Activity{data: %{"to" => to}}) do + def get_recipients_from_activity(%Activity{recipients: to}) do query = from u in User, where: u.ap_id in ^to, or_where: fragment("? \\\?| ?", u.following, ^to) @@ -376,4 +392,49 @@ defmodule Pleroma.User do :ok end + + def get_or_fetch_by_ap_id(ap_id) do + if user = get_by_ap_id(ap_id) do + user + else + with {:ok, user} <- ActivityPub.make_user_from_ap_id(ap_id) do + user + end + end + end + + # AP style + def public_key_from_info(%{"source_data" => %{"publicKey" => %{"publicKeyPem" => public_key_pem}}}) do + key = :public_key.pem_decode(public_key_pem) + |> hd() + |> :public_key.pem_entry_decode() + + {:ok, key} + end + + # OStatus Magic Key + def public_key_from_info(%{"magic_key" => magic_key}) do + {:ok, Pleroma.Web.Salmon.decode_key(magic_key)} + end + + def get_public_key_for_ap_id(ap_id) do + with %User{} = user <- get_or_fetch_by_ap_id(ap_id), + {:ok, public_key} <- public_key_from_info(user.info) do + {:ok, public_key} + else + _ -> :error + end + end + + defp blank?(""), do: nil + defp blank?(n), do: n + + def insert_or_update_user(data) do + data = data + |> Map.put(:name, blank?(data[:name]) || data[:nickname]) + cs = User.remote_user_creation(data) + Repo.insert(cs, on_conflict: :replace_all, conflict_target: :nickname) + end + + def ap_enabled?(%User{info: info}), do: info["ap_enabled"] end diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 421fd5cd7..554d3a008 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -1,14 +1,24 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do alias Pleroma.{Activity, Repo, Object, Upload, User, Notification} + alias Pleroma.Web.ActivityPub.Transmogrifier + alias Pleroma.Web.WebFinger + alias Pleroma.Web.Federator + alias Pleroma.Web.OStatus import Ecto.Query import Pleroma.Web.ActivityPub.Utils require Logger + @httpoison Application.get_env(:pleroma, :httpoison) + + def get_recipients(data) do + (data["to"] || []) ++ (data["cc"] || []) + end + def insert(map, local \\ true) when is_map(map) do with nil <- Activity.get_by_ap_id(map["id"]), map <- lazy_put_activity_defaults(map), :ok <- insert_full_object(map) do - {:ok, activity} = Repo.insert(%Activity{data: map, local: local, actor: map["actor"]}) + {:ok, activity} = Repo.insert(%Activity{data: map, local: local, actor: map["actor"], recipients: get_recipients(map)}) Notification.create_notifications(activity) stream_out(activity) {:ok, activity} @@ -30,7 +40,11 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do end end - def create(to, actor, context, object, additional \\ %{}, published \\ nil, local \\ true) do + def create(%{to: to, actor: actor, context: context, object: object} = params) do + additional = params[:additional] || %{} + local = !(params[:local] == false) # only accept false as false value + published = params[:published] + with create_data <- make_create_data(%{to: to, actor: actor, published: published, context: context, object: object}, additional), {:ok, activity} <- insert(create_data, local), :ok <- maybe_federate(activity) do @@ -38,6 +52,16 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do end end + def accept(%{to: to, actor: actor, object: object} = params) do + local = !(params[:local] == false) # only accept false as false value + + with data <- %{"to" => to, "type" => "Accept", "actor" => actor, "object" => object}, + {:ok, activity} <- insert(data, local), + :ok <- maybe_federate(activity) do + {:ok, activity} + end + end + # TODO: This is weird, maybe we shouldn't check here if we can make the activity. def like(%User{ap_id: ap_id} = user, %Object{data: %{"id" => _}} = object, activity_id \\ nil, local \\ true) do with nil <- get_existing_like(ap_id, object), @@ -62,7 +86,8 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do end def announce(%User{ap_id: _} = user, %Object{data: %{"id" => _}} = object, activity_id \\ nil, local \\ true) do - with announce_data <- make_announce_data(user, object, activity_id), + with true <- is_public?(object), + announce_data <- make_announce_data(user, object, activity_id), {:ok, activity} <- insert(announce_data, local), {:ok, object} <- add_announce_to_object(activity, object), :ok <- maybe_federate(activity) do @@ -106,16 +131,28 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do end def fetch_activities_for_context(context, opts \\ %{}) do - query = from activity in Activity, + public = ["https://www.w3.org/ns/activitystreams#Public"] + recipients = if opts["user"], do: [opts["user"].ap_id | opts["user"].following] ++ public, else: public + + query = from activity in Activity + query = query + |> restrict_blocked(opts) + |> restrict_recipients(recipients, opts["user"]) + + query = from activity in query, where: fragment("?->>'type' = ? and ?->>'context' = ?", activity.data, "Create", activity.data, ^context), order_by: [desc: :id] - query = restrict_blocked(query, opts) Repo.all(query) end def fetch_public_activities(opts \\ %{}) do - public = ["https://www.w3.org/ns/activitystreams#Public"] - fetch_activities(public, opts) + public = %{to: ["https://www.w3.org/ns/activitystreams#Public"]} + q = fetch_activities_query([], opts) + q = from activity in q, + where: fragment(~s(? @> ?), activity.data, ^public) + q + |> Repo.all + |> Enum.reverse end defp restrict_since(query, %{"since_id" => since_id}) do @@ -129,12 +166,15 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do end defp restrict_tag(query, _), do: query - defp restrict_recipients(query, recipients) do - Enum.reduce(recipients, query, fn (recipient, q) -> - map = %{ to: [recipient] } - from activity in q, - or_where: fragment(~s(? @> ?), activity.data, ^map) - end) + defp restrict_recipients(query, [], user), do: query + defp restrict_recipients(query, recipients, nil) do + from activity in query, + where: fragment("? && ?", ^recipients, activity.recipients) + end + defp restrict_recipients(query, recipients, user) do + from activity in query, + where: fragment("? && ?", ^recipients, activity.recipients), + or_where: activity.actor == ^user.ap_id end defp restrict_local(query, %{"local_only" => true}) do @@ -190,13 +230,13 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do end defp restrict_blocked(query, _), do: query - def fetch_activities(recipients, opts \\ %{}) do + def fetch_activities_query(recipients, opts \\ %{}) do base_query = from activity in Activity, limit: 20, order_by: [fragment("? desc nulls last", activity.id)] base_query - |> restrict_recipients(recipients) + |> restrict_recipients(recipients, opts["user"]) |> restrict_tag(opts) |> restrict_since(opts) |> restrict_local(opts) @@ -207,6 +247,10 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do |> restrict_recent(opts) |> restrict_blocked(opts) |> restrict_media(opts) + end + + def fetch_activities(recipients, opts \\ %{}) do + fetch_activities_query(recipients, opts) |> Repo.all |> Enum.reverse end @@ -215,4 +259,100 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do data = Upload.store(file) Repo.insert(%Object{data: data}) end + + def make_user_from_ap_id(ap_id) do + with {:ok, %{status_code: 200, body: body}} <- @httpoison.get(ap_id, ["Accept": "application/activity+json"]), + {:ok, data} <- Poison.decode(body) + do + user_data = %{ + ap_id: data["id"], + info: %{ + "ap_enabled" => true, + "source_data" => data + }, + nickname: "#{data["preferredUsername"]}@#{URI.parse(ap_id).host}", + name: data["name"] + } + + if user = User.get_by_ap_id(ap_id) do + User.info_changeset(user, user_data) + |> Repo.update + else + User.insert_or_update_user(user_data) + end + end + end + + def make_user_from_nickname(nickname) do + with {:ok, %{"ap_id" => ap_id}} when not is_nil(ap_id) <- WebFinger.finger(nickname) do + make_user_from_ap_id(ap_id) + end + end + + def publish(actor, activity) do + followers = if actor.follower_address in activity.recipients do + {:ok, followers} = User.get_followers(actor) + followers + else + [] + end + + remote_inboxes = (Pleroma.Web.Salmon.remote_users(activity) ++ followers) + |> Enum.filter(fn (user) -> User.ap_enabled?(user) end) + |> Enum.map(fn (%{info: %{"source_data" => data}}) -> + (data["endpoints"] && data["endpoints"]["sharedInbox"]) || data["inbox"] + end) + |> Enum.uniq + + {:ok, data} = Transmogrifier.prepare_outgoing(activity.data) + json = Poison.encode!(data) + Enum.each remote_inboxes, fn(inbox) -> + Federator.enqueue(:publish_single_ap, %{inbox: inbox, json: json, actor: actor, id: activity.data["id"]}) + end + end + + def publish_one(%{inbox: inbox, json: json, actor: actor, id: id}) do + Logger.info("Federating #{id} to #{inbox}") + host = URI.parse(inbox).host + signature = Pleroma.Web.HTTPSignatures.sign(actor, %{host: host, "content-length": byte_size(json)}) + @httpoison.post(inbox, json, [{"Content-Type", "application/activity+json"}, {"signature", signature}]) + end + + # TODO: + # This will create a Create activity, which we need internally at the moment. + def fetch_object_from_id(id) do + if object = Object.get_cached_by_ap_id(id) do + {:ok, object} + else + Logger.info("Fetching #{id} via AP") + with {:ok, %{body: body, status_code: code}} when code in 200..299 <- @httpoison.get(id, [Accept: "application/activity+json"], follow_redirect: true, timeout: 10000, recv_timeout: 20000), + {:ok, data} <- Poison.decode(body), + nil <- Object.get_by_ap_id(data["id"]), + params <- %{"type" => "Create", "to" => data["to"], "cc" => data["cc"], "actor" => data["attributedTo"], "object" => data}, + {:ok, activity} <- Transmogrifier.handle_incoming(params) do + {:ok, Object.get_by_ap_id(activity.data["object"]["id"])} + else + object = %Object{} -> {:ok, object} + e -> + Logger.info("Couldn't get object via AP, trying out OStatus fetching...") + case OStatus.fetch_activity_from_url(id) do + {:ok, [activity | _]} -> {:ok, Object.get_by_ap_id(activity.data["object"]["id"])} + _ -> e + end + end + end + end + + def is_public?(activity) do + "https://www.w3.org/ns/activitystreams#Public" in (activity.data["to"] ++ (activity.data["cc"] || [])) + end + + def visible_for_user?(activity, nil) do + is_public?(activity) + end + def visible_for_user?(activity, user) do + x = [user.ap_id | user.following] + y = (activity.data["to"] ++ (activity.data["cc"] || [])) + visible_for_user?(activity, nil) || Enum.any?(x, &(&1 in y)) + end end diff --git a/lib/pleroma/web/activity_pub/activity_pub_controller.ex b/lib/pleroma/web/activity_pub/activity_pub_controller.ex new file mode 100644 index 000000000..f0dc86a7f --- /dev/null +++ b/lib/pleroma/web/activity_pub/activity_pub_controller.ex @@ -0,0 +1,43 @@ +defmodule Pleroma.Web.ActivityPub.ActivityPubController do + use Pleroma.Web, :controller + alias Pleroma.{User, Repo, Object, Activity} + alias Pleroma.Web.ActivityPub.