activitypub-federation-rust/src/utils/mod.rs

use crate::{
    request_data::RequestData,
    utils::reqwest_shim::ResponseExt,
    Error,
    APUB_JSON_CONTENT_TYPE,
};
use http::{header::HeaderName, HeaderValue, StatusCode};
use serde::de::DeserializeOwned;
use std::{collections::BTreeMap, sync::atomic::Ordering};
use tracing::info;
use url::Url;

pub(crate) mod reqwest_shim;

/// Fetch a remote object over HTTP and convert to `Kind`.
///
/// [crate::core::object_id::ObjectId::dereference] wraps this function to add caching and
/// conversion to database type. Only use this function directly in exceptional cases where that
/// behaviour is undesired.
///
/// Every time an object is fetched via HTTP, [RequestData.request_counter] is incremented by one.
/// If the value exceeds [FederationSettings.http_fetch_limit], the request is aborted with
/// [Error::RequestLimit]. This prevents denial of service attacks where an attack triggers
/// infinite, recursive fetching of data.
pub async fn fetch_object_http<T: Clone, Kind: DeserializeOwned>(
    url: &Url,
    data: &RequestData<T>,
) -> Result<Kind, Error> {
    let config = &data.config;
    // dont fetch local objects this way
    debug_assert!(url.domain() != Some(&config.hostname));
    config.verify_url_valid(url).await?;
    info!("Fetching remote object {}", url.to_string());

    let counter = data.request_counter.fetch_add(1, Ordering::SeqCst);
    if counter > config.http_fetch_limit {
        return Err(Error::RequestLimit);
    }

    let res = config
        .client
        .get(url.as_str())
        .header("Accept", APUB_JSON_CONTENT_TYPE)
        .timeout(config.request_timeout)
        .send()
        .await
        .map_err(Error::conv)?;

    if res.status() == StatusCode::GONE {
        return Err(Error::ObjectDeleted);
    }

    res.json_limited().await
}

/// Check that both urls have the same domain. If not, return UrlVerificationError.
///
/// ```
/// # use url::Url;
/// # use activitypub_federation::utils::verify_domains_match;
/// let a = Url::parse("https://example.com/abc")?;
/// let b = Url::parse("https://sample.net/abc")?;
/// assert!(verify_domains_match(&a, &b).is_err());
/// # Ok::<(), url::ParseError>(())
/// ```
pub fn verify_domains_match(a: &Url, b: &Url) -> Result<(), Error> {
    if a.domain() != b.domain() {
        return Err(Error::UrlVerificationError("Domains do not match"));
    }
    Ok(())
}

/// Check that both urls are identical. If not, return UrlVerificationError.
///
/// ```
/// # use url::Url;
/// # use activitypub_federation::utils::verify_urls_match;
/// let a = Url::parse("https://example.com/abc")?;
/// let b = Url::parse("https://example.com/123")?;
/// assert!(verify_urls_match(&a, &b).is_err());
/// # Ok::<(), url::ParseError>(())
/// ```
pub fn verify_urls_match(a: &Url, b: &Url) -> Result<(), Error> {
    if a != b {
        return Err(Error::UrlVerificationError("Urls do not match"));
    }
    Ok(())
}

/// Utility to converts either actix or axum headermap to a BTreeMap
pub fn header_to_map<'a, H>(headers: H) -> BTreeMap<String, String>
where
    H: IntoIterator<Item = (&'a HeaderName, &'a HeaderValue)>,
{
    let mut header_map = BTreeMap::new();

    for (name, value) in headers {
        if let Ok(value) = value.to_str() {
            header_map.insert(name.to_string(), value.to_string());
        }
    }

    header_map
}
Merge handler params into single struct (#25) 2023-02-11 12:32:35 +00:00			`use crate::{`
			`request_data::RequestData,`
			`utils::reqwest_shim::ResponseExt,`
			`Error,`
			`APUB_JSON_CONTENT_TYPE,`
			`};`
feat: add axum compat (#12) * feat: add actix feature flag * (WIP)feat: add axum feature * WIP: axum veridy digest + example Note: this does not compile yet * WIP * chore: clippy lints * Use actix rt for axum example * ci: run example in CI for both actix and axum * feat: add json wrapper type for axum * docs: update readme with actix and axum feature flags * fix: fix ci * chore: more clippy lints * refactor: update according to PR comment and factorize 'verify_digest' 2022-11-28 21:19:56 +00:00			`use http::{header::HeaderName, HeaderValue, StatusCode};`
Initial commit 2022-06-02 11:17:12 +00:00			`use serde::de::DeserializeOwned;`
Merge handler params into single struct (#25) 2023-02-11 12:32:35 +00:00			`use std::{collections::BTreeMap, sync::atomic::Ordering};`
feat: add axum compat (#12) * feat: add actix feature flag * (WIP)feat: add axum feature * WIP: axum veridy digest + example Note: this does not compile yet * WIP * chore: clippy lints * Use actix rt for axum example * ci: run example in CI for both actix and axum * feat: add json wrapper type for axum * docs: update readme with actix and axum feature flags * fix: fix ci * chore: more clippy lints * refactor: update according to PR comment and factorize 'verify_digest' 2022-11-28 21:19:56 +00:00			`use tracing::info;`
Initial commit 2022-06-02 11:17:12 +00:00			`use url::Url;`

