fedimovies/src/activitypub/receiver.rs

332 lines
11 KiB
Rust
Raw Normal View History

use actix_web::HttpRequest;
use serde::de::DeserializeOwned;
2021-04-09 00:22:17 +00:00
use serde_json::Value;
use tokio_postgres::GenericClient;
2021-04-09 00:22:17 +00:00
use crate::config::Config;
2022-10-23 22:18:01 +00:00
use crate::errors::{
ConversionError,
DatabaseError,
HttpError,
ValidationError,
};
use super::activity::{Activity, Object};
use super::authentication::{
2022-10-23 23:46:51 +00:00
verify_signed_activity,
verify_signed_request,
AuthenticationError,
};
2022-10-23 22:18:01 +00:00
use super::fetcher::{
fetchers::FetchError,
helpers::import_post,
};
use super::handlers::{
accept_follow::handle_accept_follow,
add::handle_add,
announce::handle_announce,
delete::handle_delete,
follow::handle_follow,
like::handle_like,
move_person::handle_move_person,
reject_follow::handle_reject_follow,
remove::handle_remove,
undo::handle_undo,
undo_follow::handle_undo_follow,
update_note::handle_update_note,
update_person::handle_update_person,
};
2021-04-09 00:22:17 +00:00
use super::vocabulary::*;
2022-10-23 22:18:01 +00:00
#[derive(thiserror::Error, Debug)]
pub enum HandlerError {
#[error("local object")]
LocalObject,
#[error(transparent)]
FetchError(#[from] FetchError),
#[error(transparent)]
ValidationError(#[from] ValidationError),
#[error(transparent)]
DatabaseError(#[from] DatabaseError),
#[error(transparent)]
AuthError(#[from] AuthenticationError),
2022-10-23 22:18:01 +00:00
}
impl From<HandlerError> for HttpError {
fn from(error: HandlerError) -> Self {
match error {
HandlerError::LocalObject => HttpError::InternalError,
HandlerError::FetchError(error) => {
HttpError::ValidationError(error.to_string())
},
HandlerError::ValidationError(error) => error.into(),
HandlerError::DatabaseError(error) => error.into(),
HandlerError::AuthError(_) => {
HttpError::AuthError("invalid signature")
},
}
}
}
/// Transforms arbitrary property value into array of strings
pub fn parse_array(value: &Value) -> Result<Vec<String>, ConversionError> {
let result = match value {
Value::String(string) => vec![string.to_string()],
Value::Array(array) => {
let mut results = vec![];
for value in array {
match value {
Value::String(string) => results.push(string.to_string()),
Value::Object(object) => {
if let Some(string) = object["id"].as_str() {
results.push(string.to_string());
} else {
// id property is missing
return Err(ConversionError);
};
},
// Unexpected array item type
_ => return Err(ConversionError),
};
};
results
},
// Unexpected value type
_ => return Err(ConversionError),
};
Ok(result)
}
/// Transforms arbitrary property value into array of structs
pub fn parse_property_value<T: DeserializeOwned>(value: &Value) -> Result<Vec<T>, ConversionError> {
let objects = match value {
Value::Array(array) => array.to_vec(),
Value::Object(_) => vec![value.clone()],
// Unexpected value type
_ => return Err(ConversionError),
};
let mut items = vec![];
for object in objects {
let item: T = serde_json::from_value(object)
.map_err(|_| ConversionError)?;
items.push(item);
};
Ok(items)
}
2021-11-29 20:45:36 +00:00
/// Parses object json value and returns its ID as string
pub fn find_object_id(object: &Value) -> Result<String, ValidationError> {
2021-11-29 20:45:36 +00:00
let object_id = match object.as_str() {
Some(object_id) => object_id.to_owned(),
None => {
let object_id = object["id"].as_str()
.ok_or(ValidationError("missing object ID"))?
.to_string();
object_id
2021-11-29 20:45:36 +00:00
},
};
Ok(object_id)
}
fn require_actor_signature(actor_id: &str, signer_id: &str)
-> Result<(), AuthenticationError>
{
if actor_id != signer_id {
2022-05-02 20:56:13 +00:00
// Forwarded activity
log::warn!(
"request signer {} does not match actor {}",
signer_id,
actor_id,
);
return Err(AuthenticationError::InvalidSigner);
};
Ok(())
}
2021-04-09 00:22:17 +00:00
pub async fn receive_activity(
config: &Config,
db_client: &mut impl GenericClient,
request: &HttpRequest,
activity_raw: &Value,
2022-10-23 22:18:01 +00:00
) -> Result<(), HandlerError> {
let activity: Activity = serde_json::from_value(activity_raw.clone())
2021-04-09 00:22:17 +00:00
.map_err(|_| ValidationError("invalid activity"))?;
let activity_type = activity.activity_type.clone();
let activity_actor = activity.actor.clone();
let maybe_object_type = activity.object.get("type")
2021-04-09 00:22:17 +00:00
.and_then(|val| val.as_str())
.unwrap_or("Unknown");
let is_self_delete = if activity_type == DELETE {
let object_id = find_object_id(&activity.object)?;
activity.actor == object_id
} else { false };
// Don't fetch signer if this is Delete(Person) activity
2022-10-23 16:04:02 +00:00
let signer = match verify_signed_request(config, db_client, request, is_self_delete).await {
Ok(signer) => signer,
Err(error) => {
if is_self_delete {
// Ignore Delete(Person) activities without HTTP signatures
return Ok(());
};
2022-10-23 23:46:51 +00:00
log::warn!("invalid HTTP signature: {}", error);
return Err(error.into());
},
};
let signer_id = signer.actor_id(&config.instance_url());
2022-10-23 23:46:51 +00:00
log::debug!("request signed by {}", signer_id);
// Verify embedded signature
match verify_signed_activity(config, db_client, activity_raw).await {
Ok(signer) => {
let signer_id = signer.actor_id(&config.instance_url());
log::info!("activity signed by {}", signer_id);
},
Err(AuthenticationError::NoJsonSignature) => (), // ignore
Err(other_error) => {
log::error!("invalid JSON signature: {}", other_error);
},
};
if config.blocked_instances.iter()
.any(|instance| signer.hostname.as_ref() == Some(instance))
{
log::warn!("ignoring activity from blocked instance: {}", activity_raw);
return Ok(());
};
let maybe_object_type = match (activity_type.as_str(), maybe_object_type) {
2021-04-09 00:22:17 +00:00
(ACCEPT, FOLLOW) => {
require_actor_signature(&activity.actor, &signer_id)?;
handle_accept_follow(config, db_client, activity).await?