{ObjectView, UserView, Transmogrifier} + alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.Federator + + require Logger + + action_fallback :errors + + def user(conn, %{"nickname" => nickname}) do + with %User{} = user <- User.get_cached_by_nickname(nickname), + {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do + json(conn, UserView.render("user.json", %{user: user})) + end + end + + def object(conn, %{"uuid" => uuid}) do + with ap_id <- o_status_url(conn, :object, uuid), + %Object{} = object <- Object.get_cached_by_ap_id(ap_id) do + json(conn, ObjectView.render("object.json", %{object: object})) + end + end + + # TODO: Ensure that this inbox is a recipient of the message + def inbox(%{assigns: %{valid_signature: true}} = conn, params) do + Federator.enqueue(:incoming_ap_doc, params) + json(conn, "ok") + end + + def inbox(conn, params) do + Logger.info("Signature error.") + Logger.info(inspect(conn.req_headers)) + json(conn, "ok") + end + + def errors(conn, _e) do + conn + |> put_status(500) + |> json("error") + end +end diff --git a/lib/pleroma/web/activity_pub/transmogrifier.ex b/lib/pleroma/web/activity_pub/transmogrifier.ex new file mode 100644 index 000000000..eb2569ef2 --- /dev/null +++ b/lib/pleroma/web/activity_pub/transmogrifier.ex @@ -0,0 +1,183 @@ +defmodule Pleroma.Web.ActivityPub.Transmogrifier do + @moduledoc """ + A module to handle coding from internal to wire ActivityPub and back. + """ + alias Pleroma.User + alias Pleroma.Object + alias Pleroma.Activity + alias Pleroma.Web.ActivityPub.ActivityPub + + @doc """ + Modifies an incoming AP object (mastodon format) to our internal format. + """ + def fix_object(object) do + object + |> Map.put("actor", object["attributedTo"]) + |> fix_attachments + |> fix_context + end + + def fix_context(object) do + object + |> Map.put("context", object["conversation"]) + end + + def fix_attachments(object) do + attachments = (object["attachment"] || []) + |> Enum.map(fn (data) -> + url = [%{"type" => "Link", "mediaType" => data["mediaType"], "href" => data["url"]}] + Map.put(data, "url", url) + end) + + object + |> Map.put("attachment", attachments) + end + + # TODO: validate those with a Ecto scheme + # - tags + # - emoji + def handle_incoming(%{"type" => "Create", "object" => %{"type" => "Note"} = object} = data) do + with nil <- Activity.get_create_activity_by_object_ap_id(object["id"]), + %User{} = user <- User.get_or_fetch_by_ap_id(data["actor"]) do + object = fix_object(data["object"]) + params = %{ + to: data["to"], + object: object, + actor: user, + context: data["object"]["conversation"], + local: false, + published: data["published"], + additional: Map.take(data, [ + "cc", + "id" + ]) + } + + if object["inReplyTo"] do + {:ok, object} = ActivityPub.fetch_object_from_id(object["inReplyTo"]) + end + + ActivityPub.create(params) + else + %Activity{} = activity -> {:ok, activity} + _e -> :error + end + end + + def handle_incoming(%{"type" => "Follow", "object" => followed, "actor" => follower, "id" => id} = data) do + with %User{local: true} = followed <- User.get_cached_by_ap_id(followed), + %User{} = follower <- User.get_or_fetch_by_ap_id(follower), + {:ok, activity} <- ActivityPub.follow(follower, followed, id, false) do + ActivityPub.accept(%{to: [follower.ap_id], actor: followed.ap_id, object: data, local: true}) + User.follow(follower, followed) + {:ok, activity} + else + _e -> :error + end + end + + def handle_incoming(%{"type" => "Like", "object" => object_id, "actor" => actor, "id" => id} = data) do + with %User{} = actor <- User.get_or_fetch_by_ap_id(actor), + %Object{} = object <- Object.get_by_ap_id(object_id), + {:ok, activity, object} <- ActivityPub.like(actor, object, id, false) do + {:ok, activity} + else + _e -> :error + end + end + + def handle_incoming(%{"type" => "Announce", "object" => object_id, "actor" => actor, "id" => id} = data) do + with %User{} = actor <- User.get_or_fetch_by_ap_id(actor), + {:ok, object} <- get_obj_helper(object_id) || ActivityPub.fetch_object_from_id(object_id), + {:ok, activity, object} <- ActivityPub.announce(actor, object, id, false) do + {:ok, activity} + else + _e -> :error + end + end + + # TODO + # Accept + # Undo + + def handle_incoming(_), do: :error + + def get_obj_helper(id) do + if object = Object.get_by_ap_id(id), do: {:ok, object}, else: nil + end + + @doc + """ + internal -> Mastodon + """ + def prepare_outgoing(%{"type" => "Create", "object" => %{"type" => "Note"} = object} = data) do + object = object + |> set_sensitive + |> add_hashtags + |> add_mention_tags + |> add_attributed_to + |> prepare_attachments + |> set_conversation + + data = data + |> Map.put("object", object) + |> Map.put("@context", "https://www.w3.org/ns/activitystreams") + + {:ok, data} + end + + def prepare_outgoing(%{"type" => type} = data) do + data = data + |> Map.put("@context", "https://www.w3.org/ns/activitystreams") + + {:ok, data} + end + + def add_hashtags(object) do + tags = (object["tag"] || []) + |> Enum.map fn (tag) -> %{"href" => Pleroma.Web.Endpoint.url() <> "/tags/#{tag}", "name" => "##{tag}", "type" => "Hashtag"} end + + object + |> Map.put("tag", tags) + end + + def add_mention_tags(object) do + recipients = object["to"] ++ (object["cc"] || []) + mentions = recipients + |> Enum.map(fn (ap_id) -> User.get_cached_by_ap_id(ap_id) end) + |> Enum.filter(&(&1)) + |> Enum.map(fn(user) -> %{"type" => "Mention", "href" => user.ap_id, "name" => "@#{user.nickname}"} end) + + tags = object["tag"] || [] + + object + |> Map.put("tag", tags ++ mentions) + end + + def set_conversation(object) do + Map.put(object, "conversation", object["context"]) + end + + def set_sensitive(object) do + tags = object["tag"] || [] + Map.put(object, "sensitive", "nsfw" in tags) + end + + def add_attributed_to(object) do + attributedTo = object["attributedTo"] || object["actor"] + + object + |> Map.put("attributedTo", attributedTo) + end + + def prepare_attachments(object) do + attachments = (object["attachment"] || []) + |> Enum.map(fn (data) -> + [%{"mediaType" => media_type, "href" => href} | _] = data["url"] + %{"url" => href, "mediaType" => media_type, "name" => data["name"], "type" => "Document"} + end) + + object + |> Map.put("attachment", attachments) + end +end diff --git a/lib/pleroma/web/activity_pub/utils.ex b/lib/pleroma/web/activity_pub/utils.ex index ac20a2822..b32b7240e 100644 --- a/lib/pleroma/web/activity_pub/utils.ex +++ b/lib/pleroma/web/activity_pub/utils.ex @@ -205,7 +205,6 @@ defmodule Pleroma.Web.ActivityPub.Utils do def make_create_data(params, additional) do published = params.published || make_date() - %{ "type" => "Create", "to" => params.to |> Enum.uniq, diff --git a/lib/pleroma/web/activity_pub/views/object_view.ex b/lib/pleroma/web/activity_pub/views/object_view.ex new file mode 100644 index 000000000..c39f99454 --- /dev/null +++ b/lib/pleroma/web/activity_pub/views/object_view.ex @@ -0,0 +1,27 @@ +defmodule Pleroma.Web.ActivityPub.ObjectView do + use Pleroma.Web, :view + + def render("object.json", %{object: object}) do + base = %{ + "@context" => [ + "https://www.w3.org/ns/activitystreams", + "https://w3id.org/security/v1", + %{ + "manuallyApprovesFollowers" => "as:manuallyApprovesFollowers", + "sensitive" => "as:sensitive", + "Hashtag" => "as:Hashtag", + "ostatus" => "http://ostatus.org#", + "atomUri" => "ostatus:atomUri", + "inReplyToAtomUri" => "ostatus:inReplyToAtomUri", + "conversation" => "ostatus:conversation", + "toot" => "http://joinmastodon.org/ns#", + "Emoji" => "toot:Emoji" + } + ] + } + + additional = Map.take(object.data, ["id", "to", "cc", "actor", "content", "summary", "type"]) + |> Map.put("attributedTo", object.data["actor"]) + Map.merge(base, additional) + end +end diff --git a/lib/pleroma/web/activity_pub/views/user_view.ex b/lib/pleroma/web/activity_pub/views/user_view.ex new file mode 100644 index 000000000..b3b02c4fb --- /dev/null +++ b/lib/pleroma/web/activity_pub/views/user_view.ex @@ -0,0 +1,51 @@ +defmodule Pleroma.Web.ActivityPub.UserView do + use Pleroma.Web, :view + alias Pleroma.Web.Salmon + alias Pleroma.User + + def render("user.json", %{user: user}) do + {:ok, _, public_key} = Salmon.keys_from_pem(user.info["keys"]) + public_key = :public_key.pem_entry_encode(:RSAPublicKey, public_key) + public_key = :public_key.pem_encode([public_key]) + %{ + "@context" => [ + "https://www.w3.org/ns/activitystreams", + "https://w3id.org/security/v1", + %{ + "manuallyApprovesFollowers" => "as:manuallyApprovesFollowers", + "sensitive" => "as:sensitive", + "Hashtag" => "as:Hashtag", + "ostatus" => "http://ostatus.org#", + "atomUri" => "ostatus:atomUri", + "inReplyToAtomUri" => "ostatus:inReplyToAtomUri", + "conversation" => "ostatus:conversation", + "toot" => "http://joinmastodon.org/ns#", + "Emoji" => "toot:Emoji" + } + ], + "id" => user.ap_id, + "type" => "Person", + "following" => "#{user.ap_id}/following", + "followers" => "#{user.ap_id}/followers", + "inbox" => "#{user.ap_id}/inbox", + "outbox" => "#{user.ap_id}/outbox", + "preferredUsername" => user.nickname, + "name" => user.name, + "summary" => user.bio, + "url" => user.ap_id, + "manuallyApprovesFollowers" => false, + "publicKey" => %{ + "id" => "#{user.ap_id}#main-key", + "owner" => user.ap_id, + "publicKeyPem" => public_key + }, + "endpoints" => %{ + "sharedInbox" => "#{Pleroma.Web.Endpoint.url}/inbox" + }, + "icon" => %{ + "type" => "Image", + "url" => User.avatar_url(user) + } + } + end +end diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex index 849360a16..5bd6e136f 100644 --- a/lib/pleroma/web/common_api/common_api.ex +++ b/lib/pleroma/web/common_api/common_api.ex @@ -46,22 +46,30 @@ defmodule Pleroma.Web.CommonAPI do end end + def get_visibility(%{"visibility" => visibility}), do: visibility + def get_visibility(%{"in_reply_to_status_id" => status_id}) do + inReplyTo = get_replied_to_activity(status_id) + Pleroma.Web.MastodonAPI.StatusView.get_visibility(inReplyTo.data["object"]) + end + def get_visibility(_), do: "public" + @instance Application.get_env(:pleroma, :instance) @limit Keyword.get(@instance, :limit) def post(user, %{"status" => status} = data) do + visibility = get_visibility(data) with status <- String.trim(status), length when length in 1..@limit <- String.length(status), attachments <- attachments_from_ids(data["media_ids"]), mentions <- Formatter.parse_mentions(status), inReplyTo <- get_replied_to_activity(data["in_reply_to_status_id"]), - to <- to_for_user_and_mentions(user, mentions, inReplyTo), + {to, cc} <- to_for_user_and_mentions(user, mentions, inReplyTo, visibility), tags <- Formatter.parse_tags(status, data), content_html <- make_content_html(status, mentions, attachments, tags, data["no_attachment_links"]), context <- make_context(inReplyTo), cw <- data["spoiler_text"], - object <- make_note_data(user.ap_id, to, context, content_html, attachments, inReplyTo, tags, cw), + object <- make_note_data(user.ap_id, to, context, content_html, attachments, inReplyTo, tags, cw, cc), object <- Map.put(object, "emoji", Formatter.get_emoji(status) |> Enum.reduce(%{}, fn({name, file}, acc) -> Map.put(acc, name, "#{Pleroma.Web.Endpoint.static_url}#{file}") end)) do - res = ActivityPub.create(to, user, context, object) + res = ActivityPub.create(%{to: to, actor: user, context: context, object: object, additional: %{"cc" => cc}}) User.increase_note_count(user) res end diff --git a/lib/pleroma/web/common_api/utils.ex b/lib/pleroma/web/common_api/utils.ex index 2b359dd72..75c63e5f4 100644 --- a/lib/pleroma/web/common_api/utils.ex +++ b/lib/pleroma/web/common_api/utils.ex @@ -24,17 +24,34 @@ defmodule Pleroma.Web.CommonAPI.Utils do end) end - def to_for_user_and_mentions(user, mentions, inReplyTo) do - default_to = [ - user.follower_address, - "https://www.w3.org/ns/activitystreams#Public" - ] + def to_for_user_and_mentions(user, mentions, inReplyTo, "public") do + to = ["https://www.w3.org/ns/activitystreams#Public"] - to = default_to ++ Enum.map(mentions, fn ({_, %{ap_id: ap_id}}) -> ap_id end) + mentioned_users = Enum.map(mentions, fn ({_, %{ap_id: ap_id}}) -> ap_id end) + cc = [user.follower_address | mentioned_users] if inReplyTo do - Enum.uniq([inReplyTo.data["actor"] | to]) + {to, Enum.uniq([inReplyTo.data["actor"] | cc])} else - to + {to, cc} + end + end + + def to_for_user_and_mentions(user, mentions, inReplyTo, "unlisted") do + {to, cc} = to_for_user_and_mentions(user, mentions, inReplyTo, "public") + {cc, to} + end + + def to_for_user_and_mentions(user, mentions, inReplyTo, "private") do + {to, cc} = to_for_user_and_mentions(user, mentions, inReplyTo, "direct") + {[user.follower_address | to], cc} + end + + def to_for_user_and_mentions(user, mentions, inReplyTo, "direct") do + mentioned_users = Enum.map(mentions, fn ({_, %{ap_id: ap_id}}) -> ap_id end) + if inReplyTo do + {Enum.uniq([inReplyTo.data["actor"] | mentioned_users]), []} + else + {mentioned_users, []} end end @@ -99,10 +116,11 @@ defmodule Pleroma.Web.CommonAPI.Utils do end) end - def make_note_data(actor, to, context, content_html, attachments, inReplyTo, tags, cw \\ nil) do + def make_note_data(actor, to, context, content_html, attachments, inReplyTo, tags, cw \\ nil, cc \\ []) do object = %{ "type" => "Note", "to" => to, + "cc" => cc, "content" => content_html, "summary" => cw, "context" => context, diff --git a/lib/pleroma/web/federator/federator.ex b/lib/pleroma/web/federator/federator.ex index c9f9dc7a1..0b9808b8f 100644 --- a/lib/pleroma/web/federator/federator.ex +++ b/lib/pleroma/web/federator/federator.ex @@ -1,7 +1,10 @@ defmodule Pleroma.Web.Federator do use GenServer alias Pleroma.User + alias Pleroma.Activity alias Pleroma.Web.