various fixes

Author: davecheney

activitypub/activities/activities.go

@@ -14,16 +14,16 @@ func Follow(actor, object *models.Actor) map[string]any {
 	return map[string]any{
 		"@context": "https://www.w3.org/ns/activitystreams",
 		"type":     FOLLOW,
-		"actor":    actor.URI,
-		"object":   object.URI,
+		"actor":    actor.URI(),
+		"object":   object.URI(),
 	}
 }
 
 func Like(actor *models.Actor, object string) map[string]any {
 	return map[string]any{
 		"@context": "https://www.w3.org/ns/activitystreams",
 		"type":     LIKE,
-		"actor":    actor.URI,
+		"actor":    actor.URI(),
 		"object":   object,
 	}
 }
@@ -32,7 +32,7 @@ func Unfollow(actor, object *models.Actor) map[string]any {
 	return map[string]any{
 		"@context": "https://www.w3.org/ns/activitystreams",
 		"type":     UNDO,
-		"actor":    actor.URI,
+		"actor":    actor.URI(),
 		"object":   Follow(actor, object),
 	}
 }
@@ -41,7 +41,7 @@ func Unlike(actor *models.Actor, object string) map[string]any {
 	return map[string]any{
 		"@context": "https://www.w3.org/ns/activitystreams",
 		"type":     UNDO,
-		"actor":    actor.URI,
+		"actor":    actor.URI(),
 		"object":   Like(actor, object),
 	}
 }

activitypub/activitypub.go

@@ -24,6 +24,7 @@ type Env struct {
 	*gorm.DB
 	*streaming.Mux
 	Logger   *slog.Logger
+	Client   *activitypub.Client
 	Instance *models.Instance
 }
 

activitypub/inbox.go

@@ -10,6 +10,7 @@ import (
 	"strings"
 	"time"
 
+	"github.com/davecheney/pub/internal/activitypub"
 	"github.com/davecheney/pub/internal/httpx"
 	"github.com/davecheney/pub/models"
 	"github.com/go-fed/httpsig"
@@ -42,7 +43,7 @@ func (i *InboxController) Create(env *Env, w http.ResponseWriter, r *http.Reques
 		logger: env.Logger.With("instance", env.Instance.Domain),
 		req:    r,
 		db:     env.DB,
-		signAs: env.Instance.Admin,
+		client: env.Client,
 	}
 
 	if err := processor.processActivity(act); err != nil {
@@ -56,7 +57,7 @@ type inboxProcessor struct {
 	logger *slog.Logger
 	req    *http.Request
 	db     *gorm.DB
-	signAs *models.Account
+	client *activitypub.Client
 }
 
 // processActivity processes an activity. If the activity can be handled without

activitypub/outbox.go

@@ -120,7 +120,7 @@ func statusCC(s *models.Status) []string {
 
 func statusToObject(s *models.Status) any {
 	if s.ReblogID != nil {
-		return s.Reblog.URI
+		return s.Reblog.URI()
 	}
 	return nil
 }

activitypub/users.go

@@ -19,6 +19,7 @@ func UsersShow(env *Env, w http.ResponseWriter, r *http.Request) error {
 		}
 		return err
 	}
+
 	return to.JSON(w, map[string]any{
 		"@context": []any{
 			"https://www.w3.org/ns/activitystreams",
@@ -89,7 +90,7 @@ func UsersShow(env *Env, w http.ResponseWriter, r *http.Request) error {
 		"featuredTags":              actor.URI() + "/collections/tags",
 		"preferredUsername":         name,
 		"name":                      name,
-		"summary":                   actor.Note(),
+		"summary":                   "toot!", // actor.Note(),
 		"url":                       actor.URL(),
 		"manuallyApprovesFollowers": actor.Locked(),
 		"discoverable":              false,                                                  // mastodon sets this to false
@@ -110,5 +111,10 @@ func UsersShow(env *Env, w http.ResponseWriter, r *http.Request) error {
 			"mediaType": "image/jpeg",
 			"url":       "https://media.hachyderm.io/accounts/headers/109/364/117/028/564/263/original/c6b5edf498087717.jpeg",
 		},
+		"image": map[string]any{
+			"type":      "Image",
+			"mediaType": "image/jpeg",
+			"url":       "https://media.hachyderm.io/accounts/headers/109/364/117/028/564/263/original/c6b5edf498087717.jpeg",
+		},
 	})
 }

