fedimovies/src/activitypub/receiver.rs

325 lines
9.6 KiB
Rust
Raw Normal View History

use actix_web::HttpRequest;
use serde::de::DeserializeOwned;
2021-04-09 00:22:17 +00:00
use serde_json::Value;
use tokio_postgres::GenericClient;
2021-04-09 00:22:17 +00:00
use crate::config::Config;
2022-12-03 22:09:42 +00:00
use crate::database::DatabaseError;
2022-10-23 22:18:01 +00:00
use crate::errors::{
ConversionError,
HttpError,
ValidationError,
};
use super::authentication::{
2022-10-23 23:46:51 +00:00
verify_signed_activity,
verify_signed_request,
AuthenticationError,
};
use super::fetcher::fetchers::FetchError;
use super::handlers::{
2022-12-07 20:26:51 +00:00
accept::handle_accept,
add::handle_add,
announce::handle_announce,
2022-12-07 20:26:51 +00:00
create::handle_create,
delete::handle_delete,
follow::handle_follow,
like::handle_like,
2022-12-07 20:26:51 +00:00
r#move::handle_move,
reject::handle_reject,
remove::handle_remove,
undo::handle_undo,
update::handle_update,
};
2021-04-09 00:22:17 +00:00
use super::vocabulary::*;
2022-10-23 22:18:01 +00:00
#[derive(thiserror::Error, Debug)]
pub enum HandlerError {
#[error("local object")]
LocalObject,
#[error(transparent)]
FetchError(#[from] FetchError),
#[error(transparent)]
ValidationError(#[from] ValidationError),
#[error(transparent)]
DatabaseError(#[from] DatabaseError),
#[error(transparent)]
AuthError(#[from] AuthenticationError),
2022-10-23 22:18:01 +00:00
}
impl From<HandlerError> for HttpError {
fn from(error: HandlerError) -> Self {
match error {
HandlerError::LocalObject => HttpError::InternalError,
HandlerError::FetchError(error) => {
HttpError::ValidationError(error.to_string())
},
HandlerError::ValidationError(error) => error.into(),
HandlerError::DatabaseError(error) => error.into(),
HandlerError::AuthError(_) => {
HttpError::AuthError("invalid signature")
},
}
}
}
/// Transforms arbitrary property value into array of strings
pub fn parse_array(value: &Value) -> Result<Vec<String>, ConversionError> {
let result = match value {
Value::String(string) => vec![string.to_string()],
Value::Array(array) => {
let mut results = vec![];
for value in array {
match value {
Value::String(string) => results.push(string.to_string()),
Value::Object(object) => {
if let Some(string) = object["id"].as_str() {
results.push(string.to_string());
} else {
// id property is missing
return Err(ConversionError);
};
},
// Unexpected array item type
_ => return Err(ConversionError),
};
};
results
},
// Unexpected value type
_ => return Err(ConversionError),
};
Ok(result)
}
/// Transforms arbitrary property value into array of structs
pub fn parse_property_value<T: DeserializeOwned>(value: &Value) -> Result<Vec<T>, ConversionError> {
let objects = match value {
Value::Array(array) => array.to_vec(),
Value::Object(_) => vec![value.clone()],
// Unexpected value type
_ => return Err(ConversionError),
};
let mut items = vec![];
for object in objects {
let item: T = serde_json::from_value(object)
.map_err(|_| ConversionError)?;
items.push(item);
};
Ok(items)
}
2021-11-29 20:45:36 +00:00
/// Parses object json value and returns its ID as string
pub fn find_object_id(object: &Value) -> Result<String, ValidationError> {
2021-11-29 20:45:36 +00:00
let object_id = match object.as_str() {
Some(object_id) => object_id.to_owned(),
None => {
let object_id = object["id"].as_str()
.ok_or(ValidationError("missing object ID"))?