{WebFinger, Websub} + alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.ActivityPub.Transmogrifier require Logger @websub Application.get_env(:pleroma, :websub) @@ -42,11 +45,16 @@ defmodule Pleroma.Web.Federator do Logger.debug(fn -> "Running publish for #{activity.data["id"]}" end) with actor when not is_nil(actor) <- User.get_cached_by_ap_id(activity.data["actor"]) do {:ok, actor} = WebFinger.ensure_keys_present(actor) - Logger.debug(fn -> "Sending #{activity.data["id"]} out via salmon" end) - Pleroma.Web.Salmon.publish(actor, activity) + if ActivityPub.is_public?(activity) do + Logger.info(fn -> "Sending #{activity.data["id"]} out via websub" end) + Websub.publish(Pleroma.Web.OStatus.feed_path(actor), actor, activity) - Logger.debug(fn -> "Sending #{activity.data["id"]} out via websub" end) - Websub.publish(Pleroma.Web.OStatus.feed_path(actor), actor, activity) + Logger.info(fn -> "Sending #{activity.data["id"]} out via salmon" end) + Pleroma.Web.Salmon.publish(actor, activity) + end + + Logger.info(fn -> "Sending #{activity.data["id"]} out via AP" end) + Pleroma.Web.ActivityPub.ActivityPub.publish(actor, activity) end end @@ -56,10 +64,29 @@ defmodule Pleroma.Web.Federator do end def handle(:incoming_doc, doc) do - Logger.debug("Got document, trying to parse") + Logger.info("Got document, trying to parse") @ostatus.handle_incoming(doc) end + def handle(:incoming_ap_doc, params) do + Logger.info("Handling incoming ap activity") + with {:ok, _user} <- ap_enabled_actor(params["actor"]), + nil <- Activity.get_by_ap_id(params["id"]), + {:ok, activity} <- Transmogrifier.handle_incoming(params) do + else + %Activity{} -> + Logger.info("Already had #{params["id"]}") + e -> + # Just drop those for now + Logger.info("Unhandled activity") + Logger.info(Poison.encode!(params, [pretty: 2])) + end + end + + def handle(:publish_single_ap, params) do + ActivityPub.publish_one(params) + end + def handle(:publish_single_websub, %{xml: xml, topic: topic, callback: callback, secret: secret}) do signature = @websub.sign(secret || "", xml) Logger.debug(fn -> "Pushing #{topic} to #{callback}" end) @@ -98,7 +125,7 @@ defmodule Pleroma.Web.Federator do end end - def handle_cast({:enqueue, type, payload, priority}, state) when type in [:incoming_doc] do + def handle_cast({:enqueue, type, payload, priority}, state) when type in [:incoming_doc, :incoming_ap_doc] do %{in: {i_running_jobs, i_queue}, out: {o_running_jobs, o_queue}} = state i_queue = enqueue_sorted(i_queue, {type, payload}, 1) {i_running_jobs, i_queue} = maybe_start_job(i_running_jobs, i_queue) @@ -135,4 +162,13 @@ defmodule Pleroma.Web.Federator do def queue_pop([%{item: element} | queue]) do {element, queue} end + + def ap_enabled_actor(id) do + user = User.get_by_ap_id(id) + if User.ap_enabled?(user) do + {:ok, user} + else + ActivityPub.make_user_from_ap_id(id) + end + end end diff --git a/lib/pleroma/web/http_signatures/http_signatures.ex b/lib/pleroma/web/http_signatures/http_signatures.ex new file mode 100644 index 000000000..cdc5e1f3f --- /dev/null +++ b/lib/pleroma/web/http_signatures/http_signatures.ex @@ -0,0 +1,76 @@ +# https://tools.ietf.org/html/draft-cavage-http-signatures-08 +defmodule Pleroma.Web.HTTPSignatures do + alias Pleroma.User + alias Pleroma.Web.ActivityPub.ActivityPub + + def split_signature(sig) do + default = %{"headers" => "date"} + + sig = sig + |> String.trim() + |> String.split(",") + |> Enum.reduce(default, fn(part, acc) -> + [key | rest] = String.split(part, "=") + value = Enum.join(rest, "=") + Map.put(acc, key, String.trim(value, "\"")) + end) + + Map.put(sig, "headers", String.split(sig["headers"], ~r/\s/)) + end + + def validate(headers, signature, public_key) do + sigstring = build_signing_string(headers, signature["headers"]) + {:ok, sig} = Base.decode64(signature["signature"]) + :public_key.verify(sigstring, :sha256, sig, public_key) + end + + def validate_conn(conn) do + # TODO: How to get the right key and see if it is actually valid for that request. + # For now, fetch the key for the actor. + with actor_id <- conn.params["actor"], + {:ok, public_key} <- User.get_public_key_for_ap_id(actor_id) do + if validate_conn(conn, public_key) do + true + else + # Fetch user anew and try one more time + with actor_id <- conn.params["actor"], + {:ok, _user} <- ActivityPub.make_user_from_ap_id(actor_id), + {:ok, public_key} <- User.get_public_key_for_ap_id(actor_id) do + validate_conn(conn, public_key) + end + end + else + _ -> false + end + end + + def validate_conn(conn, public_key) do + headers = Enum.into(conn.req_headers, %{}) + signature = split_signature(headers["signature"]) + validate(headers, signature, public_key) + end + + def build_signing_string(headers, used_headers) do + used_headers + |> Enum.map(fn (header) -> "#{header}: #{headers[header]}" end) + |> Enum.join("\n") + end + + def sign(user, headers) do + with {:ok, %{info: %{"keys" => keys}}} <- Pleroma.Web.WebFinger.ensure_keys_present(user), + {:ok, private_key, _} = Pleroma.Web.Salmon.keys_from_pem(keys) do + sigstring = build_signing_string(headers, Map.keys(headers)) + signature = :public_key.sign(sigstring, :sha256, private_key) + |> Base.encode64() + + [ + keyId: user.ap_id <> "#main-key", + algorithm: "rsa-sha256", + headers: Map.keys(headers) |> Enum.join(" "), + signature: signature + ] + |> Enum.map(fn({k, v}) -> "#{k}=\"#{v}\"" end) + |> Enum.join(",") + end + end +end diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index e16a2a092..45b4d24c6 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -150,6 +150,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do params = params |> Map.put("type", ["Create", "Announce"]) |> Map.put("blocking_user", user) + |> Map.put("user", user) activities = ActivityPub.fetch_activities([user.ap_id | user.following], params) |> Enum.reverse @@ -189,14 +190,15 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do end def get_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do - with %Activity{} = activity <- Repo.get(Activity, id) do + with %Activity{} = activity <- Repo.get(Activity, id), + true <- ActivityPub.visible_for_user?(activity, user) do render conn, StatusView, "status.json", %{activity: activity, for: user} end end def get_context(%{assigns: %{user: user}} = conn, %{"id" => id}) do with %Activity{} = activity <- Repo.get(Activity, id), - activities <- ActivityPub.fetch_activities_for_context(activity.data["object"]["context"], %{"blocking_user" => user}), + activities <- ActivityPub.fetch_activities_for_context(activity.data["object"]["context"], %{"blocking_user" => user, "user" => user}), activities <- activities |> Enum.filter(fn (%{id: aid}) -> to_string(aid) != to_string(id) end), activities <- activities |> Enum.filter(fn (%{data: %{"type" => type}}) -> type == "Create" end), grouped_activities <- Enum.group_by(activities, fn (%{id: id}) -> id < activity.id end) do diff --git a/lib/pleroma/web/mastodon_api/mastodon_socket.ex b/lib/pleroma/web/mastodon_api/mastodon_socket.ex index fe71ea271..c3bae5935 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_socket.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_socket.ex @@ -25,7 +25,6 @@ defmodule Pleroma.Web.MastodonAPI.MastodonSocket do def id(_), do: nil def handle(:text, message, _state) do - IO.inspect message #| :ok #| state #| {:text, message} diff --git a/lib/pleroma/web/mastodon_api/views/status_view.ex b/lib/pleroma/web/mastodon_api/views/status_view.ex index 64f315597..4f395d0f7 100644 --- a/lib/pleroma/web/mastodon_api/views/status_view.ex +++ b/lib/pleroma/web/mastodon_api/views/status_view.ex @@ -58,7 +58,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do announcement_count = object["announcement_count"] || 0 tags = object["tag"] || [] - sensitive = Enum.member?(tags, "nsfw") + sensitive = object["sensitive"] || Enum.member?(tags, "nsfw") mentions = activity.data["to"] |> Enum.map(fn (ap_id) -> User.get_cached_by_ap_id(ap_id) end) @@ -96,7 +96,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do muted: false, sensitive: sensitive, spoiler_text: object["summary"] || "", - visibility: "public", + visibility: get_visibility(object), media_attachments: attachments |> Enum.take(4), mentions: mentions, tags: [], # fix, @@ -109,6 +109,18 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do } end + def get_visibility(object) do + public = "https://www.w3.org/ns/activitystreams#Public" + to = object["to"] || [] + cc = object["cc"] || [] + cond do + public in to -> "public" + public in cc -> "unlisted" + Enum.any?(to, &(String.contains?(&1, "/followers"))) -> "private" + true -> "direct" + end + end + def render("attachment.json", %{attachment: attachment}) do [%{"mediaType" => media_type, "href" => href} | _] = attachment["url"] diff --git a/lib/pleroma/web/ostatus/activity_representer.ex b/lib/pleroma/web/ostatus/activity_representer.ex index aa2b1df39..33e5e0009 100644 --- a/lib/pleroma/web/ostatus/activity_representer.ex +++ b/lib/pleroma/web/ostatus/activity_representer.ex @@ -76,7 +76,7 @@ defmodule Pleroma.Web.OStatus.ActivityRepresenter do in_reply_to = get_in_reply_to(activity.data) author = if with_author, do: [{:author, UserRepresenter.to_simple_form(user)}], else: [] - mentions = activity.data["to"] |> get_mentions + mentions = activity.recipients |> get_mentions categories = (activity.data["object"]["tag"] || []) |> Enum.map(fn (tag) -> {:category, [term: to_charlist(tag)], []} end) @@ -110,7 +110,7 @@ defmodule Pleroma.Web.OStatus.ActivityRepresenter do _in_reply_to = get_in_reply_to(activity.data) author = if with_author, do: [{:author, UserRepresenter.to_simple_form(user)}], else: [] - mentions = activity.data["to"] |> get_mentions + mentions = activity.recipients |> get_mentions [ {:"activity:verb", ['http://activitystrea.ms/schema/1.0/favorite']}, @@ -144,7 +144,7 @@ defmodule Pleroma.Web.OStatus.ActivityRepresenter do retweeted_xml = to_simple_form(retweeted_activity, retweeted_user, true) - mentions = activity.data["to"] |> get_mentions + mentions = activity.recipients |> get_mentions [ {:"activity:object-type", ['http://activitystrea.ms/schema/1.0/activity']}, {:"activity:verb", ['http://activitystrea.ms/schema/1.0/share']}, @@ -168,7 +168,7 @@ defmodule Pleroma.Web.OStatus.ActivityRepresenter do author = if with_author, do: [{:author, UserRepresenter.to_simple_form(user)}], else: [] - mentions = (activity.data["to"] || []) |> get_mentions + mentions = (activity.recipients || []) |> get_mentions [ {:"activity:object-type", ['http://activitystrea.ms/schema/1.0/activity']}, {:"activity:verb", ['http://activitystrea.ms/schema/1.0/follow']}, @@ -196,7 +196,7 @@ defmodule Pleroma.Web.OStatus.ActivityRepresenter do author = if with_author, do: [{:author, UserRepresenter.to_simple_form(user)}], else: [] follow_activity = Activity.get_by_ap_id(activity.data["object"]) - mentions = (activity.data["to"] || []) |> get_mentions + mentions = (activity.recipients || []) |> get_mentions [ {:"activity:object-type", ['http://activitystrea.ms/schema/1.0/activity']}, {:"activity:verb", ['http://activitystrea.ms/schema/1.0/unfollow']}, diff --git a/lib/pleroma/web/ostatus/handlers/note_handler.ex b/lib/pleroma/web/ostatus/handlers/note_handler.ex index 8747dbb67..7b7ed2d5a 100644 --- a/lib/pleroma/web/ostatus/handlers/note_handler.ex +++ b/lib/pleroma/web/ostatus/handlers/note_handler.ex @@ -112,7 +112,7 @@ defmodule Pleroma.Web.OStatus.NoteHandler do # TODO: Handle this case in make_note_data note <- (if inReplyTo && !inReplyToActivity, do: note |> Map.put("inReplyTo", inReplyTo), else: note) do - res = ActivityPub.create(to, actor, context, note, %{}, date, false) + res = ActivityPub.create(%{to: to, actor: actor, context: context, object: note, published: date, local: false}) User.increase_note_count(actor) res else diff --git a/lib/pleroma/web/ostatus/ostatus.ex b/lib/pleroma/web/ostatus/ostatus.ex index c35ba42be..91c4474c5 100644 --- a/lib/pleroma/web/ostatus/ostatus.ex +++ b/lib/pleroma/web/ostatus/ostatus.ex @@ -218,11 +218,6 @@ defmodule Pleroma.Web.OStatus do end end - def insert_or_update_user(data) do - cs = User.remote_user_creation(data) - Repo.insert(cs, on_conflict: :replace_all, conflict_target: :nickname) - end - def make_user(uri, update \\ false) do with {:ok, info} <- gather_user_info(uri) do data = %{ @@ -236,7 +231,7 @@ defmodule Pleroma.Web.OStatus do with false <- update, %User{} = user <- User.get_by_ap_id(data.ap_id) do {:ok, user} - else _e -> insert_or_update_user(data) + else _e -> User.insert_or_update_user(data) end end end diff --git a/lib/pleroma/web/ostatus/ostatus_controller.ex b/lib/pleroma/web/ostatus/ostatus_controller.ex index 4d48c5d2b..4388217d1 100644 --- a/lib/pleroma/web/ostatus/ostatus_controller.ex +++ b/lib/pleroma/web/ostatus/ostatus_controller.ex @@ -6,13 +6,15 @@ defmodule Pleroma.Web.OStatus.OStatusController do alias Pleroma.Repo alias Pleroma.Web.