follow.go

@@ -1,21 +1,38 @@
 package main
 
+import (
+	"fmt"
+	"os"
+
+	"github.com/davecheney/pub/models"
+	"github.com/go-json-experiment/json"
+	"gorm.io/gorm"
+)
+
 type FollowCmd struct {
 	Object string `help:"object to follow" required:"true"`
 	Actor  string `help:"actor to follow with" required:"true"`
 }
 
 func (f *FollowCmd) Run(ctx *Context) error {
-	// db, err := gorm.Open(ctx.Dialector, &ctx.Config)
-	// if err != nil {
-	// 	return err
-	// }
-	return nil
+	db, err := gorm.Open(ctx.Dialector, &ctx.Config)
+	if err != nil {
+		return err
+	}
 
-	// var account models.Account
-	// if err := db.Joins("Actor", &models.Actor{URI: f.Actor}).Take(&account).Error; err != nil {
-	// 	return err
-	// }
+	actor, err := models.NewActors(db).FindByURI(f.Actor)
+	if err != nil {
+		return fmt.Errorf("failed to find actor: %w", err)
+	}
 
-	// return activitypub.Follow(context.Background(), &account, &models.Actor{URI: f.Object})
+	object, err := models.NewActors(db).FindOrCreateByURI(f.Object)
+	if err != nil {
+		return err
+	}
+	rel, err := models.NewRelationships(db).Follow(actor, object)
+	if err != nil {
+		return err
+	}
+	json.MarshalFull(os.Stdout, rel)
+	return nil
 }

internal/activitypub/client.go

@@ -4,46 +4,50 @@ import (
 	"context"
 	"crypto"
 	"crypto/rsa"
-	"crypto/x509"
-	"encoding/pem"
-	"errors"
 	"fmt"
 	"net/http"
+	"os"
 
 	"github.com/carlmjohnson/requests"
 	"github.com/davecheney/pub/internal/httpsig"
-	"github.com/davecheney/pub/models"
+	"github.com/go-json-experiment/json"
 )
 
+// ClientKey is the key used to store the ActivityPub client in the context.
+var ClientKey = struct{}{}
+
+// FromContext returns the ActivityPub client from the given context.
+func FromContext(ctx context.Context) (*Client, bool) {
+	c, ok := ctx.Value(ClientKey).(*Client)
+	return c, ok
+}
+
+// WithClient returns a new context with the given ActivityPub client.
+func WithClient(ctx context.Context, c *Client) context.Context {
+	return context.WithValue(ctx, ClientKey, c)
+}
+
 // Client is an ActivityPub client which can be used to fetch remote
 // ActivityPub resources.
 type Client struct {
 	keyID      string
 	privateKey crypto.PrivateKey
 }
 
-// NewClient returns a new ActivityPub client.
-func NewClient(signAs *models.Account) (*Client, error) {
-	privPem, _ := pem.Decode(signAs.PrivateKey)
-	if privPem == nil || privPem.Type != "RSA PRIVATE KEY" {
-		return nil, errors.New("expected RSA PRIVATE KEY")
-	}
-
-	var parsedKey interface{}
-	var err error
-	if parsedKey, err = x509.ParsePKCS1PrivateKey(privPem.Bytes); err != nil {
-		if parsedKey, err = x509.ParsePKCS8PrivateKey(privPem.Bytes); err != nil { // note this returns type `interface{}`
-			return nil, err
-		}
-	}
+// Signer represents an object that can sign HTTP requests.
+type Signer interface {
+	PublicKeyID() string
+	PrivKey() (*rsa.PrivateKey, error)
+}
 