.to_string();
object_id
2021-11-29 20:45:36 +00:00
},
};
Ok(object_id)
}
2021-04-09 00:22:17 +00:00
pub async fn receive_activity(
config: &Config,
db_client: &mut impl GenericClient,
request: &HttpRequest,
2022-12-09 21:16:53 +00:00
activity: &Value,
2022-10-23 22:18:01 +00:00
) -> Result<(), HandlerError> {
2022-12-09 21:16:53 +00:00
let activity_type = activity["type"].as_str()
2022-12-08 18:01:47 +00:00
.ok_or(ValidationError("type property is missing"))?;
2022-12-09 21:16:53 +00:00
let activity_actor = activity["actor"].as_str()
2022-12-08 18:01:47 +00:00
.ok_or(ValidationError("actor property is missing"))?;
let is_self_delete = if activity_type == DELETE {
2022-12-09 21:16:53 +00:00
let object_id = find_object_id(&activity["object"])?;
2022-12-08 18:01:47 +00:00
object_id == activity_actor
} else { false };
2022-12-07 22:10:58 +00:00
// HTTP signature is required
let mut signer = match verify_signed_request(
config,
db_client,
request,
// Don't fetch signer if this is Delete(Person) activity
is_self_delete,
).await {
Ok(request_signer) => {
log::debug!("request signed by {}", request_signer.acct);
request_signer
},
Err(error) => {
2022-12-07 22:10:58 +00:00
if is_self_delete && matches!(
error,
AuthenticationError::NoHttpSignature |
AuthenticationError::DatabaseError(_)
) {
// Ignore Delete(Person) activities without HTTP signatures
2022-12-07 22:10:58 +00:00
// or if signer is not found in local database
return Ok(());
};
2022-10-23 23:46:51 +00:00
log::warn!("invalid HTTP signature: {}", error);
return Err(error.into());
},
};
2022-10-23 23:46:51 +00:00
2022-12-07 22:10:58 +00:00
// JSON signature is optional
match verify_signed_activity(
config,
db_client,
2022-12-09 21:16:53 +00:00
activity,
// Don't fetch actor if this is Delete(Person) activity
is_self_delete,
).await {
Ok(activity_signer) => {
if activity_signer.acct != signer.acct {
log::warn!(
"request signer {} is different from activity signer {}",
signer.acct,
activity_signer.acct,
);
} else {
log::debug!("activity signed by {}", activity_signer.acct);
};
// Activity signature has higher priority
signer = activity_signer;
2022-10-23 23:46:51 +00:00
},
Err(AuthenticationError::NoJsonSignature) => (), // ignore
Err(other_error) => {
log::warn!("invalid JSON signature: {}", other_error);
2022-10-23 23:46:51 +00:00
},
};
if config.blocked_instances.iter()
.any(|instance| signer.hostname.as_ref() == Some(instance))
{
2022-12-09 21:16:53 +00:00
log::warn!("ignoring activity from blocked instance: {}", activity);
return Ok(());
};
let signer_id = signer.actor_id(&config.instance_url());
2022-12-08 18:01:47 +00:00
let is_authenticated = activity_actor == signer_id;
if !is_authenticated {
match activity_type {
CREATE => (), // Accept forwarded Create() activities
DELETE => {
// Ignore forwarded Delete(Person) and Delete(Note) activities
return Ok(());
},
_ => {
// Reject other types
log::warn!(
"request signer {} does not match actor {}",
signer_id,
activity_actor,
);
return Err(AuthenticationError::UnexpectedSigner.into());
},
};
};
2022-12-09 21:16:53 +00:00
let activity = activity.clone();
2022-12-08 18:01:47 +00:00
let maybe_object_type = match activity_type {
ACCEPT => {
2022-12-07 20:26:51 +00:00
handle_accept(config, db_client, activity).await?
},
ADD => {
handle_add(config, db_client, activity).await?
2021-04-09 00:22:17 +00:00
},
ANNOUNCE => {
handle_announce(config, db_client, activity).await?
},
CREATE => {
handle_create(config, db_client, activity, is_authenticated).await?
},
DELETE => {
handle_delete(config, db_client, activity).await?
2021-11-12 14:51:03 +00:00
},
FOLLOW => {
handle_follow(config, db_client, activity).await?
2021-04-09 00:22:17 +00:00
},
LIKE | EMOJI_REACT => {
handle_like(config, db_client, activity).await?
2021-04-09 00:22:17 +00:00
},
MOVE => {
2022-12-07 20:26:51 +00:00
handle_move(config, db_client, activity).await?
},
REJECT => {
handle_reject(config, db_client, activity).await?
},
REMOVE => {
handle_remove(config, db_client, activity).await?
},
UNDO => {
handle_undo(config, db_client, activity).await?
},
UPDATE => {
handle_update(config, db_client, activity).await?
},
2021-04-09 00:22:17 +00:00
_ => {
2022-12-09 21:16:53 +00:00
log::warn!("activity type is not supported: {}", activity);
return Ok(());
2021-04-09 00:22:17 +00:00
},
};
if let Some(object_type) = maybe_object_type {
log::info!(
"processed {}({}) from {}",
activity_type,
object_type,
activity_actor,
);
};
2021-04-09 00:22:17 +00:00
Ok(())
}
#[cfg(test)]
mod tests {
use serde_json::json;
2021-04-09 00:22:17 +00:00
use super::*;
#[test]
fn test_parse_array_with_string() {
let value = json!("test");
assert_eq!(
parse_array(&value).unwrap(),
vec!["test".to_string()],
);
}
#[test]
fn test_parse_array_with_array() {
let value = json!(["test1", "test2"]);
assert_eq!(
parse_array(&value).unwrap(),
vec!["test1".to_string(), "test2".to_string()],
);
}
2021-11-29 20:45:36 +00:00
#[test]
fn test_parse_array_with_array_of_objects() {
let value = json!([{"id": "test1"}, {"id": "test2"}]);
assert_eq!(
parse_array(&value).unwrap(),
vec!["test1".to_string(), "test2".to_string()],
);
}
2021-11-29 20:45:36 +00:00
#[test]
fn test_find_object_id_from_string() {
2021-11-29 20:45:36 +00:00
let value = json!("test_id");
assert_eq!(find_object_id(&value).unwrap(), "test_id");
2021-11-29 20:45:36 +00:00
}
#[test]
fn test_find_object_id_from_object() {
2021-11-29 20:45:36 +00:00
let value = json!({"id": "test_id", "type": "Note"});
assert_eq!(find_object_id(&value).unwrap(), "test_id");
2021-11-29 20:45:36 +00:00
}
2021-04-09 00:22:17 +00:00
}