Commit graph

53 commits

Author SHA1 Message Date
Eugen Rochko
e98c86050a
Refactor Cache-Control and Vary definitions () 2023-04-19 16:07:29 +02:00
Claire
8cf7006d4e
Refactor ActivityPub handling to prepare for non-Account actors ()
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is
specifically required to be an Account

* Refactor SignatureVerification to allow non-Account actors

* fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

* Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors

* Refactor inbound ActivityPub payload processing to accept non-Account actors

* Refactor inbound ActivityPub processing to accept activities relayed through non-Account

* Refactor how Account key URIs are built

* Refactor Request and drop unused key_id_format parameter

* Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
2022-09-21 22:45:57 +02:00
Eugen Rochko
9f81b9f29a
Fix suspended users being able to access APIs that don't require a user () 2022-05-26 22:04:05 +02:00
Eugen Rochko
67d550830b
Fix locale not being set in REST API () 2022-03-22 12:29:04 +01:00
Eugen Rochko
8f6c67bfde
Fix performance of account timelines ()
* Fix performance of account timelines

* Various fixes and improvements

* Fix duplicate results being returned

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Fix grouping for pinned statuses scope

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-03-08 09:14:39 +01:00
Claire
73a782391c
Fix replies collection incorrectly looping ()
* Refactor tests

* Add tests

* Fix replies collection incorrectly looping
2022-02-07 17:06:43 +01:00
Claire
d5c9feb7b7
Add support for private pinned posts ()
* Add support for private pinned toots

* Allow local user to pin private toots

* Change wording to avoid "direct message"
2022-01-17 00:49:55 +01:00
Claire
e0af97164a
Fix followers synchronization mechanism not working when URI has empty path ()
Follow-up to , forgot the controller exposing the actual followers…
2021-09-15 18:51:16 +02:00
Claire
49219508bc
Fix anonymous access to outbox not being cached by the reverse proxy ()
* Fix anonymous access to outbox not being cached by the reverse proxy

Up until now, anonymous access to outbox was marked as public, but with a
0 duration for caching, which means remote proxies would only serve from cache
when the server was completely overwhelmed.

Changed that cache duration to one minute, so that repeated anonymous access
to one account's outbox can be appropriately cached.

Also added `Signature` to the `Vary` header in case a page is requested, so
that authenticated fetches are never served from cache (which only contains
public toots).

* Remove Vary: Accept header from webfinger controller

Indeed, we have stopped returning xrd, and only ever return jrd, so the
Accept request header does not matter anymore.

* Cache negative webfinger hits for 3 minutes
2021-07-03 21:13:47 +02:00
Claire
3b27b09acb
Fix some IDs in instance actor outbox () 2021-05-31 22:59:30 +02:00
Claire
566fc90913
Add Ruby 3.0 support ()
* Fix issues with POSIX::Spawn, Terrapin and Ruby 3.0

Also improve the Terrapin monkey-patch for the stderr/stdout issue.

* Fix keyword argument handling throughout the codebase

* Monkey-patch Paperclip to fix keyword arguments handling in validators

* Change validation_extensions to please CodeClimate

* Bump microformats from 4.2.1 to 4.3.1

* Allow Ruby 3.0

* Add Ruby 3.0 test target to CircleCI

* Add test for admin dashboard warnings

* Fix admin dashboard warnings on Ruby 3.0
2021-05-06 14:22:54 +02:00
ThibG
a1a8aa4a08
Skip processing Update activities on unknown accounts ()
This also skips fetching the actor completely.

This will be useful if we end up distributing Update activities linked to
account suspensions more widely (they are currently only delivered to
the suspended account's followers), as currently, instances not knowing
about the suspended account would fetch it to then process the suspension.

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2021-01-08 12:26:29 +01:00
Eugen Rochko
3134691948
Add support for reversible suspensions through ActivityPub () 2020-11-08 00:28:39 +01:00
ThibG
ca56527140
Add follower synchronization mechanism ()
* Add support for followers synchronization on the receiving end

Check the `collectionSynchronization` attribute on `Create` and `Announce`
activities and synchronize followers from provided collection if possible.

* Add tests for followers synchronization on the receiving end

* Add support for follower synchronization on the sender's end

* Add tests for the sending end

* Switch from AS attributes to HTTP header

Replace the custom `collectionSynchronization` ActivityStreams attribute by
an HTTP header (`X-AS-Collection-Synchronization`) with the same syntax as
the `Signature` header and the following fields:
- `collectionId` to specify which collection to synchronize
- `digest` for the SHA256 hex-digest of the list of followers known on the
   receiving instance (where “receiving instance” is determined by accounts
   sharing the same host name for their ActivityPub actor `id`)
- `url` of a collection that should be fetched by the instance actor

Internally, move away from the webfinger-based `domain` attribute and use
account `uri` prefix to group accounts.