-	privateKey, ok := parsedKey.(*rsa.PrivateKey)
-	if !ok {
-		return nil, errors.New("expected *rsa.PrivateKey")
+// NewClient returns a new ActivityPub client.
+func NewClient(signAs Signer) (*Client, error) {
+	privateKey, err := signAs.PrivKey()
+	if err != nil {
+		return nil, err
 	}
-
 	return &Client{
-		keyID:      signAs.Actor.PublicKeyID(),
+		keyID:      signAs.PublicKeyID(),
 		privateKey: privateKey,
 	}, nil
 }
@@ -52,7 +56,12 @@ func NewClient(signAs *models.Account) (*Client, error) {
 func (c *Client) Fetch(ctx context.Context, uri string, obj interface{}) error {
 	return requests.URL(uri).
 		Accept(`application/ld+json; profile="https://www.w3.org/ns/activitystreams"`).
-		Transport(c).
+		Transport(requests.RoundTripFunc(func(req *http.Request) (*http.Response, error) {
+			if err := httpsig.Sign(req, c.keyID, c.privateKey, nil); err != nil {
+				return nil, fmt.Errorf("failed to sign request: %w", err)
+			}
+			return http.DefaultTransport.RoundTrip(req)
+		})).
 		CheckContentType(
 			"application/ld+json",
 			"application/activity+json",
@@ -64,19 +73,22 @@ func (c *Client) Fetch(ctx context.Context, uri string, obj interface{}) error {
 		Fetch(ctx)
 }
 
-func (c *Client) RoundTrip(req *http.Request) (*http.Response, error) {
-	if err := httpsig.Sign(req, c.keyID, c.privateKey, nil); err != nil {
-		return nil, fmt.Errorf("failed to sign request: %w", err)
-	}
-	return http.DefaultTransport.RoundTrip(req)
-}
-
 // Post posts the given ActivityPub object to the given URL.
 func (c *Client) Post(ctx context.Context, url string, obj map[string]any) error {
+	body, err := json.Marshal(obj)
+	if err != nil {
+		return err
+	}
 	return requests.URL(url).
+		BodyBytes(body).
 		Header("Content-Type", `application/ld+json; profile="https://www.w3.org/ns/activitystreams"`).
-		BodyJSON(obj).
-		Transport(c).
-		CheckStatus(http.StatusOK, http.StatusCreated).
+		Transport(requests.RoundTripFunc(func(req *http.Request) (*http.Response, error) {
+			if err := httpsig.Sign(req, c.keyID, c.privateKey, body); err != nil {
+				return nil, fmt.Errorf("failed to sign request: %w", err)
+			}
+			return http.DefaultTransport.RoundTrip(req)
+		})).
+		ToWriter(os.Stderr).
+		CheckStatus(http.StatusOK, http.StatusCreated, http.StatusAccepted).
 		Fetch(ctx)
 }

internal/crypto/crypto.go

@@ -6,8 +6,10 @@ import (
 	"crypto/rsa"
 	"crypto/x509"
 	"encoding/pem"
+	"errors"
 )
 
+// KeyPair represents a public/private keypair in PEM format.
 type Keypair struct {
 	PublicKey  []byte
 	PrivateKey []byte
@@ -39,3 +41,27 @@ func GenerateRSAKeypair() (*Keypair, error) {
 		PrivateKey: privateKeyPem,
 	}, nil
 }
+
+// ParseRSAPrivateKey parses a PEM encoded private key, and returns
+// the public key and private key.
+func ParseRSAPrivateKey(pemBytes []byte) (*rsa.PublicKey, *rsa.PrivateKey, error) {
+	privPem, _ := pem.Decode(pemBytes)
+	if privPem == nil || privPem.Type != "RSA PRIVATE KEY" {
+		return nil, nil, errors.New("expected RSA PRIVATE KEY")
+	}
+
+	var parsedKey interface{}
+	var err error
+	if parsedKey, err = x509.ParsePKCS1PrivateKey(privPem.Bytes); err != nil {
+		if parsedKey, err = x509.ParsePKCS8PrivateKey(privPem.Bytes); err != nil { // note this returns type `interface{}`
+			return nil, nil, err
+		}
+	}
+
+	switch privateKey := parsedKey.(type) {
+	case *rsa.PrivateKey:
+		return &privateKey.PublicKey, privateKey, nil
+	default:
+		return nil, nil, errors.New("expected *rsa.PrivateKey")
+	}
+}

main.go

@@ -24,7 +24,6 @@ var cli struct {
 	DSN    string `help:"data source name" default:"pub:pub@tcp(localhost:3306)/pub"`
 