{OStatus, Federator} alias Pleroma.Web.XML + alias Pleroma.Web.ActivityPub.ActivityPubController import Ecto.Query - def feed_redirect(conn, %{"nickname" => nickname}) do + def feed_redirect(conn, %{"nickname" => nickname} = params) do user = User.get_cached_by_nickname(nickname) case get_format(conn) do "html" -> Fallback.RedirectController.redirector(conn, nil) + "activity+json" -> ActivityPubController.user(conn, params) _ -> redirect conn, external: OStatus.feed_path(user) end end @@ -70,13 +72,17 @@ defmodule Pleroma.Web.OStatus.OStatusController do |> send_resp(200, "") end - def object(conn, %{"uuid" => uuid}) do - with id <- o_status_url(conn, :object, uuid), - %Activity{} = activity <- Activity.get_create_activity_by_object_ap_id(id), - %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do - case get_format(conn) do - "html" -> redirect(conn, to: "/notice/#{activity.id}") - _ -> represent_activity(conn, activity, user) + def object(conn, %{"uuid" => uuid} = params) do + if get_format(conn) == "activity+json" do + ActivityPubController.object(conn, params) + else + with id <- o_status_url(conn, :object, uuid), + %Activity{} = activity <- Activity.get_create_activity_by_object_ap_id(id), + %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do + case get_format(conn) do + "html" -> redirect(conn, to: "/notice/#{activity.id}") + _ -> represent_activity(conn, activity, user) + end end end end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 6e9f40955..8d93e1ea6 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -219,7 +219,7 @@ defmodule Pleroma.Web.Router do end pipeline :ostatus do - plug :accepts, ["xml", "atom", "html"] + plug :accepts, ["xml", "atom", "html", "activity+json"] end scope "/", Pleroma.Web do @@ -237,6 +237,17 @@ defmodule Pleroma.Web.Router do post "/push/subscriptions/:id", Websub.WebsubController, :websub_incoming end + pipeline :activitypub do + plug :accepts, ["activity+json"] + plug Pleroma.Web.Plugs.HTTPSignaturePlug + end + + scope "/", Pleroma.Web.ActivityPub do + pipe_through :activitypub + post "/users/:nickname/inbox", ActivityPubController, :inbox + post "/inbox", ActivityPubController, :inbox + end + scope "/.well-known", Pleroma.Web do pipe_through :well_known diff --git a/lib/pleroma/web/salmon/salmon.ex b/lib/pleroma/web/salmon/salmon.ex index 81b864582..46ca645d1 100644 --- a/lib/pleroma/web/salmon/salmon.ex +++ b/lib/pleroma/web/salmon/salmon.ex @@ -29,7 +29,8 @@ defmodule Pleroma.Web.Salmon do with [data, _, _, _, _] <- decode(salmon), doc <- XML.parse_document(data), uri when not is_nil(uri) <- XML.string_from_xpath("/entry/author[1]/uri", doc), - {:ok, %{info: %{"magic_key" => magic_key}}} <- Pleroma.Web.OStatus.find_or_make_user(uri) do + {:ok, public_key} <- User.get_public_key_for_ap_id(uri), + magic_key <- encode_key(public_key) do {:ok, magic_key} end end @@ -138,7 +139,8 @@ defmodule Pleroma.Web.Salmon do {:ok, salmon} end - def remote_users(%{data: %{"to" => to}}) do + def remote_users(%{data: %{"to" => to} = data}) do + to = to ++ (data["cc"] || []) to |> Enum.map(fn(id) -> User.get_cached_by_ap_id(id) end) |> Enum.filter(fn(user) -> user && !user.local end) @@ -154,8 +156,16 @@ defmodule Pleroma.Web.Salmon do defp send_to_user(_,_,_), do: nil + @supported_activities [ + "Create", + "Follow", + "Like", + "Announce", + "Undo", + "Delete" + ] def publish(user, activity, poster \\ &@httpoison.post/4) - def publish(%{info: %{"keys" => keys}} = user, activity, poster) do + def publish(%{info: %{"keys" => keys}} = user, %{data: %{"type" => type}} = activity, poster) when type in @supported_activities do feed = ActivityRepresenter.to_simple_form(activity, user, true) |> ActivityRepresenter.wrap_with_entry |> :xmerl.export_simple(:xmerl_xml) diff --git a/lib/pleroma/web/streamer.ex b/lib/pleroma/web/streamer.ex index d64e6c393..a417178ba 100644 --- a/lib/pleroma/web/streamer.ex +++ b/lib/pleroma/web/streamer.ex @@ -74,7 +74,6 @@ defmodule Pleroma.Web.Streamer do sockets_for_topic = Enum.uniq([socket | sockets_for_topic]) sockets = Map.put(sockets, topic, sockets_for_topic) Logger.debug("Got new conn for #{topic}") - IO.inspect(sockets) {:noreply, sockets} end @@ -84,12 +83,11 @@ defmodule Pleroma.Web.Streamer do sockets_for_topic = List.delete(sockets_for_topic, socket) sockets = Map.put(sockets, topic, sockets_for_topic) Logger.debug("Removed conn for #{topic}") - IO.inspect(sockets) {:noreply, sockets} end def handle_cast(m, state) do - IO.inspect("Unknown: #{inspect(m)}, #{inspect(state)}") + Logger.info("Unknown: #{inspect(m)}, #{inspect(state)}") {:noreply, state} end diff --git a/lib/pleroma/web/twitter_api/representers/activity_representer.ex b/lib/pleroma/web/twitter_api/representers/activity_representer.ex index 1f11bc9ac..b0dfeaf39 100644 --- a/lib/pleroma/web/twitter_api/representers/activity_representer.ex +++ b/lib/pleroma/web/twitter_api/representers/activity_representer.ex @@ -56,7 +56,8 @@ defmodule Pleroma.Web.TwitterAPI.Representers.ActivityRepresenter do } end - def to_map(%Activity{data: %{"type" => "Follow", "published" => created_at, "object" => followed_id}} = activity, %{user: user} = opts) do + def to_map(%Activity{data: %{"type" => "Follow", "object" => followed_id}} = activity, %{user: user} = opts) do + created_at = activity.data["published"] || (DateTime.to_iso8601(activity.inserted_at)) created_at = created_at |> Utils.date_to_asctime followed = User.get_cached_by_ap_id(followed_id) @@ -125,7 +126,7 @@ defmodule Pleroma.Web.TwitterAPI.Representers.ActivityRepresenter do mentions = opts[:mentioned] || [] - attentions = activity.data["to"] + attentions = activity.recipients |> Enum.map(fn (ap_id) -> Enum.find(mentions, fn(user) -> ap_id == user.ap_id end) end) |> Enum.filter(&(&1)) |> Enum.map(fn (user) -> UserView.render("show.json", %{user: user, for: opts[:for]}) end) @@ -133,7 +134,9 @@ defmodule Pleroma.Web.TwitterAPI.Representers.ActivityRepresenter do conversation_id = conversation_id(activity) tags = activity.data["object"]["tag"] || [] - possibly_sensitive = Enum.member?(tags, "nsfw") + possibly_sensitive = activity.data["object"]["sensitive"] || Enum.member?(tags, "nsfw") + + tags = if possibly_sensitive, do: ["nsfw" | tags], else: tags summary = activity.data["object"]["summary"] content = if !!summary and summary != "" do diff --git a/lib/pleroma/web/twitter_api/representers/object_representer.ex b/lib/pleroma/web/twitter_api/representers/object_representer.ex index 69eaeb36c..e2d653ba8 100644 --- a/lib/pleroma/web/twitter_api/representers/object_representer.ex +++ b/lib/pleroma/web/twitter_api/representers/object_representer.ex @@ -2,9 +2,8 @@ defmodule Pleroma.Web.TwitterAPI.Representers.ObjectRepresenter do use Pleroma.Web.TwitterAPI.Representers.BaseRepresenter alias Pleroma.Object - def to_map(%Object{} = object, _opts) do + def to_map(%Object{data: %{"url" => [url | _]}} = object, _opts) do data = object.data - url = List.first(data["url"]) %{ url: url["href"] |> Pleroma.Web.MediaProxy.url(), mimetype: url["mediaType"], @@ -13,6 +12,19 @@ defmodule Pleroma.Web.TwitterAPI.Representers.ObjectRepresenter do } end + def to_map(%Object{data: %{"url" => url} = data}, _opts) when is_binary(url) do + %{ + url: url |> Pleroma.Web.MediaProxy.url(), + mimetype: data["mediaType"], + id: data["uuid"], + oembed: false + } + end + + def to_map(%Object{}, _opts) do + %{} + end + # If we only get the naked data, wrap in an object def to_map(%{} = data, opts) do to_map(%Object{data: data}, opts) diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex index faecebde0..ccd79625c 100644 --- a/lib/pleroma/web/twitter_api/twitter_api.ex +++ b/lib/pleroma/web/twitter_api/twitter_api.ex @@ -13,25 +13,37 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do end def fetch_friend_statuses(user, opts \\ %{}) do - opts = Map.put(opts, "blocking_user", user) + opts = opts + |> Map.put("blocking_user", user) + |> Map.put("user", user) + |> Map.put("type", ["Create", "Announce", "Follow", "Like"]) + ActivityPub.fetch_activities([user.ap_id | user.following], opts) |> activities_to_statuses(%{for: user}) end def fetch_public_statuses(user, opts \\ %{}) do - opts = Map.put(opts, "local_only", true) - opts = Map.put(opts, "blocking_user", user) + opts = opts + |> Map.put("local_only", true) + |> Map.put("blocking_user", user) + |> Map.put("type", ["Create", "Announce", "Follow"]) + ActivityPub.fetch_public_activities(opts) |> activities_to_statuses(%{for: user}) end def fetch_public_and_external_statuses(user, opts \\ %{}) do - opts = Map.put(opts, "blocking_user", user) + opts = opts + |> Map.put("blocking_user", user) + |> Map.put("type", ["Create", "Announce", "Follow"]) + ActivityPub.fetch_public_activities(opts) |> activities_to_statuses(%{for: user}) end def fetch_user_statuses(user, opts \\ %{}) do + opts = opts + |> Map.put("type", ["Create", "Announce", "Follow"]) ActivityPub.fetch_activities([], opts) |> activities_to_statuses(%{for: user}) end @@ -43,7 +55,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do def fetch_conversation(user, id) do with context when is_binary(context) <- conversation_id_to_context(id), - activities <- ActivityPub.fetch_activities_for_context(context, %{"blocking_user" => user}), + activities <- ActivityPub.fetch_activities_for_context(context, %{"blocking_user" => user, "user" => user}), statuses <- activities |> activities_to_statuses(%{for: user}) do statuses @@ -53,7 +65,8 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do end def fetch_status(user, id) do - with %Activity{} = activity <- Repo.get(Activity, id) do + with %Activity{} = activity <- Repo.get(Activity, id), + true <- ActivityPub.visible_for_user?