2024-05-13 17:03:21 +00:00
|
|
|
package app
|
|
|
|
|
|
|
|
import (
|
2024-05-16 19:11:02 +00:00
|
|
|
"bytes"
|
2024-05-14 19:23:37 +00:00
|
|
|
"crypto/rand"
|
2024-05-13 17:03:21 +00:00
|
|
|
"crypto/rsa"
|
|
|
|
"crypto/x509"
|
|
|
|
"encoding/pem"
|
2024-05-16 19:11:02 +00:00
|
|
|
"errors"
|
2024-05-13 17:03:21 +00:00
|
|
|
"io"
|
|
|
|
"log/slog"
|
|
|
|
"net/http"
|
|
|
|
"net/url"
|
|
|
|
"owl-blogs/app/repository"
|
|
|
|
"owl-blogs/config"
|
|
|
|
"owl-blogs/domain/model"
|
2024-05-17 19:05:13 +00:00
|
|
|
entrytypes "owl-blogs/entry_types"
|
2024-05-17 20:37:18 +00:00
|
|
|
"owl-blogs/interactions"
|
2024-05-13 17:03:21 +00:00
|
|
|
"owl-blogs/render"
|
2024-05-14 19:23:37 +00:00
|
|
|
"reflect"
|
2024-05-13 17:03:21 +00:00
|
|
|
"time"
|
|
|
|
|
|
|
|
vocab "github.com/go-ap/activitypub"
|
2024-05-16 19:11:02 +00:00
|
|
|
"github.com/go-ap/jsonld"
|
2024-05-13 17:03:21 +00:00
|
|
|
"github.com/go-fed/httpsig"
|
|
|
|
)
|
|
|
|
|
|
|
|
type ActivityPubConfig struct {
|
|
|
|
PreferredUsername string
|
|
|
|
PublicKeyPem string
|
|
|
|
PrivateKeyPem string
|
|
|
|
}
|
|
|
|
|
|
|
|
// Form implements app.AppConfig.
|
|
|
|
func (cfg *ActivityPubConfig) Form(binSvc model.BinaryStorageInterface) string {
|
|
|
|
f, _ := render.RenderTemplateToString("forms/ActivityPubConfig", cfg)
|
|
|
|
return f
|
|
|
|
}
|
|
|
|
|
|
|
|
// ParseFormData implements app.AppConfig.
|
|
|
|
func (cfg *ActivityPubConfig) ParseFormData(data model.HttpFormData, binSvc model.BinaryStorageInterface) error {
|
|
|
|
cfg.PreferredUsername = data.FormValue("PreferredUsername")
|
|
|
|
cfg.PublicKeyPem = data.FormValue("PublicKeyPem")
|
|
|
|
cfg.PrivateKeyPem = data.FormValue("PrivateKeyPem")
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (cfg *ActivityPubConfig) PrivateKey() *rsa.PrivateKey {
|
|
|
|
block, _ := pem.Decode([]byte(cfg.PrivateKeyPem))
|
2024-05-16 19:11:02 +00:00
|
|
|
privKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
|
|
|
|
if err != nil {
|
|
|
|
slog.Error("error x509.ParsePKCS1PrivateKey", "err", err)
|
|
|
|
}
|
2024-05-13 17:03:21 +00:00
|
|
|
return privKey
|
|
|
|
}
|
|
|
|
|
|
|
|
type ActivityPubService struct {
|
2024-05-17 20:37:18 +00:00
|
|
|
followersRepo repository.FollowerRepository
|
|
|
|
configRepo repository.ConfigRepository
|
|
|
|
interactionRepository repository.InteractionRepository
|
|
|
|
entryService *EntryService
|
|
|
|
siteConfigServcie *SiteConfigService
|
2024-05-13 17:03:21 +00:00
|
|
|
}
|
|
|
|
|
2024-05-17 18:23:38 +00:00
|
|
|
func NewActivityPubService(
|
|
|
|
followersRepo repository.FollowerRepository,
|
|
|
|
configRepo repository.ConfigRepository,
|
2024-05-17 20:37:18 +00:00
|
|
|
interactionRepository repository.InteractionRepository,
|
|
|
|
entryService *EntryService,
|
2024-05-17 18:23:38 +00:00
|
|
|
siteConfigServcie *SiteConfigService,
|
2024-05-17 19:05:13 +00:00
|
|
|
bus *EventBus,
|
2024-05-17 18:23:38 +00:00
|
|
|
) *ActivityPubService {
|
2024-05-17 19:05:13 +00:00
|
|
|
service := &ActivityPubService{
|
2024-05-17 20:37:18 +00:00
|
|
|
followersRepo: followersRepo,
|
|
|
|
configRepo: configRepo,
|
|
|
|
interactionRepository: interactionRepository,
|
|
|
|
entryService: entryService,
|