 	AutoMigrate          AutoMigrateCmd          `cmd:"" help:"Automigrate the database."`
-	BackfillActors       BackfillActorsCmd       `cmd:"" help:"Backfill actors."`
 	CreateAccount        CreateAccountCmd        `cmd:"" help:"Create a new account."`
 	CreateInstance       CreateInstanceCmd       `cmd:"" help:"Create a new instance."`
 	DeleteAccount        DeleteAccountCmd        `cmd:"" help:"Delete an account."`

mastodon/mastodon.go

@@ -8,6 +8,7 @@ import (
 	"sort"
 	"strings"
 
+	"github.com/davecheney/pub/internal/activitypub"
 	"github.com/davecheney/pub/internal/httpx"
 	"github.com/davecheney/pub/internal/snowflake"
 	"github.com/davecheney/pub/internal/streaming"
@@ -20,6 +21,7 @@ type Env struct {
 	*gorm.DB
 	*streaming.Mux
 	Logger *slog.Logger
+	Client *activitypub.Client
 }
 
 func (e *Env) Log() *slog.Logger {

models/account.go

@@ -1,6 +1,7 @@
 package models
 
 import (
+	"crypto/rsa"
 	"time"
 
 	"github.com/davecheney/pub/internal/crypto"
@@ -36,6 +37,26 @@ func (a *Account) Domain() string {
 	return a.Actor.Domain
 }
 
+func (a *Account) PublicKeyID() string {
+	return a.Actor.PublicKeyID()
+}
+
+func (a *Account) PrivKey() (*rsa.PrivateKey, error) {
+	_, privateKey, err := crypto.ParseRSAPrivateKey(a.PrivateKey)
+	if err != nil {
+		return nil, err
+	}
+	return privateKey, nil
+}
+
+func (a *Account) PublicKey() (*rsa.PublicKey, error) {
+	publicKey, _, err := crypto.ParseRSAPrivateKey(a.PrivateKey)
+	if err != nil {
+		return nil, err
+	}
+	return publicKey, nil
+}
+
 type AccountRole struct {
 	ID          uint32 `gorm:"primaryKey"`
 	CreatedAt   time.Time
@@ -150,3 +171,8 @@ type AccountPreferences struct {
 	ReadingExpandMedia       string       `gorm:"enum('default','show_all','hide_all');not null;default:'default'"`
 	ReadingExpandSpoilers    bool         `gorm:"not null;default:false"`
 }
+
+// PreloadAccount preloads all of an Account's relations and associations.
+func PreloadAccount(query *gorm.DB) *gorm.DB {
+	return query.Preload("Actor").Preload("Actor.Object")
+}

models/object.go

@@ -2,18 +2,14 @@ package models
 
 import (
 	"context"
-	"crypto"
-	"crypto/rsa"
-	"crypto/x509"
-	"encoding/pem"
 	"errors"
 	"fmt"
 	"net/http"
 	"net/url"
 	"time"
 
 	"github.com/carlmjohnson/requests"
-	"github.com/davecheney/pub/internal/httpsig"
+	"github.com/davecheney/pub/internal/activitypub"
 	"github.com/davecheney/pub/internal/snowflake"
 	"gorm.io/gorm"
 )
@@ -244,77 +240,16 @@ func anyToSlice(v any) []any {
 }
 
 func fetchObject(ctx context.Context, uri string) (map[string]any, error) {
-	instance, ok := ctx.Value("instance").(*Instance)
+	client, ok := activitypub.FromContext(ctx)
 	if !ok {
-		return nil, fmt.Errorf("no instance in context, got %T", ctx.Value("instance"))
-	}
-
-	fmt.Println("fetching object:", "id", uri)
-	client, err := NewClient(instance.Admin)
-	if err != nil {
-		return nil, err
+		return nil, errors.New("no activitypub client in context")
 	}
 	var obj map[string]any
-	err = client.Fetch(ctx, uri, &obj)
+	err := client.Fetch(ctx, uri, &obj)
 	// fmt.Println("fetched object:", "id", uri, "type", obj["type"], "error", err)
 	return obj, err
 }
 