* Add environment variable to disable followers synchronization

Since the whole mechanism relies on some new preconditions that, in some
extremely rare cases, might not be met, add an environment variable
(DISABLE_FOLLOWERS_SYNCHRONIZATION) to disable the mechanism altogether and
avoid followers being incorrectly removed.

The current conditions are:
1. all managed accounts' actor `id` and inbox URL have the same URI scheme and
   netloc.
2. all accounts whose actor `id` or inbox URL share the same URI scheme and
   netloc as a managed account must be managed by the same Mastodon instance
   as well.

As far as Mastodon is concerned, breaking those preconditions require extensive
configuration changes in the reverse proxy and might also cause other issues.

Therefore, this environment variable provides a way out for people with highly
unusual configurations, and can be safely ignored for the overwhelming majority
of Mastodon administrators.

* Only set follower synchronization header on non-public statuses

This is to avoid unnecessary computations and allow Follow-related
activities to be handled by the usual codepath instead of going through
the synchronization mechanism (otherwise, any Follow/Undo/Accept activity
would trigger the synchronization mechanism even if processing the activity
itself would be enough to re-introduce synchronization)

* Change how ActivityPub::SynchronizeFollowersService handles follow requests

If the remote lists a local follower which we only know has sent a follow
request, consider the follow request as accepted instead of sending an Undo.

* Integrate review feeback

- rename X-AS-Collection-Synchronization to Collection-Synchronization
- various minor refactoring and code style changes

* Only select required fields when computing followers_hash

* Use actor URI rather than webfinger domain in synchronization endpoint

* Change hash computation to be a XOR of individual hashes

Makes it much easier to be memory-efficient, and avoid sorting discrepancy issues.

* Marginally improve followers_hash computation speed

* Further improve hash computation performances by using pluck_each
2020-10-21 18:04:09 +02:00
Eugen Rochko
e6b272e5c9
Change REST API to return empty data for suspended accounts () 2020-09-11 15:16:29 +02:00
ThibG
abee40b232
Add outbox attribute to instance actor ()
It's not useful for now, but it's required by ActivityPub
2020-09-02 18:42:50 +02:00
Eugen Rochko
17340365bb
Add featured hashtags as an ActivityPub collection () 2020-09-02 02:11:12 +02:00
Akihiko Odaki
64ef37b89d
Introduce ApplicationController#cache_collection_paginated_by_id ()
* Replace incorrect use of distinct with group

Some uses of ActiveRecord::QueryMethods#distinct pass field names but they
are incorrect for the current version of Rails.

ActiveRecord::QueryMethods#group provides the expected behavior and
benefits performance. See commit 6da24aad4cafdef8d8a2c92bac2002a5fc2fe9c8.

* Introduce ApplicationController#cache_collection_paginated_by_id

ApplicationController#cache_collection_paginated_by_id fuses
ApplicationController#cache_collection and Paginable.paginate_by_id.

An advantage of this method is that it prevents from modifying scope which
Paginable.paginate_by_id may provide.
ApplicationController#cache_collection always return an array and there
is no possibility of the scope modification. It is also clear for a
programmer, considering the implication of "cache".

This method can also emit more efficient queries by using
Cacheable.cache_ids before calling Paginable.paginate_by_id.
2020-08-28 12:31:56 +02:00
Eugen Rochko
5d8398c8b8
Add E2EE API () 2020-06-02 19:24:53 +02:00
Eugen Rochko
988b0493fe
Add more tests for ActivityPub controllers () 2020-05-03 16:30:36 +02:00
Eugen Rochko
5edff32733
Change delivery failure tracking to work with hostnames instead of URLs () 2020-04-15 20:33:24 +02:00
ThibG
bd684e25d9 Fix incoming federation in whitelist mode ()
… posting to the AP inbox required a logged-in local user…
2019-10-24 22:45:35 +02:00
abcang
059945c97c Improve status pin query () 2019-09-27 15:23:30 +02:00
ThibG
53071389ee Fix multiple issues with replies collection for pages further than self-replies ()
* Fix the replies collection returning snowflakes ids rather than URIs

Fixes 

* Fix min_id in replies queries once self-replies are exhausted

* Fix `next` attribute of replies collection being nil when there are no self-replies

* Rename other_accounts param to only_other_accounts
2019-08-16 22:58:51 +02:00
Eugen Rochko
24552b5160
Add whitelist mode () 2019-07-30 11:10:46 +02:00
Eugen Rochko
c669bb42ba
Add (back) rails-level JSON caching () 2019-07-21 22:32:16 +02:00
ThibG
15ddabf95a Fix caching headers in ActivityPub endpoints ()
* Fix reverse-proxy caching in public fetch mode

* Fix caching in ActivityPub-specific controllers
2019-07-17 00:00:39 +02:00
Eugen Rochko
5bf67ca913
Add ActivityPub secure mode ()
* Add HTTP signature requirement for served ActivityPub resources