(activity, user) do activity_to_status(activity, %{for: user}) end end @@ -276,7 +289,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do actor = get_in(activity.data, ["actor"]) user = User.get_cached_by_ap_id(actor) # mentioned_users = Repo.all(from user in User, where: user.ap_id in ^activity.data["to"]) - mentioned_users = Enum.map(activity.data["to"] || [], fn (ap_id) -> + mentioned_users = Enum.map(activity.recipients || [], fn (ap_id) -> if ap_id do User.get_cached_by_ap_id(ap_id) else diff --git a/lib/pleroma/web/web_finger/web_finger.ex b/lib/pleroma/web/web_finger/web_finger.ex index 95e717b17..54cbf4cea 100644 --- a/lib/pleroma/web/web_finger/web_finger.ex +++ b/lib/pleroma/web/web_finger/web_finger.ex @@ -45,6 +45,7 @@ defmodule Pleroma.Web.WebFinger do {:Link, %{rel: "http://webfinger.net/rel/profile-page", type: "text/html", href: user.ap_id}}, {:Link, %{rel: "salmon", href: OStatus.salmon_path(user)}}, {:Link, %{rel: "magic-public-key", href: "data:application/magic-public-key,#{magic_key}"}}, + {:Link, %{rel: "self", type: "application/activity+json", href: user.ap_id}}, {:Link, %{rel: "http://ostatus.org/schema/1.0/subscribe", template: OStatus.remote_follow_path()}} ] } @@ -70,12 +71,14 @@ defmodule Pleroma.Web.WebFinger do subject = XML.string_from_xpath("//Subject", doc) salmon = XML.string_from_xpath(~s{//Link[@rel="salmon"]/@href}, doc) subscribe_address = XML.string_from_xpath(~s{//Link[@rel="http://ostatus.org/schema/1.0/subscribe"]/@template}, doc) + ap_id = XML.string_from_xpath(~s{//Link[@rel="self" and @type="application/activity+json"]/@href}, doc) data = %{ "magic_key" => magic_key, "topic" => topic, "subject" => subject, "salmon" => salmon, - "subscribe_address" => subscribe_address + "subscribe_address" => subscribe_address, + "ap_id" => ap_id } {:ok, data} end diff --git a/lib/pleroma/web/websub/websub.ex b/lib/pleroma/web/websub/websub.ex index db1577a93..47a01849d 100644 --- a/lib/pleroma/web/websub/websub.ex +++ b/lib/pleroma/web/websub/websub.ex @@ -38,7 +38,15 @@ defmodule Pleroma.Web.Websub do end end - def publish(topic, user, activity) do + @supported_activities [ + "Create", + "Follow", + "Like", + "Announce", + "Undo", + "Delete" + ] + def publish(topic, user, %{data: %{"type" => type}} = activity) when type in @supported_activities do # TODO: Only send to still valid subscriptions. query = from sub in WebsubServerSubscription, where: sub.topic == ^topic and sub.state == "active" @@ -58,6 +66,7 @@ defmodule Pleroma.Web.Websub do Pleroma.Web.Federator.enqueue(:publish_single_websub, data) end) end + def publish(_,_,_), do: "" def sign(secret, doc) do :crypto.hmac(:sha, secret, to_string(doc)) |> Base.encode16 |> String.downcase diff --git a/priv/repo/migrations/20171212163643_add_recipients_to_activities.exs b/priv/repo/migrations/20171212163643_add_recipients_to_activities.exs new file mode 100644 index 000000000..7bce78108 --- /dev/null +++ b/priv/repo/migrations/20171212163643_add_recipients_to_activities.exs @@ -0,0 +1,11 @@ +defmodule Pleroma.Repo.Migrations.AddRecipientsToActivities do + use Ecto.Migration + + def change do + alter table(:activities) do + add :recipients, {:array, :string} + end + + create index(:activities, [:recipients], using: :gin) + end +end diff --git a/priv/repo/migrations/20171212164525_fill_recipients_in_activities.exs b/priv/repo/migrations/20171212164525_fill_recipients_in_activities.exs new file mode 100644 index 000000000..1fcc0dabb --- /dev/null +++ b/priv/repo/migrations/20171212164525_fill_recipients_in_activities.exs @@ -0,0 +1,21 @@ +defmodule Pleroma.Repo.Migrations.FillRecipientsInActivities do + use Ecto.Migration + alias Pleroma.{Repo, Activity} + + def up do + max = Repo.aggregate(Activity, :max, :id) + if max do + IO.puts("#{max} activities") + chunks = 0..(round(max / 10_000)) + + Enum.each(chunks, fn (i) -> + min = i * 10_000 + max = min + 10_000 + execute(""" + update activities set recipients = array(select jsonb_array_elements_text(data->'to')) where id > #{min} and id <= #{max}; + """) + |> IO.inspect + end) + end + end +end diff --git a/test/fixtures/httpoison_mock/admin@mastdon.example.org.json b/test/fixtures/httpoison_mock/admin@mastdon.example.org.json new file mode 100644 index 000000000..2c7629bd0 --- /dev/null +++ b/test/fixtures/httpoison_mock/admin@mastdon.example.org.json @@ -0,0 +1 @@ +{"@context":["https://www.w3.org/ns/activitystreams","https://w3id.org/security/v1",{"manuallyApprovesFollowers":"as:manuallyApprovesFollowers","sensitive":"as:sensitive","movedTo":"as:movedTo","Hashtag":"as:Hashtag","ostatus":"http://ostatus.org#","atomUri":"ostatus:atomUri","inReplyToAtomUri":"ostatus:inReplyToAtomUri","conversation":"ostatus:conversation","toot":"http://joinmastodon.org/ns#","Emoji":"toot:Emoji"}],"id":"http://mastodon.example.org/users/admin","type":"Person","following":"http://mastodon.example.org/users/admin/following","followers":"http://mastodon.example.org/users/admin/followers","inbox":"http://mastodon.example.org/users/admin/inbox","outbox":"http://mastodon.example.org/users/admin/outbox","preferredUsername":"admin","name":null,"summary":"\u003cp\u003e\u003c/p\u003e","url":"http://mastodon.example.org/@admin","manuallyApprovesFollowers":false,"publicKey":{"id":"http://mastodon.example.org/users/admin#main-key","owner":"http://mastodon.example.org/users/admin","publicKeyPem":"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc4Tir+3ADhSNF6VKrtW\nOU32T01w7V0yshmQei38YyiVwVvFu8XOP6ACchkdxbJ+C9mZud8qWaRJKVbFTMUG\nNX4+6Q+FobyuKrwN7CEwhDALZtaN2IPbaPd6uG1B7QhWorrY+yFa8f2TBM3BxnUy\nI4T+bMIZIEYG7KtljCBoQXuTQmGtuffO0UwJksidg2ffCF5Q+K//JfQagJ3UzrR+\nZXbKMJdAw4bCVJYs4Z5EhHYBwQWiXCyMGTd7BGlmMkY6Av7ZqHKC/owp3/0EWDNz\nNqF09Wcpr3y3e8nA10X40MJqp/wR+1xtxp+YGbq/Cj5hZGBG7etFOmIpVBrDOhry\nBwIDAQAB\n-----END PUBLIC KEY-----\n"},"endpoints":{"sharedInbox":"http://mastodon.example.org/inbox"}} diff --git a/test/fixtures/httpoison_mock/hellpie.json b/test/fixtures/httpoison_mock/hellpie.json new file mode 100644 index 000000000..e228ba394 --- /dev/null +++ b/test/fixtures/httpoison_mock/hellpie.json @@ -0,0 +1 @@ +{"@context":["https://www.w3.org/ns/activitystreams","https://w3id.org/security/v1",{"manuallyApprovesFollowers":"as:manuallyApprovesFollowers","sensitive":"as:sensitive","movedTo":"as:movedTo","Hashtag":"as:Hashtag","ostatus":"http://ostatus.org#","atomUri":"ostatus:atomUri","inReplyToAtomUri":"ostatus:inReplyToAtomUri","conversation":"ostatus:conversation","toot":"http://joinmastodon.org/ns#","Emoji":"toot:Emoji"}],"id":"https://masto.quad.moe/users/_HellPie","type":"Person","following":"https://masto.quad.moe/users/_HellPie/following","followers":"https://masto.quad.moe/users/_HellPie/followers","inbox":"https://masto.quad.moe/users/_HellPie/inbox","outbox":"https://masto.quad.moe/users/_HellPie/outbox","preferredUsername":"_HellPie","name":"_HellPie","summary":"\u003cp\u003eAndroid (Java) Developer, Linux addict. Often an asshole. Usually mentally ill, sometimes just retarded.\u003c/p\u003e\u003cp\u003eGitHub: \u003ca href=\"https://github.com/HellPie\" rel=\"nofollow noopener\" target=\"_blank\"\u003e\u003cspan class=\"invisible\"\u003ehttps://\u003c/span\u003e\u003cspan class=\"\"\u003egithub.com/HellPie\u003c/span\u003e\u003cspan class=\"invisible\"\u003e\u003c/span\u003e\u003c/a\u003e\u003c/p\u003e","url":"https://masto.quad.moe/@_HellPie","manuallyApprovesFollowers":false,"publicKey":{"id":"https://masto.quad.moe/users/_HellPie#main-key","owner":"https://masto.quad.moe/users/_HellPie","publicKeyPem":"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fIReYnqpap6e3sIskIx\ni7q130EvfkSOTBTBe01w3Xb/7/JwzWgkmSp+sK5s/ImO2oZb3ljmKZ3iTg4ETtVa\nCrT98/5p4Hlw/Oozb0kTx+tUazrucr023u8lTmn5sVgksKue59gPzKEuJJT1Te7H\nPJg2frz4QZWEY9nuygJoDaWgLvq1aa4oRfctlpo2C4d4oKRZFx2wtgeGVpahsikX\nKFBWuvEMFL2LUWb44BkvN6bTmXL9ryQY2oRsWn0yZHnTvFItq4vkFSNNe6sK13pM\nOHu1rVJrKg2hNVpBowds9YqZM8zP9F0GS7SEARbwPRCaAGLJGNwLjfJolJ/231eU\nKQIDAQAB\n-----END PUBLIC KEY-----\n"},"endpoints":{"sharedInbox":"https://masto.quad.moe/inbox"},"icon":{"type":"Image","mediaType":"image/png","url":"https://masto.quad.moe/system/accounts/avatars/000/012/255/original/39b907e6b169191d.png"},"image":{"type":"Image","mediaType":"image/png","url":"https://masto.quad.moe/system/accounts/headers/000/012/255/original/8d3ace0025bdda431e07230668303945.png"}}
\ No newline at end of file diff --git a/test/fixtures/httpoison_mock/rye.json b/test/fixtures/httpoison_mock/rye.json new file mode 100644 index 000000000..f31d1ddd8 --- /dev/null +++ b/test/fixtures/httpoison_mock/rye.json @@ -0,0 +1 @@ +{"@context":["https://www.w3.org/ns/activitystreams","https://w3id.org/security/v1",{"manuallyApprovesFollowers":"as:manuallyApprovesFollowers","sensitive":"as:sensitive","movedTo":"as:movedTo","Hashtag":"as:Hashtag","ostatus":"http://ostatus.org#","atomUri":"ostatus:atomUri","inReplyToAtomUri":"ostatus:inReplyToAtomUri","conversation":"ostatus:conversation","toot":"http://joinmastodon.org/ns#","Emoji":"toot:Emoji"}],"id":"https://niu.moe/users/rye","type":"Person","following":"https://niu.moe/users/rye/following","followers":"https://niu.moe/users/rye/followers","inbox":"https://niu.moe/users/rye/inbox","outbox":"https://niu.moe/users/rye/outbox","preferredUsername":"rye","name":"♡ rye ♡","summary":"\u003cp\u003elettuce club champion\u003c/p\u003e\u003cp\u003eicon by gomigomipomi\u003c/p\u003e","url":"https://niu.moe/@rye","manuallyApprovesFollowers":false,"publicKey":{"id":"https://niu.moe/users/rye#main-key","owner":"https://niu.moe/users/rye","publicKeyPem":"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA83uRWjCFO35FwfA38mzv\nEL0TUaXB7+2hYvPwNrn1WY6me5DRbqB5zzMrzWMGr0HSooqNqEYBafGsmVTWUqIk\nKM9ehtIBraJI+mT5X7DPR3LrXOJF4a9EEslg8XvAk8MN9IrAhm6UljnvB67RtDcA\nTNB01VWy9yWnxFRtz9o/EMoBPyw5giOaXE2ibVNP8lQIqGKuuBKPzPjSJygdvQ5q\nxfow2z1TpKRqdsNDqn4n6U6zCXYTzkr0J71/tGw7fsgfv78l0Wjrc7EcuBk74OaG\nC65UDiu3X4Q6kxCfCEhPSfuwLN+UZkzxcn6goWR0iYpWs57+4tFKu9nJYP4QJ0K9\nTwIDAQAB\n-----END PUBLIC KEY-----\n"},"endpoints":{"sharedInbox":"https://niu.moe/inbox"},"icon":{"type":"Image","mediaType":"image/jpeg","url":"https://cdn.niu.moe/accounts/avatars/000/033/323/original/fd7f8ae0b3ffedc9.jpeg"},"image":{"type":"Image","mediaType":"image/png","url":"https://cdn.niu.moe/accounts/headers/000/033/323/original/850b3448fa5fd477.png"}}
\ No newline at end of file diff --git a/test/fixtures/mastodon-accept-activity.json b/test/fixtures/mastodon-accept-activity.json new file mode 100644 index 000000000..b661ed6da --- /dev/null +++ b/test/fixtures/mastodon-accept-activity.json @@ -0,0 +1,34 @@ +{ + "type": "Accept", + "signature": { + "type": "RsaSignature2017", + "signatureValue": "rBzK4Kqhd4g7HDS8WE5oRbWQb2R+HF/6awbUuMWhgru/xCODT0SJWSri0qWqEO4fPcpoUyz2d25cw6o+iy9wiozQb3hQNnu69AR+H5Mytc06+g10KCHexbGhbAEAw/7IzmeXELHUbaqeduaDIbdt1zw4RkwLXdqgQcGXTJ6ND1wM3WMHXQCK1m0flasIXFoBxpliPAGiElV8s0+Ltuh562GvflG3kB3WO+j+NaR0ZfG5G9N88xMj9UQlCKit5gpAE5p6syUsCU2WGBHywTumv73i3OVTIFfq+P9AdMsRuzw1r7zoKEsthW4aOzLQDi01ZjvdBz8zH6JnjDU7SMN/Ig==", + "creator": "http://mastodon.example.org/users/admin#main-key", + "created": "2018-02-17T14:36:41Z" + }, + "object": { + "type": "Follow", + "object": "http://mastodon.example.org/users/admin", + "id": "http://localtesting.pleroma.lol/users/lain#follows/4", + "actor": "http://localtesting.pleroma.lol/users/lain" + }, + "nickname": "lain", + "id": "http://mastodon.example.org/users/admin#accepts/follows/4", + "actor": "http://mastodon.example.org/users/admin", + "@context": [ + "https://www.w3.org/ns/activitystreams", + "https://w3id.org/security/v1", + { + "toot": "http://joinmastodon.org/ns#", + "sensitive": "as:sensitive", + "ostatus": "http://ostatus.org#", + "movedTo": "as:movedTo", + "manuallyApprovesFollowers": "as:manuallyApprovesFollowers", + "inReplyToAtomUri": "ostatus:inReplyToAtomUri", + "conversation": "ostatus:conversation", + "atomUri": "ostatus:atomUri", + "Hashtag": "as:Hashtag", + "Emoji": "toot:Emoji" + } + ] +}