|
|
|
siteConfigServcie: siteConfigServcie,
|
2024-05-13 17:03:21 +00:00
|
|
|
}
|
2024-05-17 19:05:13 +00:00
|
|
|
|
|
|
|
bus.Subscribe(service)
|
|
|
|
|
|
|
|
return service
|
2024-05-13 17:03:21 +00:00
|
|
|
}
|
|
|
|
|
2024-05-14 19:23:37 +00:00
|
|
|
func (svc *ActivityPubService) defaultConfig() ActivityPubConfig {
|
|
|
|
privKey, _ := rsa.GenerateKey(rand.Reader, 2048)
|
|
|
|
pubKey := privKey.Public().(*rsa.PublicKey)
|
|
|
|
|
|
|
|
pubKeyPem := pem.EncodeToMemory(
|
|
|
|
&pem.Block{
|
|
|
|
Type: "RSA PUBLIC KEY",
|
|
|
|
Bytes: x509.MarshalPKCS1PublicKey(pubKey),
|
|
|
|
},
|
|
|
|
)
|
|
|
|
|
|
|
|
privKeyPrm := pem.EncodeToMemory(
|
|
|
|
&pem.Block{
|
|
|
|
Type: "RSA PRIVATE KEY",
|
|
|
|
Bytes: x509.MarshalPKCS1PrivateKey(privKey),
|
|
|
|
},
|
|
|
|
)
|
|
|
|
|
|
|
|
return ActivityPubConfig{
|
|
|
|
PreferredUsername: "blog",
|
|
|
|
PublicKeyPem: string(pubKeyPem),
|
|
|
|
PrivateKeyPem: string(privKeyPrm),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (svc *ActivityPubService) GetApConfig() (ActivityPubConfig, error) {
|
|
|
|
apConfig := ActivityPubConfig{}
|
|
|
|
err := svc.configRepo.Get(config.ACT_PUB_CONF_NAME, &apConfig)
|
|
|
|
if err != nil {
|
|
|
|
println("ERROR IN ACTIVITY PUB CONFIG")
|
|
|
|
return ActivityPubConfig{}, err
|
|
|
|
}
|
|
|
|
if reflect.ValueOf(apConfig).IsZero() {
|
|
|
|
cfg := svc.defaultConfig()
|
|
|
|
svc.configRepo.Update(config.ACT_PUB_CONF_NAME, cfg)
|
|
|
|
return cfg, nil
|
|
|
|
}
|
|
|
|
return apConfig, nil
|
|
|
|
}
|
|
|
|
|
2024-05-17 18:23:38 +00:00
|
|
|
func (svc *ActivityPubService) ActorUrl() string {
|
|
|
|
cfg, _ := svc.siteConfigServcie.GetSiteConfig()
|
|
|
|
return cfg.FullUrl
|
|
|
|
}
|
|
|
|
func (svc *ActivityPubService) MainKeyUri() string {
|
|
|
|
cfg, _ := svc.siteConfigServcie.GetSiteConfig()
|
|
|
|
return cfg.FullUrl + "#main-key"
|
|
|
|
}
|
|
|
|
func (svc *ActivityPubService) InboxUrl() string {
|
|
|
|
cfg, _ := svc.siteConfigServcie.GetSiteConfig()
|
|
|
|
return cfg.FullUrl + "/activitypub/inbox"
|
|
|
|
}
|
|
|
|
func (svc *ActivityPubService) OutboxUrl() string {
|
|
|
|
cfg, _ := svc.siteConfigServcie.GetSiteConfig()
|
|
|
|
return cfg.FullUrl + "/activitypub/outbox"
|
|
|
|
}
|
|
|
|
func (svc *ActivityPubService) FollowersUrl() string {
|
|
|
|
cfg, _ := svc.siteConfigServcie.GetSiteConfig()
|
|
|
|
return cfg.FullUrl + "/activitypub/followers"
|
|
|
|
}
|
|
|
|
|
2024-05-13 17:03:21 +00:00
|
|
|
func (s *ActivityPubService) AddFollower(follower string) error {
|
|
|
|
return s.followersRepo.Add(follower)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *ActivityPubService) RemoveFollower(follower string) error {
|
|
|
|
return s.followersRepo.Remove(follower)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *ActivityPubService) AllFollowers() ([]string, error) {
|
|
|
|
return s.followersRepo.All()
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *ActivityPubService) sign(privateKey *rsa.PrivateKey, pubKeyId string, body []byte, r *http.Request) error {
|
|
|
|
prefs := []httpsig.Algorithm{httpsig.RSA_SHA256}
|
|
|
|
digestAlgorithm := httpsig.DigestSha256
|
|
|
|
// The "Date" and "Digest" headers must already be set on r, as well as r.URL.