* Change `SECURE_MODE` to `AUTHORIZED_FETCH`

* Add 'Signature' to 'Vary' header and improve code style

* Improve code style by adding `public_fetch_mode?` method
2019-07-11 20:11:09 +02:00
Eugen Rochko
63c7fe8e48
Refactor controllers for statuses, accounts, and more () 2019-07-08 12:03:45 +02:00
Eugen Rochko
23aeef52cc
Remove Salmon and PubSubHubbub ()
* Remove Salmon and PubSubHubbub endpoints

* Add error when trying to follow OStatus accounts

* Fix new accounts not being created in ResolveAccountService
2019-07-06 23:26:16 +02:00
ThibG
cac9110533 Cleanup various controllers ()
* Remove skip_session! as it is not supported in Rails 5

* Minor cleanup in StreamEntriesController

* Remove redundant mark_cacheable! calls
2019-06-05 14:02:59 +02:00
ThibG
cc6e3c3900 Cache featured collections, as well as outbox, followers and following () 2019-04-04 01:30:44 +02:00
ThibG
68c797bece Ensure request.body isn't emptied out before signature verification ()
Fixes 
2019-03-31 17:27:24 +02:00
ThibG
66d9452092 Do not try fetching keys of unknown accounts on a Delete from them () 2019-03-20 17:20:16 +01:00
ysksn
ed24bb2c3e Add specs for activitypub collections controller ()
* Add specs for ActivityPub::CollectionsController#show

* Raise ActiveRecord::RecordNotFound

Raising ActiveRecord::NotFound raises NameError: uninitialized constant
ActiveRecord::NotFound.
2018-12-10 21:39:25 +01:00
Eugen Rochko
d4cf963749
Allow inbox owner to view implicitly targeted ActivityPub payload ()
Fix 
2018-10-25 18:12:22 +02:00
Eugen Rochko
2c1f7b2ece
Better pagination for ActivityPub outbox () 2018-05-04 19:19:11 +02:00
Eugen Rochko
9110db41c5
Federate pinned statuses over ActivityPub ()
* Federate pinned statuses over ActivityPub

* Display pinned toots in web UI

Fix 

* Fix migration

* Fix tests

* Update outbox_serializer.rb

* Update remove_serializer.rb

* Update add_serializer.rb

* Update fetch_featured_collection_service.rb
2018-03-04 09:19:11 +01:00
abcang
cf32f7da5c Fix response of signature_verification_failure_reason () 2018-02-08 05:00:45 +01:00
puckipedia
8e4cf6282b Allow retrieval of private statuses (single or in outbox) using HTTP signatures () 2018-02-02 10:19:59 +01:00
Akihiko Odaki
613e7c7521 Rename ResolveRemoteAccountService to ResolveAccountService ()
The service used to be named ResolveRemoteAccountService resolves local
accounts as well.
2018-01-22 14:25:09 +01:00
Eugen Rochko
dbda87c31f
Revert () 2018-01-08 10:57:52 +01:00
Eugen Rochko
c10f4bdb03
Cache JSON of immutable ActivityPub representations () 2018-01-04 01:21:38 +01:00
Akihiko Odaki
161c72d66d Allow to dereference Follow object for ActivityPub ()
* Allow to dereference Follow object for ActivityPub

* Accept IRI as object representation for Accept activity
2018-01-03 18:08:57 +01:00
ThibG
dfaa219f88 Fix HTTP responses for salmon and ActivityPub inbox processing ()
* Return sensible HTTP status for ActivityPub inbox processing

* Return sensible HTTP status for salmon slap processing

* Return additional information to debug signature verification failures
2017-10-03 23:21:19 +02:00
Eugen Rochko
f4ca116ea8 After 7 days of repeated delivery failures, give up on inbox ()
- A successful delivery cancels it out
- An incoming delivery from account of the inbox cancels it out
2017-09-29 03:16:20 +02:00
Eugen Rochko
a187dcefa1 Instantly upgrade account to ActivityPub if we receive ActivityPub payload () 2017-09-03 01:11:23 +02:00
Eugen Rochko
2db9ccaf3e Add sharedInbox to actors () 2017-08-31 00:02:59 +02:00
Eugen Rochko
6e9eda5331 ActivityPub migration procedure ()
* ActivityPub migration procedure

Once one account is detected as going from OStatus to ActivityPub,
invalidate WebFinger cache for other accounts from the same domain

* Unsubscribe from PuSH updates once we receive an ActivityPub payload

* Re-subscribe to PuSH unless already unsubscribed, regardless of protocol
2017-08-21 01:14:40 +02:00
Eugen Rochko
6df8bd277b Set correct content-type for ActivityPub JSON () 2017-08-14 04:16:43 +02:00