\ No newline at end of file diff --git a/test/fixtures/mastodon-announce.json b/test/fixtures/mastodon-announce.json new file mode 100644 index 000000000..9d4861292 --- /dev/null +++ b/test/fixtures/mastodon-announce.json @@ -0,0 +1,37 @@ +{ + "type": "Announce", + "to": [ + "https://www.w3.org/ns/activitystreams#Public" + ], + "signature": { + "type": "RsaSignature2017", + "signatureValue": "T95DRE0eAligvMuRMkQA01lsoz2PKi4XXF+cyZ0BqbrO12p751TEWTyyRn5a+HH0e4kc77EUhQVXwMq80WAYDzHKVUTf2XBJPBa68vl0j6RXw3+HK4ef5hR4KWFNBU34yePS7S1fEmc1mTG4Yx926wtmZwDpEMTp1CXOeVEjCYzmdyHpepPPH2ZZettiacmPRSqBLPGWZoot7kH/SioIdnrMGY0I7b+rqkIdnnEcdhu9N1BKPEO9Sr+KmxgAUiidmNZlbBXX6gCxp8BiIdH4ABsIcwoDcGNkM5EmWunGW31LVjsEQXhH5c1Wly0ugYYPCg/0eHLNBOhKkY/teSM8Lg==", + "creator": "http://mastodon.example.org/users/admin#main-key", + "created": "2018-02-17T19:39:15Z" + }, + "published": "2018-02-17T19:39:15Z", + "object": "http://mastodon.example.org/@admin/99541947525187367", + "id": "http://mastodon.example.org/users/admin/statuses/99542391527669785/activity", + "cc": [ + "http://mastodon.example.org/users/admin", + "http://mastodon.example.org/users/admin/followers" + ], + "atomUri": "http://mastodon.example.org/users/admin/statuses/99542391527669785/activity", + "actor": "http://mastodon.example.org/users/admin", + "@context": [ + "https://www.w3.org/ns/activitystreams", + "https://w3id.org/security/v1", + { + "toot": "http://joinmastodon.org/ns#", + "sensitive": "as:sensitive", + "ostatus": "http://ostatus.org#", + "movedTo": "as:movedTo", + "manuallyApprovesFollowers": "as:manuallyApprovesFollowers", + "inReplyToAtomUri": "ostatus:inReplyToAtomUri", + "conversation": "ostatus:conversation", + "atomUri": "ostatus:atomUri", + "Hashtag": "as:Hashtag", + "Emoji": "toot:Emoji" + } + ] +} diff --git a/test/fixtures/mastodon-create-with-attachment.json b/test/fixtures/mastodon-create-with-attachment.json new file mode 100644 index 000000000..fb270b13f --- /dev/null +++ b/test/fixtures/mastodon-create-with-attachment.json @@ -0,0 +1,63 @@ +{ + "type": "Create", + "to": [ + "https://www.w3.org/ns/activitystreams#Public" + ], + "signature": { + "type": "RsaSignature2017", + "signatureValue": "KnaBoP7C4XYgzTFbM+CpGlx4p59ahWvNNo4reRGDlb/DmxL3OF1/WugNl0xHCOA3aoIX2rrkHniw+z4Yb+wOBf9ZOxgM+IHTKj69AEcm/4NxGXxStRv603JZNyboY371w8g/mIKmLLtL6dgUI3n2Laam2rYh//8aelEWQ240TxiJi/WcKuOT2DNInWOpfArgxJ4MA11n4tb4xX65RkxInTCFa1kaJG8L+A+EoXtIhTa4rCQDv/BH3a8x7vOJxHfEosEnkk/yVEqG+ccgoTvc+5/kK+TKk3S3GuXch0ro9RKqxfPAHkyg8eetRhNhKWZ/rgPNfcF6bGJKFA0i8TzjHw==", + "creator": "http://mastodon.example.org/users/admin#main-key", + "created": "2018-02-17T17:14:26Z" + }, + "published": "2018-02-17T17:14:26Z", + "object": { + "url": "http://mastodon.example.org/@admin/99541822081679796", + "type": "Note", + "to": [ + "https://www.w3.org/ns/activitystreams#Public" + ], + "tag": [], + "summary": null, + "sensitive": false, + "published": "2018-02-17T17:14:26Z", + "inReplyToAtomUri": null, + "inReplyTo": null, + "id": "http://mastodon.example.org/users/admin/statuses/99541822081679796", + "conversation": "tag:mastodon.example.org,2018-02-17:objectId=10:objectType=Conversation", + "content": "<p><a href=\"http://mastodon.example.org/media/hw4nrZmV5DPbW2z_hao\" rel=\"nofollow noopener\" target=\"_blank\"><span class=\"invisible\">http://</span><span class=\"ellipsis\">mastodon.example.org/media/hw4</span><span class=\"invisible\">nrZmV5DPbW2z_hao</span></a></p>", + "cc": [ + "http://mastodon.example.org/users/admin/followers" + ], + "attributedTo": "http://mastodon.example.org/users/admin", + "attachment": [ + { + "url": "http://mastodon.example.org/system/media_attachments/files/000/000/002/original/334ce029e7bfb920.jpg", + "type": "Document", + "name": null, + "mediaType": "image/jpeg" + } + ], + "atomUri": "http://mastodon.example.org/users/admin/statuses/99541822081679796" + }, + "id": "http://mastodon.example.org/users/admin/statuses/99541822081679796/activity", + "cc": [ + "http://mastodon.example.org/users/admin/followers" + ], + "actor": "http://mastodon.example.org/users/admin", + "@context": [ + "https://www.w3.org/ns/activitystreams", + "https://w3id.org/security/v1", + { + "toot": "http://joinmastodon.org/ns#", + "sensitive": "as:sensitive", + "ostatus": "http://ostatus.org#", + "movedTo": "as:movedTo", + "manuallyApprovesFollowers": "as:manuallyApprovesFollowers", + "inReplyToAtomUri": "ostatus:inReplyToAtomUri", + "conversation": "ostatus:conversation", + "atomUri": "ostatus:atomUri", + "Hashtag": "as:Hashtag", + "Emoji": "toot:Emoji" + } + ] +}
\ No newline at end of file diff --git a/test/fixtures/mastodon-follow-activity.json b/test/fixtures/mastodon-follow-activity.json new file mode 100644 index 000000000..7a6de6996 --- /dev/null +++ b/test/fixtures/mastodon-follow-activity.json @@ -0,0 +1,29 @@ +{ + "type": "Follow", + "signature": { + "type": "RsaSignature2017", + "signatureValue": "Kn1/UkAQGJVaXBfWLAHcnwHg8YMAUqlEaBuYLazAG+pz5hqivsyrBmPV186Xzr+B4ZLExA9+SnOoNx/GOz4hBm0kAmukNSILAsUd84tcJ2yT9zc1RKtembK4WiwOw7li0+maeDN0HaB6t+6eTqsCWmtiZpprhXD8V1GGT8yG7X24fQ9oFGn+ng7lasbcCC0988Y1eGqNe7KryxcPuQz57YkDapvtONzk8gyLTkZMV4De93MyRHq6GVjQVIgtiYabQAxrX6Q8C+4P/jQoqdWJHEe+MY5JKyNaT/hMPt2Md1ok9fZQBGHlErk22/zy8bSN19GdG09HmIysBUHRYpBLig==", + "creator": "http://mastodon.example.org/users/admin#main-key", + "created": "2018-02-17T13:29:31Z" + }, + "object": "http://localtesting.pleroma.lol/users/lain", + "nickname": "lain", + "id": "http://mastodon.example.org/users/admin#follows/2", + "actor": "http://mastodon.example.org/users/admin", + "@context": [ + "https://www.w3.org/ns/activitystreams", + "https://w3id.org/security/v1", + { + "toot": "http://joinmastodon.org/ns#", + "sensitive": "as:sensitive", + "ostatus": "http://ostatus.org#", + "movedTo": "as:movedTo", + "manuallyApprovesFollowers": "as:manuallyApprovesFollowers", + "inReplyToAtomUri": "ostatus:inReplyToAtomUri", + "conversation": "ostatus:conversation", + "atomUri": "ostatus:atomUri", + "Hashtag": "as:Hashtag", + "Emoji": "toot:Emoji" + } + ] +}
\ No newline at end of file diff --git a/test/fixtures/mastodon-like.json b/test/fixtures/mastodon-like.json new file mode 100644 index 000000000..39fb44c4a --- /dev/null +++ b/test/fixtures/mastodon-like.json @@ -0,0 +1,29 @@ +{ + "type": "Like", + "signature": { + "type": "RsaSignature2017", + "signatureValue": "fdxMfQSMwbC6wP6sh6neS/vM5879K67yQkHTbiT5Npr5wAac0y6+o3Ij+41tN3rL6wfuGTosSBTHOtta6R4GCOOhCaCSLMZKypnp1VltCzLDoyrZELnYQIC8gpUXVmIycZbREk22qWUe/w7DAFaKK4UscBlHDzeDVcA0K3Se5Sluqi9/Zh+ldAnEzj/rSEPDjrtvf5wGNf3fHxbKSRKFt90JvKK6hS+vxKUhlRFDf6/SMETw+EhwJSNW4d10yMUakqUWsFv4Acq5LW7l+HpYMvlYY1FZhNde1+uonnCyuQDyvzkff8zwtEJmAXC4RivO/VVLa17SmqheJZfI8oluVg==", + "creator": "http://mastodon.example.org/users/admin#main-key", + "created": "2018-02-17T18:57:49Z" + }, + "object": "http://localtesting.pleroma.lol/objects/eb92579d-3417-42a8-8652-2492c2d4f454", + "nickname": "lain", + "id": "http://mastodon.example.org/users/admin#likes/2", + "actor": "http://mastodon.example.org/users/admin", + "@context": [ + "https://www.w3.org/ns/activitystreams", + "https://w3id.org/security/v1", + { + "toot": "http://joinmastodon.org/ns#", + "sensitive": "as:sensitive", + "ostatus": "http://ostatus.org#", + "movedTo": "as:movedTo", + "manuallyApprovesFollowers": "as:manuallyApprovesFollowers", + "inReplyToAtomUri": "ostatus:inReplyToAtomUri", + "conversation": "ostatus:conversation", + "atomUri": "ostatus:atomUri", + "Hashtag": "as:Hashtag", + "Emoji": "toot:Emoji" + } + ] +}
\ No newline at end of file diff --git a/test/fixtures/mastodon-note-object.json b/test/fixtures/mastodon-note-object.json new file mode 100644 index 000000000..75bed9625 --- /dev/null +++ b/test/fixtures/mastodon-note-object.json @@ -0,0 +1,9 @@ +{"@context":["https://www.w3.org/ns/activitystreams","https://w3id.org/security/v1",{"manuallyApprovesFollowers":"as:manuallyApprovesFollowers","sensitive":"as:sensitive","movedTo":"as:movedTo","Hashtag":"as:Hashtag","ostatus":"http://ostatus.org#","atomUri":"ostatus:atomUri","inReplyToAtomUri":"ostatus:inReplyToAtomUri","conversation":"ostatus:conversation","toot":"http://joinmastodon.org/ns#","Emoji":"toot:Emoji"}],"id":"http://mastodon.example.org/users/admin/statuses/99541947525187367","type":"Note","summary":null,"content":"\u003cp\u003eyeah.\u003c/p\u003e","inReplyTo":null,"published":"2018-02-17T17:46:20Z","url":"http://mastodon.example.org/@admin/99541947525187367","attributedTo":"http://mastodon.example.org/users/admin","to":["https://www.w3.org/ns/activitystreams#Public"],"cc":["http://mastodon.example.org/users/admin/followers"],"sensitive":false,"atomUri":"http://mastodon.example.org/users/admin/statuses/99541947525187367","inReplyToAtomUri":null,"conversation":"tag:mastodon.example.org,2018-02-17:objectId=59:objectType=Conversation","tag":[], + "attachment": [ + { + "url": "http://mastodon.example.org/system/media_attachments/files/000/000/002/original/334ce029e7bfb920.jpg", + "type": "Document", + "name": null, + "mediaType": "image/jpeg" + } + ]} diff --git a/test/fixtures/mastodon-post-activity.json b/test/fixtures/mastodon-post-activity.json new file mode 100644 index 000000000..693e0ce39 --- /dev/null +++ b/test/fixtures/mastodon-post-activity.json @@ -0,0 +1,65 @@ +{ + "@context": [ + "https://www.w3.org/ns/activitystreams", + "https://w3id.org/security/v1", + { + "Emoji": "toot:Emoji", + "Hashtag": "as:Hashtag", + "atomUri": "ostatus:atomUri", + "conversation": "ostatus:conversation", + "inReplyToAtomUri": "ostatus:inReplyToAtomUri", + "manuallyApprovesFollowers": "as:manuallyApprovesFollowers", + "movedTo": "as:movedTo", + "ostatus": "http://ostatus.org#", + "sensitive": "as:sensitive", + "toot": "http://joinmastodon.org/ns#" + } + ], + "actor": "http://mastodon.example.org/users/admin", + "cc": [ + "http://mastodon.example.org/users/admin/followers", + "http://localtesting.pleroma.lol/users/lain" + ], + "id": "http://mastodon.example.org/users/admin/statuses/99512778738411822/activity", + "nickname": "lain", + "object": { + "atomUri": "http://mastodon.example.org/users/admin/statuses/99512778738411822", + "attachment": [], + "attributedTo": "http://mastodon.example.org/users/admin", + "cc": [ + "http://mastodon.example.org/users/admin/followers", + "http://localtesting.pleroma.lol/users/lain" + ], + "content": "<p><span class=\"h-card\"><a href=\"http://localtesting.pleroma.lol/users/lain\" class=\"u-url mention\">@<span>lain</span></a></span></p>", + "conversation": "tag:mastodon.example.org,2018-02-12:objectId=20:objectType=Conversation", + "id": "http://mastodon.example.org/users/admin/statuses/99512778738411822", + "inReplyTo": null, + "inReplyToAtomUri": null, + "published": "2018-02-12T14:08:20Z", + "sensitive": true, + "summary": "cw", + "tag": [ + { + "href": "http://localtesting.pleroma.lol/users/lain", + "name": "@lain@localtesting.pleroma.lol", + "type": "Mention" + } + ], + "to": [ + "https://www.w3.org/ns/activitystreams#Public" + ], + "type": "Note", + "url": "http://mastodon.example.org/@admin/99512778738411822" + }, + "published": "2018-02-12T14:08:20Z", + "signature": { + "created": "2018-02-12T14:08:20Z", + "creator": "http://mastodon.example.org/users/admin#main-key", + "signatureValue": "rnNfcopkc6+Ju73P806popcfwrK9wGYHaJVG1/ZvrlEbWVDzaHjkXqj9Q3/xju5l8CSn9tvSgCCtPFqZsFQwn/pFIFUcw7ZWB2xi4bDm3NZ3S4XQ8JRaaX7og5hFxAhWkGhJhAkfxVnOg2hG+w2d/7d7vRVSC1vo5ip4erUaA/PkWusZvPIpxnRWoXaxJsFmVx0gJgjpJkYDyjaXUlp+jmaoseeZ4EPQUWqHLKJ59PRG0mg8j2xAjYH9nQaN14qMRmTGPxY8gfv/CUFcatA+8VJU9KEsJkDAwLVvglydNTLGrxpAJU78a2eaht0foV43XUIZGe3DKiJPgE+UOKGCJw==", + "type": "RsaSignature2017" + }, + "to": [ + "https://www.w3.org/ns/activitystreams#Public" + ], + "type": "Create" +} diff --git a/test/support/factory.ex b/test/support/factory.ex index 7f378915e..1445fe828 100644 --- a/test/support/factory.ex +++ b/test/support/factory.ex @@ -52,7 +52,8 @@ defmodule Pleroma.Factory do %Pleroma.Activity{ data: data, - actor: data["actor"] + actor: data["actor"], + recipients: data["to"] } end diff --git a/test/support/httpoison_mock.ex b/test/support/httpoison_mock.ex index 21607ba95..b8f2422f6 100644 --- a/test/support/httpoison_mock.ex +++ b/test/support/httpoison_mock.ex @@ -366,6 +366,34 @@ defmodule HTTPoisonMock do }} end + def get("http://mastodon.example.org/users/admin", ["Accept": "application/activity+json"], _) do + {:ok, %Response{ + status_code: 200, + body: File.read!("test/fixtures/httpoison_mock/admin@mastdon.example.org.json") + }} + end + + def get("https://masto.quad.moe/users/_HellPie", ["Accept": "application/activity+json"], _) do + {:ok, %Response{ + status_code: 200, + body: File.read!("test/fixtures/httpoison_mock/hellpie.json") + }} + end + + def get("https://niu.moe/users/rye", ["Accept": "application/activity+json"], _) do + {:ok, %Response{ + status_code: 200, + body: File.read!("test/fixtures/httpoison_mock/rye.json") + }} + end + + def get("http://mastodon.example.org/@admin/99541947525187367", ["Accept": "application/activity+json"], _) do + {:ok, %Response{ + status_code: 200, + body: File.read!