|
|
|
|
headersToSign := []string{httpsig.RequestTarget, "host", "date"}
|
|
|
|
if body != nil {
|
|
|
|
headersToSign = append(headersToSign, "digest")
|
|
|
|
}
|
|
|
|
signer, _, err := httpsig.NewSigner(prefs, digestAlgorithm, headersToSign, httpsig.Signature, 0)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
// To sign the digest, we need to give the signer a copy of the body...
|
|
|
|
// ...but it is optional, no digest will be signed if given "nil"
|
|
|
|
// If r were a http.ResponseWriter, call SignResponse instead.
|
|
|
|
err = signer.SignRequest(privateKey, pubKeyId, r, body)
|
|
|
|
|
|
|
|
slog.Info("Signed Request", "req", r.Header)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2024-05-16 19:11:02 +00:00
|
|
|
func (s *ActivityPubService) GetActor(reqUrl string) (vocab.Actor, error) {
|
|
|
|
|
|
|
|
siteConfig := model.SiteConfig{}
|
|
|
|
apConfig := ActivityPubConfig{}
|
|
|
|
s.configRepo.Get(config.ACT_PUB_CONF_NAME, &apConfig)
|
|
|
|
s.configRepo.Get(config.SITE_CONFIG, &siteConfig)
|
|
|
|
|
2024-05-13 17:03:21 +00:00
|
|
|
c := http.Client{}
|
|
|
|
|
|
|
|
parsedUrl, err := url.Parse(reqUrl)
|
|
|
|
if err != nil {
|
|
|
|
slog.Error("parse error", "err", err)
|
|
|
|
return vocab.Actor{}, err
|
|
|
|
}
|
|
|
|
|
|
|
|
req, _ := http.NewRequest("GET", reqUrl, nil)
|
|
|
|
req.Header.Set("Accept", "application/ld+json")
|
|
|
|
req.Header.Set("Date", time.Now().Format(http.TimeFormat))
|
|
|
|
req.Header.Set("Host", parsedUrl.Host)
|
|
|
|
|
2024-05-17 18:23:38 +00:00
|
|
|
err = s.sign(apConfig.PrivateKey(), s.MainKeyUri(), nil, req)
|
2024-05-13 17:03:21 +00:00
|
|
|
if err != nil {
|
|
|
|
slog.Error("Signing error", "err", err)
|
|
|
|
return vocab.Actor{}, err
|
|
|
|
}
|
|
|
|
|
|
|
|
resp, err := c.Do(req)
|
|
|
|
if err != nil {
|
2024-05-16 18:27:06 +00:00
|
|
|
slog.Error("failed to retrieve sender actor", "err", err, "url", reqUrl)
|
2024-05-13 17:03:21 +00:00
|
|
|
return vocab.Actor{}, err
|
|
|
|
}
|
|
|
|
|
|
|
|
data, err := io.ReadAll(resp.Body)
|
|
|
|
if err != nil {
|
|
|
|
return vocab.Actor{}, err
|
|
|
|
}
|
|
|
|
|
|
|
|
item, err := vocab.UnmarshalJSON(data)
|
|
|
|
if err != nil {
|
|
|
|
return vocab.Actor{}, err
|
|
|
|
}
|
|
|
|
|
|
|
|
var actor vocab.Actor
|
|
|
|
|
|
|
|
err = vocab.OnActor(item, func(o *vocab.Actor) error {
|
|
|
|
actor = *o
|
|
|
|
return nil
|
|
|
|
})
|
|
|
|
|
|
|
|
return actor, err
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *ActivityPubService) VerifySignature(r *http.Request, sender string) error {
|
|
|
|
siteConfig := model.SiteConfig{}
|
|
|
|
apConfig := ActivityPubConfig{}
|
|
|
|
s.configRepo.Get(config.ACT_PUB_CONF_NAME, &apConfig)
|
|
|
|
s.configRepo.Get(config.SITE_CONFIG, &siteConfig)
|
|
|
|
|
2024-05-17 18:23:38 +00:00
|
|
|
slog.Info("verifying for", "sender", sender, "retriever", s.ActorUrl())
|
2024-05-16 19:11:02 +00:00
|
|
|
|
|
|
|
actor, err := s.GetActor(sender)
|
2024-05-13 17:03:21 +00:00
|
|
|
// actor does not have a pub key -> don't verify
|
|
|
|
if actor.PublicKey.PublicKeyPem == "" {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if err != nil {
|
2024-05-16 18:27:06 +00:00
|
|
|
slog.Error("unable to retrieve actor for sig verification", "sender", sender)
|
2024-05-13 17:03:21 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
block, _ := pem.Decode([]byte(actor.PublicKey.PublicKeyPem))