-// Client is an ActivityPub client which can be used to fetch remote
-// ActivityPub resources.
-type Client struct {
-	keyID      string
-	privateKey crypto.PrivateKey
-}
-
-// NewClient returns a new ActivityPub client.
-func NewClient(signAs *Account) (*Client, error) {
-	privPem, _ := pem.Decode(signAs.PrivateKey)
-	if privPem == nil || privPem.Type != "RSA PRIVATE KEY" {
-		return nil, errors.New("expected RSA PRIVATE KEY")
-	}
-
-	var parsedKey interface{}
-	var err error
-	if parsedKey, err = x509.ParsePKCS1PrivateKey(privPem.Bytes); err != nil {
-		if parsedKey, err = x509.ParsePKCS8PrivateKey(privPem.Bytes); err != nil { // note this returns type `interface{}`
-			return nil, err
-		}
-	}
-
-	privateKey, ok := parsedKey.(*rsa.PrivateKey)
-	if !ok {
-		return nil, errors.New("expected *rsa.PrivateKey")
-	}
-
-	return &Client{
-		keyID:      signAs.Actor.PublicKeyID(),
-		privateKey: privateKey,
-	}, nil
-}
-
-// Fetch fetches the ActivityPub resource at the given URL and decodes it into the given object.
-func (c *Client) Fetch(ctx context.Context, uri string, obj interface{}) error {
-	return requests.URL(uri).
-		Accept(`application/ld+json; profile="https://www.w3.org/ns/activitystreams"`).
-		Transport(c).
-		CheckStatus(http.StatusOK). // check status first, so we don't get confused by the content type of an error page
-		CheckContentType(
-			"application/ld+json",
-			"application/activity+json",
-			"application/json",
-		).
-		ToJSON(obj).
-		Fetch(ctx)
-}
-
-func (c *Client) RoundTrip(req *http.Request) (*http.Response, error) {
-	if err := httpsig.Sign(req, c.keyID, c.privateKey, nil); err != nil {
-		return nil, fmt.Errorf("failed to sign request: %w", err)
-	}
-	return http.DefaultTransport.RoundTrip(req)
-}
-
 func stringFromAny(v any) string {
 	s, _ := v.(string)
 	return s

models/status.go

@@ -109,20 +109,20 @@ func (st *Status) Attachments() []*Attachment {
 			Width:     a.Width,
 			Height:    a.Height,
 			Blurhash:  a.Blurhash,
-			// FocalPoint: FocalPoint{
-			// 	X: func() float64 {
-			// 		if len(a.FocalPoint) == 0 {
-			// 			return 0
-			// 		}
-			// 		return a.FocalPoint[0]
-			// 	}(),
-			// 	Y: func() float64 {
-			// 		if len(a.FocalPoint) < 2 {
-			// 			return 0
-			// 		}
-			// 		return a.FocalPoint[1]
-			// 	}(),
-			// },
+			FocalPoint: FocalPoint{
+				X: func() float64 {
+					if len(a.FocalPoint) == 0 {
+						return 0
+					}
+					return a.FocalPoint[0]
+				}(),
+				Y: func() float64 {
+					if len(a.FocalPoint) < 2 {
+						return 0
+					}
+					return a.FocalPoint[1]
+				}(),
+			},
 		}
 	})
 

oauth/oauth.go

@@ -22,8 +22,9 @@ func AuthorizeNew(env *activitypub.Env, w http.ResponseWriter, r *http.Request)
 		ClientID     string `json:"-" schema:"client_id,required"`
 		RedirectURI  string `json:"-" schema:"redirect_uri,required"`
 		Scope        string `json:"-" schema:"scope"`
-		ForceLogin   bool   `json:"-" schema:"force_login"` // elk.zone, ignored
-		Lang         string `json:"-" schema:"lang"`        // elk.zone, ignored
+		ForceLogin   bool   `json:"-" schema:"force_login"`   // elk.zone, ignored
+		Lang         string `json:"-" schema:"lang"`          // elk.zone, ignored
+		ClientSecret string `json:"-" schema:"client_secret"` // trunks, ignored
 	}
 	if err := httpx.Params(r, &params); err != nil {
 		return err