("test/fixtures/mastodon-note-object.json") + }} + end + def get(url, body, headers) do {:error, "Not implemented the mock response for get #{inspect(url)}, #{inspect(body)}, #{inspect(headers)}"} end diff --git a/test/user_test.exs b/test/user_test.exs index 0c87b778c..058b67c6d 100644 --- a/test/user_test.exs +++ b/test/user_test.exs @@ -370,4 +370,15 @@ defmodule Pleroma.UserTest do refute Repo.get(Activity, activity.id) end + + test "get_public_key_for_ap_id fetches a user that's not in the db" do + assert {:ok, _key} = User.get_public_key_for_ap_id("http://mastodon.example.org/users/admin") + end + + test "insert or update a user from given data" do + user = insert(:user, %{nickname: "nick@name.de"}) + data = %{ ap_id: user.ap_id <> "xxx", name: user.name, nickname: user.nickname } + + assert {:ok, %User{}} = User.insert_or_update_user(data) + end end diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs new file mode 100644 index 000000000..957687c43 --- /dev/null +++ b/test/web/activity_pub/activity_pub_controller_test.exs @@ -0,0 +1,46 @@ +defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do + use Pleroma.Web.ConnCase + import Pleroma.Factory + alias Pleroma.Web.ActivityPub.{UserView, ObjectView} + alias Pleroma.{Repo, User} + + describe "/users/:nickname" do + test "it returns a json representation of the user", %{conn: conn} do + user = insert(:user) + + conn = conn + |> put_req_header("accept", "application/activity+json") + |> get("/users/#{user.nickname}") + + user = Repo.get(User, user.id) + + assert json_response(conn, 200) == UserView.render("user.json", %{user: user}) + end + end + + describe "/object/:uuid" do + test "it returns a json representation of the object", %{conn: conn} do + note = insert(:note) + uuid = String.split(note.data["id"], "/") |> List.last + + conn = conn + |> put_req_header("accept", "application/activity+json") + |> get("/objects/#{uuid}") + + assert json_response(conn, 200) == ObjectView.render("object.json", %{object: note}) + end + end + + describe "/users/:nickname/inbox" do + test "it inserts an incoming activity into the database", %{conn: conn} do + data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode! + + conn = conn + |> assign(:valid_signature, true) + |> put_req_header("content-type", "application/activity+json") + |> post("/users/doesntmatter/inbox", data) + + assert "ok" == json_response(conn, 200) + end + end +end diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index f423ea8be..4aeabc596 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -7,6 +7,18 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do import Pleroma.Factory + describe "building a user from his ap id" do + test "it returns a user" do + user_id = "http://mastodon.example.org/users/admin" + {:ok, user} = ActivityPub.make_user_from_ap_id(user_id) + assert user.ap_id == user_id + assert user.nickname == "admin@mastodon.example.org" + assert user.info["source_data"] + assert user.info["ap_enabled"] + assert user.follower_address == "http://mastodon.example.org/users/admin/followers" + end + end + describe "insertion" do test "returns the activity if one with the same id is already in" do activity = insert(:note_activity) @@ -50,9 +62,10 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do describe "create activities" do test "removes doubled 'to' recipients" do - {:ok, activity} = ActivityPub.create(["user1", "user1", "user2"], %User{ap_id: "1"}, "", %{}) + {:ok, activity} = ActivityPub.create(%{to: ["user1", "user1", "user2"], actor: %User{ap_id: "1"}, context: "", object: %{}}) assert activity.data["to"] == ["user1", "user2"] assert activity.actor == "1" + assert activity.recipients == ["user1", "user2"] end end @@ -252,6 +265,31 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do end end + describe "fetching an object" do + test "it fetches an object" do + {:ok, object} = ActivityPub.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367") + assert activity = Activity.get_create_activity_by_object_ap_id(object.data["id"]) + assert activity.data["id"] + + {:ok, object_again} = ActivityPub.fetch_object_from_id("http://mastodon.example.org/@admin/99541947525187367") + + assert [attachment] = object.data["attachment"] + assert is_list(attachment["url"]) + + assert object == object_again + end + + test "it works with objects only available via Ostatus" do + {:ok, object} = ActivityPub.fetch_object_from_id("https://shitposter.club/notice/2827873") + assert activity = Activity.get_create_activity_by_object_ap_id(object.data["id"]) + assert activity.data["id"] + + {:ok, object_again} = ActivityPub.fetch_object_from_id("https://shitposter.club/notice/2827873") + + assert object == object_again + end + end + describe "following / unfollowing" do test "creates a follow activity" do follower = insert(:user) diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs new file mode 100644 index 000000000..96dd63057 --- /dev/null +++ b/test/web/activity_pub/transmogrifier_test.exs @@ -0,0 +1,181 @@ +defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do + use Pleroma.DataCase + alias Pleroma.Web.ActivityPub.Transmogrifier + alias Pleroma.Activity + alias Pleroma.User + alias Pleroma.Repo + import Ecto.Query + + import Pleroma.Factory + alias Pleroma.Web.CommonAPI + + describe "handle_incoming" do + test "it ignores an incoming notice if we already have it" do + activity = insert(:note_activity) + + data = File.read!("test/fixtures/mastodon-post-activity.json") + |> Poison.decode! + |> Map.put("object", activity.data["object"]) + + {:ok, returned_activity} = Transmogrifier.handle_incoming(data) + + assert activity == returned_activity + end + + test "it fetches replied-to activities if we don't have them" do + data = File.read!("test/fixtures/mastodon-post-activity.json") + |> Poison.decode! + + object = data["object"] + |> Map.put("inReplyTo", "https://shitposter.club/notice/2827873") + + data = data + |> Map.put("object", object) + + {:ok, returned_activity} = Transmogrifier.handle_incoming(data) + + assert Activity.get_create_activity_by_object_ap_id("tag:shitposter.club,2017-05-05:noticeId=2827873:objectType=comment") + end + + test "it works for incoming notices" do + data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode! + + {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data) + assert data["id"] == "http://mastodon.example.org/users/admin/statuses/99512778738411822/activity" + assert data["context"] == "tag:mastodon.example.org,2018-02-12:objectId=20:objectType=Conversation" + assert data["to"] == ["https://www.w3.org/ns/activitystreams#Public"] + assert data["cc"] == [ + "http://mastodon.example.org/users/admin/followers", + "http://localtesting.pleroma.lol/users/lain" + ] + assert data["actor"] == "http://mastodon.example.org/users/admin" + + object = data["object"] + assert object["id"] == "http://mastodon.example.org/users/admin/statuses/99512778738411822" + + assert object["to"] == ["https://www.w3.org/ns/activitystreams#Public"] + assert object["cc"] == [ + "http://mastodon.example.org/users/admin/followers", + "http://localtesting.pleroma.lol/users/lain" + ] + assert object["actor"] == "http://mastodon.example.org/users/admin" + assert object["attributedTo"] == "http://mastodon.example.org/users/admin" + assert object["context"] == "tag:mastodon.example.org,2018-02-12:objectId=20:objectType=Conversation" + assert object["sensitive"] == true + end + + test "it works for incoming follow requests" do + user = insert(:user) + data = File.read!("test/fixtures/mastodon-follow-activity.json") |> Poison.decode! + |> Map.put("object", user.ap_id) + + {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data) + + assert data["actor"] == "http://mastodon.example.org/users/admin" + assert data["type"] == "Follow" + assert data["id"] == "http://mastodon.example.org/users/admin#follows/2" + assert User.following?(User.get_by_ap_id(data["actor"]), user) + end + + test "it works for incoming likes" do + user = insert(:user) + {:ok, activity} = CommonAPI.post(user, %{"status" => "hello"}) + + data = File.read!("test/fixtures/mastodon-like.json") |> Poison.decode! + |> Map.put("object", activity.data["object"]["id"]) + + {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data) + + assert data["actor"] == "http://mastodon.example.org/users/admin" + assert data["type"] == "Like" + assert data["id"] == "http://mastodon.example.org/users/admin#likes/2" + assert data["object"] == activity.data["object"]["id"] + end + + test "it works for incoming announces" do + data = File.read!("test/fixtures/mastodon-announce.json") |> Poison.decode! + + {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data) + + assert data["actor"] == "http://mastodon.example.org/users/admin" + assert data["type"] == "Announce" + assert data["id"] == "http://mastodon.example.org/users/admin/statuses/99542391527669785/activity" + assert data["object"] == "http://mastodon.example.org/users/admin/statuses/99541947525187367" + + assert Activity.get_create_activity_by_object_ap_id(data["object"]) + end + + test "it works for incoming announces with an existing activity" do + user = insert(:user) + {:ok, activity} = CommonAPI.post(user, %{"status" => "hey"}) + + data = File.read!("test/fixtures/mastodon-announce.json") + |> Poison.decode! + |> Map.put("object", activity.data["object"]["id"]) + + {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data) + + assert data["actor"] == "http://mastodon.example.org/users/admin" + assert data["type"] == "Announce" + assert data["id"] == "http://mastodon.example.org/users/admin/statuses/99542391527669785/activity" + assert data["object"] == activity.data["object"]["id"] + + assert Activity.get_create_activity_by_object_ap_id(data["object"]).id == activity.id + end + end + + describe "prepare outgoing" do + test "it turns mentions into tags" do + user = insert(:user) + other_user = insert(:user) + + {:ok, activity} = CommonAPI.post(user, %{"status" => "hey, @#{other_user.nickname}, how are ya? #2hu"}) + + {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data) + object = modified["object"] + + expected_mention = %{ + "href" => other_user.ap_id, + "name" => "@#{other_user.nickname}", + "type" => "Mention" + } + + expected_tag = %{ + "href" => Pleroma.Web.Endpoint.url <> "/tags/2hu", + "type" => "Hashtag", + "name" => "#2hu" + } + + assert Enum.member?(object["tag"], expected_tag) + assert Enum.member?(object["tag"], expected_mention) + end + + test "it adds the sensitive property" do + user = insert(:user) + + {:ok, activity} = CommonAPI.post(user, %{"status" => "#nsfw hey"}) + {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data) + + assert modified["object"]["sensitive"] + end + + test "it adds the json-ld context and the conversation property" do + user = insert(:user) + + {:ok, activity} = CommonAPI.post(user, %{"status" => "hey"}) + {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data) + + assert modified["@context"] == "https://www.w3.org/ns/activitystreams" + assert modified["object"]["conversation"] == modified["context"] + end + + test "it sets the 'attributedTo' property to the actor of the object if it doesn't have one" do + user = insert(:user) + + {:ok, activity} = CommonAPI.post(user, %{"status" => "hey"}) + {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data) + + assert modified["object"]["actor"] == modified["object"]["attributedTo"] + end + end +end diff --git a/test/web/activity_pub/views/object_view_test.exs b/test/web/activity_pub/views/object_view_test.exs new file mode 100644 index 000000000..6a1311be7 --- /dev/null +++ b/test/web/activity_pub/views/object_view_test.exs @@ -0,0 +1,17 @@ +defmodule Pleroma.Web.ActivityPub.ObjectViewTest do + use Pleroma.DataCase + import Pleroma.Factory + + alias Pleroma.Web.ActivityPub.ObjectView + + test "renders a note object" do + note = insert(:note) + + result = ObjectView.render("object.json", %{object: note}) + + assert result["id"] == note.data["id"] + assert result["to"] == note.data["to"] + assert result["content"] == note.data["content"] + assert result["type"] == "Note" + end +end diff --git a/test/web/activity_pub/views/user_view_test.exs b/test/web/activity_pub/views/user_view_test.exs new file mode 100644 index 000000000..0c64e62c3 --- /dev/null +++ b/test/web/activity_pub/views/user_view_test.exs @@ -0,0 +1,18 @@ +defmodule Pleroma.Web.ActivityPub.UserViewTest do + use Pleroma.DataCase + import Pleroma.Factory + + alias Pleroma.Web.ActivityPub.UserView + + test "Renders a user, including the public key" do + user = insert(:user) + {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) + + result = UserView.render("user.json", %{user: user}) + + assert result["id"] == user.ap_id + assert result["preferredUsername"] == user.nickname + + assert String.contains?