|
|
|
|
pubKey, err := x509.ParsePKIXPublicKey(block.Bytes)
|
|
|
|
if err != nil {
|
2024-05-16 18:27:06 +00:00
|
|
|
slog.Error("unable to decode pub key pem", "pubKeyPem", actor.PublicKey.PublicKeyPem)
|
2024-05-13 17:03:21 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
slog.Info("retrieved pub key of sender", "actor", actor, "pubKey", pubKey)
|
|
|
|
|
|
|
|
verifier, err := httpsig.NewVerifier(r)
|
|
|
|
if err != nil {
|
2024-05-16 18:27:06 +00:00
|
|
|
slog.Error("invalid signature", "err", err)
|
2024-05-13 17:03:21 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
return verifier.Verify(pubKey, httpsig.RSA_SHA256)
|
|
|
|
}
|
2024-05-16 19:11:02 +00:00
|
|
|
|
|
|
|
func (s *ActivityPubService) Accept(act *vocab.Activity) error {
|
|
|
|
actor, err := s.GetActor(act.Actor.GetID().String())
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
accept := vocab.AcceptNew(vocab.IRI("TODO"), act)
|
|
|
|
data, err := jsonld.WithContext(
|
|
|
|
jsonld.IRI(vocab.ActivityBaseURI),
|
|
|
|
).Marshal(accept)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
slog.Error("marshalling error", "err", err)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return s.sendObject(actor, data)
|
|
|
|
}
|
|
|
|
|
2024-05-17 20:37:18 +00:00
|
|
|
func (s *ActivityPubService) AddLike(sender string, liked string, likeId string) error {
|
|
|
|
entry, err := s.entryService.FindByUrl(liked)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
actor, err := s.GetActor(sender)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
var like *interactions.Like
|
|
|
|
interaction, err := s.interactionRepository.FindById(likeId)
|
|
|
|
if err != nil {
|
|
|
|
interaction = &interactions.Like{}
|
|
|
|
}
|
|
|
|
like, ok := interaction.(*interactions.Like)
|
|
|
|
if !ok {
|
|
|
|
return errors.New("existing interaction with same id is not a like")
|
|
|
|
}
|
|
|
|
existing := like.ID() != ""
|
|
|
|
|
|
|
|
likeMeta := interactions.LikeMetaData{
|
|
|
|
SenderUrl: sender,
|
|
|
|
SenderName: actor.Name.String(),
|
|
|
|
}
|
|
|
|
like.SetID(likeId)
|
|
|
|
like.SetMetaData(&likeMeta)
|
|
|
|
like.SetEntryID(entry.ID())
|
|
|
|
like.SetCreatedAt(time.Now())
|
|
|
|
if !existing {
|
|
|
|
return s.interactionRepository.Create(like)
|
|
|
|
} else {
|
|
|
|
return s.interactionRepository.Update(like)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *ActivityPubService) RemoveLike(id string) error {
|
|
|
|
interaction, err := s.interactionRepository.FindById(id)
|
|
|
|
if err != nil {
|
|
|
|
interaction = &interactions.Like{}
|
|
|
|
}
|
|
|
|
return s.interactionRepository.Delete(interaction)
|
|
|
|
}
|
|
|
|
|
2024-05-16 19:11:02 +00:00
|
|
|
func (s *ActivityPubService) sendObject(to vocab.Actor, data []byte) error {
|
|
|
|
siteConfig := model.SiteConfig{}
|
|
|
|
apConfig := ActivityPubConfig{}
|
|
|
|
s.configRepo.Get(config.ACT_PUB_CONF_NAME, &apConfig)
|
|
|
|
s.configRepo.Get(config.SITE_CONFIG, &siteConfig)
|
|
|
|
|
|
|
|
if to.Inbox == nil {
|
|
|
|
slog.Error("actor has no inbox", "actor", to)
|
|
|
|
return errors.New("actor has no inbox")
|
|
|
|
}
|
|
|
|
|
|
|
|
actorUrl, err := url.Parse(to.Inbox.GetID().String())
|
|
|
|
if err != nil {
|
|
|
|
slog.Error("parse error", "err", err)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
c := http.Client{}
|
|
|
|
req, _ := http.NewRequest("POST", to.Inbox.GetID().String(), bytes.NewReader(data))