oauth/oauth_test.go

@@ -0,0 +1,32 @@
+package oauth
+
+import (
+	"testing"
+
+	"github.com/davecheney/pub/models"
+	"github.com/stretchr/testify/require"
+	"gorm.io/driver/sqlite"
+	"gorm.io/gorm"
+	"gorm.io/gorm/logger"
+)
+
+func setupTestDB(t *testing.T) *gorm.DB {
+	t.Helper()
+	require := require.New(t)
+	db, err := gorm.Open(sqlite.Open("file::memory:?cache=shared"), &gorm.Config{
+		TranslateError: true,
+		Logger: logger.Default.LogMode(func() logger.LogLevel {
+			return logger.Warn
+		}()),
+	})
+	require.NoError(err)
+
+	err = db.AutoMigrate(models.AllTables()...)
+	require.NoError(err)
+
+	// enable foreign key constraints
+	err = db.Exec("PRAGMA foreign_keys = ON").Error
+	require.NoError(err)
+
+	return db
+}

serve.go

@@ -12,6 +12,7 @@ import (
 	"time"
 
 	"github.com/davecheney/pub/activitypub"
+	ap "github.com/davecheney/pub/internal/activitypub"
 	"github.com/davecheney/pub/internal/httpx"
 	"github.com/davecheney/pub/internal/streaming"
 	"github.com/davecheney/pub/mastodon"
@@ -43,6 +44,16 @@ func (s *ServeCmd) Run(ctx *Context) error {
 		return err
 	}
 
+	var admin models.Account
+	if err := db.Scopes(models.PreloadAccount).Joins("Actor", "name = ? and type = ?", "admin", "LocalService").Take(&admin).Error; err != nil {
+		return err
+	}
+
+	client, err := ap.NewClient(&admin)
+	if err != nil {
+		return err
+	}
+
 	r := chi.NewRouter()
 	r.Use(middleware.RequestID)
 	r.Use(middleware.RealIP)
@@ -62,9 +73,10 @@ func (s *ServeCmd) Run(ctx *Context) error {
 	r.Route("/api", func(r chi.Router) {
 		envFn := func(r *http.Request) *mastodon.Env {
 			return &mastodon.Env{
-				DB:     db.WithContext(r.Context()),
+				DB:     db.WithContext(ap.WithClient(r.Context(), client)),
 				Mux:    &mux,
 				Logger: ctx.Logger,
+				Client: client,
 			}
 		}
 		r.Route("/v1", func(r chi.Router) {
@@ -161,9 +173,10 @@ func (s *ServeCmd) Run(ctx *Context) error {
 		}
 
 		return &activitypub.Env{
-			DB:       db.WithContext(context.WithValue(r.Context(), "instance", instance)),
+			DB:       db.WithContext(ap.WithClient(r.Context(), client)),
 			Mux:      &mux,
 			Logger:   ctx.Logger,
+			Client:   client,
 			Instance: instance,
 		}
 	}
@@ -243,10 +256,7 @@ func (s *ServeCmd) Run(ctx *Context) error {
 
 	// ActorRefreshProcessor needs an admin account to sign the activitypub requests.
 	// Pick _an_ admin account, it doesn't matter which one.
-	// var admin models.Account
-	// if err := db.Joins("Actor", "name = ? and type = ?", "admin", "LocalService").Take(&admin).Error; err != nil {
-	// 	return err
-	// }
+
 	// g.Add(workers.NewActorRefreshProcessor(db, &admin, ctx.Logger.With("worker", "ActorRefreshProcessor")))
 
 	return g.Wait()

workers/reactions.go

@@ -45,14 +45,6 @@ func processReactionRequest(db *gorm.DB, request *models.ReactionRequest) error
 		return err
 	}
 
-	inbox := request.Target.Actor.Inbox()
-	if inbox == "" {
-		if err := models.NewActors(db).Refresh(request.Target.Actor); err != nil {
-			return err
-		}
-		return fmt.Errorf("no inbox for actor %q", request.Target.Actor.URI())
-	}
-
 	switch request.Action {
 	case "like":
 		return activitypub.Like(db.Statement.Context, account, request.Target)