(result["publicKey"]["publicKeyPem"], "BEGIN RSA PUBLIC KEY") + end +end diff --git a/test/web/http_sigs/http_sig_test.exs b/test/web/http_sigs/http_sig_test.exs new file mode 100644 index 000000000..fd568a67a --- /dev/null +++ b/test/web/http_sigs/http_sig_test.exs @@ -0,0 +1,154 @@ +# http signatures +# Test data from https://tools.ietf.org/html/draft-cavage-http-signatures-08#appendix-C +defmodule Pleroma.Web.HTTPSignaturesTest do + use Pleroma.DataCase + alias Pleroma.Web.HTTPSignatures + import Pleroma.Factory + + @private_key (hd(:public_key.pem_decode(File.read!("test/web/http_sigs/priv.key"))) + |> :public_key.pem_entry_decode()) + + @public_key (hd(:public_key.pem_decode(File.read!("test/web/http_sigs/pub.key"))) + |> :public_key.pem_entry_decode()) + + @headers %{ + "(request-target)" => "post /foo?param=value&pet=dog", + "host" => "example.com", + "date" => "Thu, 05 Jan 2014 21:31:40 GMT", + "content-type" => "application/json", + "digest" => "SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=", + "content-length" => "18" + } + + @body "{\"hello\": \"world\"}" + + @default_signature """ + keyId="Test",algorithm="rsa-sha256",signature="jKyvPcxB4JbmYY4mByyBY7cZfNl4OW9HpFQlG7N4YcJPteKTu4MWCLyk+gIr0wDgqtLWf9NLpMAMimdfsH7FSWGfbMFSrsVTHNTk0rK3usrfFnti1dxsM4jl0kYJCKTGI/UWkqiaxwNiKqGcdlEDrTcUhhsFsOIo8VhddmZTZ8w=" + """ + + @basic_signature """ + keyId="Test",algorithm="rsa-sha256",headers="(request-target) host date",signature="HUxc9BS3P/kPhSmJo+0pQ4IsCo007vkv6bUm4Qehrx+B1Eo4Mq5/6KylET72ZpMUS80XvjlOPjKzxfeTQj4DiKbAzwJAb4HX3qX6obQTa00/qPDXlMepD2JtTw33yNnm/0xV7fQuvILN/ys+378Ysi082+4xBQFwvhNvSoVsGv4=" + """ + + @all_headers_signature """ + keyId="Test",algorithm="rsa-sha256",headers="(request-target) host date content-type digest content-length",signature="Ef7MlxLXoBovhil3AlyjtBwAL9g4TN3tibLj7uuNB3CROat/9KaeQ4hW2NiJ+pZ6HQEOx9vYZAyi+7cmIkmJszJCut5kQLAwuX+Ms/mUFvpKlSo9StS2bMXDBNjOh4Auj774GFj4gwjS+3NhFeoqyr/MuN6HsEnkvn6zdgfE2i0=" + """ + + test "split up a signature" do + expected = %{ + "keyId" => "Test", + "algorithm" => "rsa-sha256", + "signature" => "jKyvPcxB4JbmYY4mByyBY7cZfNl4OW9HpFQlG7N4YcJPteKTu4MWCLyk+gIr0wDgqtLWf9NLpMAMimdfsH7FSWGfbMFSrsVTHNTk0rK3usrfFnti1dxsM4jl0kYJCKTGI/UWkqiaxwNiKqGcdlEDrTcUhhsFsOIo8VhddmZTZ8w=", + "headers" => ["date"] + } + + assert HTTPSignatures.split_signature(@default_signature) == expected + end + + test "validates the default case" do + signature = HTTPSignatures.split_signature(@default_signature) + assert HTTPSignatures.validate(@headers, signature, @public_key) + end + + test "validates the basic case" do + signature = HTTPSignatures.split_signature(@basic_signature) + assert HTTPSignatures.validate(@headers, signature, @public_key) + end + + test "validates the all-headers case" do + signature = HTTPSignatures.split_signature(@all_headers_signature) + assert HTTPSignatures.validate(@headers, signature, @public_key) + end + + test "it contructs a signing string" do + expected = "date: Thu, 05 Jan 2014 21:31:40 GMT\ncontent-length: 18" + assert expected == HTTPSignatures.build_signing_string(@headers, ["date", "content-length"]) + end + + test "it validates a conn" do + public_key_pem = "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGb42rPZIapY4Hfhxrgn\nxKVJczBkfDviCrrYaYjfGxawSw93dWTUlenCVTymJo8meBlFgIQ70ar4rUbzl6GX\nMYvRdku072d1WpglNHXkjKPkXQgngFDrh2sGKtNB/cEtJcAPRO8OiCgPFqRtMiNM\nc8VdPfPdZuHEIZsJ/aUM38EnqHi9YnVDQik2xxDe3wPghOhqjxUM6eLC9jrjI+7i\naIaEygUdyst9qVg8e2FGQlwAeS2Eh8ygCxn+bBlT5OyV59jSzbYfbhtF2qnWHtZy\nkL7KOOwhIfGs7O9SoR2ZVpTEQ4HthNzainIe/6iCR5HGrao/T8dygweXFYRv+k5A\nPQIDAQAB\n-----END PUBLIC KEY-----\n" + [public_key] = :public_key.pem_decode(public_key_pem) + + public_key = public_key + |> :public_key.pem_entry_decode() + + conn = %{ + req_headers: [ + {"host", "localtesting.pleroma.lol"}, + {"connection", "close"}, + {"content-length", "2316"}, + {"user-agent", "http.rb/2.2.2 (Mastodon/2.1.0.rc3; +http://mastodon.example.org/)"}, + {"date", "Sun, 10 Dec 2017 14:23:49 GMT"}, + {"digest", "SHA-256=x/bHADMW8qRrq2NdPb5P9fl0lYpKXXpe5h5maCIL0nM="}, + {"content-type", "application/activity+json"}, + {"(request-target)", "post /users/demiurge/inbox"}, + {"signature", "keyId=\"http://mastodon.example.org/users/admin#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) user-agent host date digest content-type\",signature=\"i0FQvr51sj9BoWAKydySUAO1RDxZmNY6g7M62IA7VesbRSdFZZj9/fZapLp6YSuvxUF0h80ZcBEq9GzUDY3Chi9lx6yjpUAS2eKb+Am/hY3aswhnAfYd6FmIdEHzsMrpdKIRqO+rpQ2tR05LwiGEHJPGS0p528NvyVxrxMT5H5yZS5RnxY5X2HmTKEgKYYcvujdv7JWvsfH88xeRS7Jlq5aDZkmXvqoR4wFyfgnwJMPLel8P/BUbn8BcXglH/cunR0LUP7sflTxEz+Rv5qg+9yB8zgBsB4C0233WpcJxjeD6Dkq0EcoJObBR56F8dcb7NQtUDu7x6xxzcgSd7dHm5w==\""}] + } + + assert HTTPSignatures.validate_conn(conn, public_key) + end + + test "it validates a conn and fetches the key" do + conn = %{ + params: %{"actor" => "http://mastodon.example.org/users/admin"}, + req_headers: [ + {"host", "localtesting.pleroma.lol"}, + {"x-forwarded-for", "127.0.0.1"}, + {"connection", "close"}, + {"content-length", "2307"}, + {"user-agent", "http.rb/2.2.2 (Mastodon/2.1.0.rc3; +http://mastodon.example.org/)"}, + {"date", "Sun, 11 Feb 2018 17:12:01 GMT"}, + {"digest", "SHA-256=UXsAnMtR9c7mi1FOf6HRMtPgGI1yi2e9nqB/j4rZ99I="}, + {"content-type", "application/activity+json"}, + {"signature", "keyId=\"http://mastodon.example.org/users/admin#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) user-agent host date digest content-type\",signature=\"qXKqpQXUpC3d9bZi2ioEeAqP8nRMD021CzH1h6/w+LRk4Hj31ARJHDwQM+QwHltwaLDUepshMfz2WHSXAoLmzWtvv7xRwY+mRqe+NGk1GhxVZ/LSrO/Vp7rYfDpfdVtkn36LU7/Bzwxvvaa4ZWYltbFsRBL0oUrqsfmJFswNCQIG01BB52BAhGSCORHKtQyzo1IZHdxl8y80pzp/+FOK2SmHkqWkP9QbaU1qTZzckL01+7M5btMW48xs9zurEqC2sM5gdWMQSZyL6isTV5tmkTZrY8gUFPBJQZgihK44v3qgfWojYaOwM8ATpiv7NG8wKN/IX7clDLRMA8xqKRCOKw==\""}, + {"(request-target)", "post /users/demiurge/inbox"} + ] + } + + assert HTTPSignatures.validate_conn(conn) + end + + test "validate this" do + conn = %{ + params: %{"actor" => "https://niu.moe/users/rye"}, + req_headers: [ + {"x-forwarded-for", "149.202.73.191"}, + {"host", "testing.pleroma.lol"}, + {"x-cluster-client-ip", "149.202.73.191"}, + {"connection", "upgrade"}, + {"content-length", "2396"}, + {"user-agent", "http.rb/3.0.0 (Mastodon/2.2.0; +https://niu.moe/)"}, + {"date", "Sun, 18 Feb 2018 20:31:51 GMT"}, + {"digest", "SHA-256=dzH+vLyhxxALoe9RJdMl4hbEV9bGAZnSfddHQzeidTU="}, + {"content-type", "application/activity+json"}, + {"signature", "keyId=\"https://niu.moe/users/rye#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) user-agent host date digest content-type\",signature=\"wtxDg4kIpW7nsnUcVJhBk6SgJeDZOocr8yjsnpDRqE52lR47SH6X7G16r7L1AUJdlnbfx7oqcvomoIJoHB3ghP6kRnZW6MyTMZ2jPoi3g0iC5RDqv6oAmDSO14iw6U+cqZbb3P/odS5LkbThF0UNXcfenVNfsKosIJycFjhNQc54IPCDXYq/7SArEKJp8XwEgzmiC2MdxlkVIUSTQYfjM4EG533cwlZocw1mw72e5mm/owTa80BUZAr0OOuhoWARJV9btMb02ZyAF6SCSoGPTA37wHyfM1Dk88NHf7Z0Aov/Fl65dpRM+XyoxdkpkrhDfH9qAx4iuV2VEWddQDiXHA==\""}, + {"(request-target)", "post /inbox"} + ] + } + assert HTTPSignatures.validate_conn(conn) + end + + test "validate this too" do + conn = %{ + params: %{"actor" => "https://niu.moe/users/rye"}, + req_headers: [ + {"x-forwarded-for", "149.202.73.191"}, + {"host", "testing.pleroma.lol"}, + {"x-cluster-client-ip", "149.202.73.191"}, + {"connection", "upgrade"}, + {"content-length", "2342"}, + {"user-agent", "http.rb/3.0.0 (Mastodon/2.2.0; +https://niu.moe/)"}, + {"date", "Sun, 18 Feb 2018 21:44:46 GMT"}, + {"digest", "SHA-256=vS8uDOJlyAu78cF3k5EzrvaU9iilHCX3chP37gs5sS8="}, + {"content-type", "application/activity+json"}, + {"signature", "keyId=\"https://niu.moe/users/rye#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) user-agent host date digest content-type\",signature=\"IN6fHD8pLiDEf35dOaRHzJKc1wBYh3/Yq0ItaNGxUSbJTd2xMjigZbcsVKzvgYYjglDDN+disGNeD+OBKwMqkXWaWe/lyMc9wHvCH5NMhpn/A7qGLY8yToSt4vh8ytSkZKO6B97yC+Nvy6Fz/yMbvKtFycIvSXCq417cMmY6f/aG+rtMUlTbKO5gXzC7SUgGJCtBPCh1xZzu5/w0pdqdjO46ePNeR6JyJSLLV4hfo3+p2n7SRraxM4ePVCUZqhwS9LPt3Zdhy3ut+IXCZgMVIZggQFM+zXLtcXY5HgFCsFQr5WQDu+YkhWciNWtKFnWfAsnsg5sC330lZ/0Z8Z91yA==\""}, + {"(request-target)", "post /inbox"} + ]} + assert HTTPSignatures.validate_conn(conn) + end + + test "it generates a signature" do + user = insert(:user) + assert HTTPSignatures.sign(user, %{host: "mastodon.example.org"}) =~ "keyId=\"" + end +end diff --git a/test/web/http_sigs/priv.key b/test/web/http_sigs/priv.key new file mode 100644 index 000000000..425518a06 --- /dev/null +++ b/test/web/http_sigs/priv.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF +NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F +UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB +AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA +QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK +kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg +f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u +412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc +mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7 +kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA +gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW +G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI +7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA== +-----END RSA PRIVATE KEY----- diff --git a/test/web/http_sigs/pub.key b/test/web/http_sigs/pub.key new file mode 100644 index 000000000..b3bbf6cb9 --- /dev/null +++ b/test/web/http_sigs/pub.key @@ -0,0 +1,6 @@ +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3 +6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6 +Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw +oYi+1hqp1fIekaxsyQIDAQAB +-----END PUBLIC KEY----- diff --git a/test/web/ostatus/ostatus_test.exs b/test/web/ostatus/ostatus_test.exs index 1f10ea4d2..1dd381ac4 100644 --- a/test/web/ostatus/ostatus_test.exs +++ b/test/web/ostatus/ostatus_test.exs @@ -355,13 +355,6 @@ defmodule Pleroma.Web.OStatusTest do end end - test "insert or update a user from given data" do - user = insert(:user, %{nickname: "nick@name.de"}) - data = %{ ap_id: user.ap_id <> "xxx", name: user.name, nickname: user.nickname } - - assert {:ok, %User{}} = OStatus.insert_or_update_user(data) - end - test "it doesn't add nil in the do field" do incoming = File.read!("test/fixtures/nil_mention_entry.xml") {:ok, [activity]} = OStatus.handle_incoming(incoming) diff --git a/test/web/twitter_api/representers/object_representer_test.exs b/test/web/twitter_api/representers/object_representer_test.exs index 791b30237..ac8184407 100644 --- a/test/web/twitter_api/representers/object_representer_test.exs +++ b/test/web/twitter_api/representers/object_representer_test.exs @@ -28,4 +28,24 @@ defmodule Pleroma.Web.TwitterAPI.Representers.ObjectReprenterTest do assert expected_object == ObjectRepresenter.to_map(object) end + + test "represents mastodon-style attachments" do + object = %Object{ + id: nil, + data: %{ + "mediaType" => "image/png", + "name" => "blabla", "type" => "Document", + "url" => "http://mastodon.example.org/system/media_attachments/files/000/000/001/original/8619f31c6edec470.png" + } + } + + expected_object = %{ + url: "http://mastodon.example.org/system/media_attachments/files/000/000/001/original/8619f31c6edec470.png", + mimetype: "image/png", + oembed: false, + id: nil + } + + assert expected_object == ObjectRepresenter.to_map(object) + end end |