|
|
|
|
req.Header.Set("Accept", "application/ld+json")
|
|
|
|
req.Header.Set("Date", time.Now().Format(http.TimeFormat))
|
|
|
|
req.Header.Set("Host", actorUrl.Host)
|
2024-05-17 18:23:38 +00:00
|
|
|
err = s.sign(apConfig.PrivateKey(), s.MainKeyUri(), data, req)
|
2024-05-16 19:11:02 +00:00
|
|
|
if err != nil {
|
|
|
|
slog.Error("Signing error", "err", err)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
resp, err := c.Do(req)
|
|
|
|
if err != nil {
|
|
|
|
slog.Error("Sending error", "url", req.URL, "err", err)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
slog.Info("Request", "host", resp.Request.Header)
|
|
|
|
|
|
|
|
if resp.StatusCode > 299 {
|
|
|
|
body, _ := io.ReadAll(resp.Body)
|
|
|
|
slog.Error("Error sending Note", "method", resp.Request.Method, "url", resp.Request.URL, "status", resp.Status, "body", string(body))
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
body, _ := io.ReadAll(resp.Body)
|
|
|
|
slog.Info("Sent Body", "body", string(data))
|
|
|
|
slog.Info("Retrieved", "status", resp.Status, "body", string(body))
|
|
|
|
return nil
|
|
|
|
}
|
2024-05-17 19:05:13 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Notifiers
|
|
|
|
*/
|
|
|
|
|
|
|
|
func (svc *ActivityPubService) NotifyEntryCreated(entry model.Entry) {
|
2024-05-17 20:37:18 +00:00
|
|
|
slog.Info("Processing Entry Create for ActivityPub")
|
2024-05-17 19:05:13 +00:00
|
|
|
// limit to notes for now
|
|
|
|
noteEntry, ok := entry.(*entrytypes.Note)
|
|
|
|
if !ok {
|
2024-05-17 20:37:18 +00:00
|
|
|
slog.Info("not a note")
|
2024-05-17 19:05:13 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
siteCfg, _ := svc.siteConfigServcie.GetSiteConfig()
|
|
|
|
followers, err := svc.AllFollowers()
|
|
|
|
if err != nil {
|
|
|
|
slog.Error("Cannot retrieve followers")
|
|
|
|
}
|
|
|
|
|
|
|
|
note := vocab.Note{
|
|
|
|
ID: vocab.ID(noteEntry.FullUrl(siteCfg)),
|
|
|
|
Type: "Note",
|
|
|
|
To: vocab.ItemCollection{
|
|
|
|
vocab.PublicNS,
|
|
|
|
vocab.IRI(svc.FollowersUrl()),
|
|
|
|
},
|
|
|
|
Published: *noteEntry.PublishedAt(),
|
|
|
|
AttributedTo: vocab.ID(svc.ActorUrl()),
|
|
|
|
Content: vocab.NaturalLanguageValues{
|
|
|
|
{Value: vocab.Content(noteEntry.Content())},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
create := vocab.CreateNew(vocab.IRI(noteEntry.FullUrl(siteCfg)), note)
|
|
|
|
create.Actor = note.AttributedTo
|
|
|
|
create.To = note.To
|
|
|
|
create.Published = note.Published
|
|
|
|
data, err := jsonld.WithContext(
|
|
|
|
jsonld.IRI(vocab.ActivityBaseURI),
|
|
|
|
jsonld.Context{
|
|
|
|
jsonld.ContextElement{
|
|
|
|
Term: "toot",
|
|
|
|
IRI: jsonld.IRI("http://joinmastodon.org/ns#"),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
).Marshal(create)
|
|
|
|
if err != nil {
|
|
|
|
slog.Error("marshalling error", "err", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, follower := range followers {
|
|
|
|
actor, err := svc.GetActor(follower)
|
|
|
|
if err != nil {
|
|
|
|
slog.Error("Unable to retrieve follower actor", "err", err)
|
|
|
|
}
|
|
|
|
svc.sendObject(actor, data)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (svc *ActivityPubService) NotifyEntryUpdated(entry model.Entry) {
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
func (svc *ActivityPubService) NotifyEntryDeleted(entry model.Entry) {
|
|
|
|
|
|
|
|
}
|