},
(REJECT, FOLLOW) => {
require_actor_signature(&activity.actor, &signer_id)?;
handle_reject_follow(config, db_client, activity).await?
2021-04-09 00:22:17 +00:00
},
(CREATE, NOTE | QUESTION | PAGE) => {
2021-04-09 00:22:17 +00:00
let object: Object = serde_json::from_value(activity.object)
.map_err(|_| ValidationError("invalid object"))?;
let object_id = object.id.clone();
let object_received = if activity.actor == signer_id {
Some(object)
} else {
// Fetch forwarded note, don't trust the sender
None
};
import_post(config, db_client, object_id, object_received).await?;
Some(NOTE)
2021-04-09 00:22:17 +00:00
},
(ANNOUNCE, _) => {
require_actor_signature(&activity.actor, &signer_id)?;
handle_announce(config, db_client, activity).await?
},
(DELETE, _) => {
2022-05-02 20:56:13 +00:00
if signer_id != activity.actor {
// Ignore forwarded Delete() activities
return Ok(());
};
handle_delete(config, db_client, activity).await?
2021-11-12 14:51:03 +00:00
},
(EMOJI_REACT | LIKE, _) => {
require_actor_signature(&activity.actor, &signer_id)?;
handle_like(config, db_client, activity).await?
2021-10-29 19:21:26 +00:00
},
2021-04-09 00:22:17 +00:00
(FOLLOW, _) => {
require_actor_signature(&activity.actor, &signer_id)?;
handle_follow(config, db_client, activity).await?
2021-04-09 00:22:17 +00:00
},
(UNDO, FOLLOW) => {
require_actor_signature(&activity.actor, &signer_id)?;
handle_undo_follow(config, db_client, activity).await?
2021-04-09 00:22:17 +00:00
},
(UNDO, _) => {
require_actor_signature(&activity.actor, &signer_id)?;
handle_undo(db_client, activity).await?
},
2022-05-11 12:50:36 +00:00
(UPDATE, NOTE) => {
require_actor_signature(&activity.actor, &signer_id)?;
let object: Object = serde_json::from_value(activity.object)
.map_err(|_| ValidationError("invalid object"))?;
handle_update_note(db_client, object).await?
2022-05-11 12:50:36 +00:00
},
2021-04-09 00:22:17 +00:00
(UPDATE, PERSON) => {
require_actor_signature(&activity.actor, &signer_id)?;
2022-10-19 18:39:47 +00:00
handle_update_person(config, db_client, activity).await?
2021-04-09 00:22:17 +00:00
},
(MOVE, _) => {
require_actor_signature(&activity.actor, &signer_id)?;
handle_move_person(config, db_client, activity).await?
},
(ADD, _) => {
require_actor_signature(&activity.actor, &signer_id)?;
handle_add(config, db_client, activity).await?
},
(REMOVE, _) => {
require_actor_signature(&activity.actor, &signer_id)?;
handle_remove(config, db_client, activity).await?
},
2021-04-09 00:22:17 +00:00
_ => {
log::warn!("activity type is not supported: {}", activity_raw);
return Ok(());
2021-04-09 00:22:17 +00:00
},
};
if let Some(object_type) = maybe_object_type {
log::info!(
"processed {}({}) from {}",
activity_type,
object_type,
activity_actor,
);
};
2021-04-09 00:22:17 +00:00
Ok(())
}
#[cfg(test)]
mod tests {
use serde_json::json;
2021-04-09 00:22:17 +00:00
use super::*;
#[test]
fn test_parse_array_with_string() {
let value = json!("test");
assert_eq!(
parse_array(&value).unwrap(),
vec!["test".to_string()],
);
}
#[test]
fn test_parse_array_with_array() {
let value = json!(["test1", "test2"]);
assert_eq!(
parse_array(&value).unwrap(),
vec!["test1".to_string(), "test2".to_string()],
);
}
2021-11-29 20:45:36 +00:00
#[test]
fn test_parse_array_with_array_of_objects() {
let value = json!([{"id": "test1"}, {"id": "test2"}]);
assert_eq!(
parse_array(&value).unwrap(),
vec!["test1".to_string(), "test2".to_string()],
);
}
2021-11-29 20:45:36 +00:00
#[test]
fn test_find_object_id_from_string() {
2021-11-29 20:45:36 +00:00
let value = json!("test_id");
assert_eq!(find_object_id(&value).unwrap(), "test_id");
2021-11-29 20:45:36 +00:00
}
#[test]
fn test_find_object_id_from_object() {
2021-11-29 20:45:36 +00:00
let value = json!({"id": "test_id", "type": "Note"});
assert_eq!(find_object_id(&value).unwrap(), "test_id");
2021-11-29 20:45:36 +00:00
}
2021-04-09 00:22:17 +00:00
}