Restrict the body sizes of responses (#23) * Add default response body size limit * Limit all the methods, add reqwest shim that wraps around bytes_stream * Change image to rust:1.65-bullseye * Use `DeserializeOwned` instead of the HRTB over `Deserialize` * Remove the configurability, limit to 100KB * Add documentation to body size restricted functions * rustfmt 2023-01-28 03:45:11 +00:00			`pub(crate) mod reqwest_shim;`

Various improvements for usability, examples and docs 2023-02-19 12:26:01 +00:00			/// Fetch a remote object over HTTP and convert to `Kind`.
			`///`
			`/// [crate::core::object_id::ObjectId::dereference] wraps this function to add caching and`
			`/// conversion to database type. Only use this function directly in exceptional cases where that`
			`/// behaviour is undesired.`
			`///`
			`/// Every time an object is fetched via HTTP, [RequestData.request_counter] is incremented by one.`
			`/// If the value exceeds [FederationSettings.http_fetch_limit], the request is aborted with`
			`/// [Error::RequestLimit]. This prevents denial of service attacks where an attack triggers`
			`/// infinite, recursive fetching of data.`
			`pub async fn fetch_object_http<T: Clone, Kind: DeserializeOwned>(`
Initial commit 2022-06-02 11:17:12 +00:00			`url: &Url,`
Merge handler params into single struct (#25) 2023-02-11 12:32:35 +00:00			`data: &RequestData<T>,`
Initial commit 2022-06-02 11:17:12 +00:00			`) -> Result<Kind, Error> {`
Various improvements for usability, examples and docs 2023-02-19 12:26:01 +00:00			`let config = &data.config;`
Initial commit 2022-06-02 11:17:12 +00:00			`// dont fetch local objects this way`
Various improvements for usability, examples and docs 2023-02-19 12:26:01 +00:00			`debug_assert!(url.domain() != Some(&config.hostname));`
			`config.verify_url_valid(url).await?;`
Initial commit 2022-06-02 11:17:12 +00:00			`info!("Fetching remote object {}", url.to_string());`

Merge handler params into single struct (#25) 2023-02-11 12:32:35 +00:00			`let counter = data.request_counter.fetch_add(1, Ordering::SeqCst);`
Various improvements for usability, examples and docs 2023-02-19 12:26:01 +00:00			`if counter > config.http_fetch_limit {`
Initial commit 2022-06-02 11:17:12 +00:00			`return Err(Error::RequestLimit);`
			`}`

Various improvements for usability, examples and docs 2023-02-19 12:26:01 +00:00			`let res = config`
Initial commit 2022-06-02 11:17:12 +00:00			`.client`
			`.get(url.as_str())`
			`.header("Accept", APUB_JSON_CONTENT_TYPE)`
Various improvements for usability, examples and docs 2023-02-19 12:26:01 +00:00			`.timeout(config.request_timeout)`
Initial commit 2022-06-02 11:17:12 +00:00			`.send()`
			`.await`
			`.map_err(Error::conv)?;`

			`if res.status() == StatusCode::GONE {`
			`return Err(Error::ObjectDeleted);`
			`}`

Restrict the body sizes of responses (#23) * Add default response body size limit * Limit all the methods, add reqwest shim that wraps around bytes_stream * Change image to rust:1.65-bullseye * Use `DeserializeOwned` instead of the HRTB over `Deserialize` * Remove the configurability, limit to 100KB * Add documentation to body size restricted functions * rustfmt 2023-01-28 03:45:11 +00:00			`res.json_limited().await`
Initial commit 2022-06-02 11:17:12 +00:00			`}`

			`/// Check that both urls have the same domain. If not, return UrlVerificationError.`
Various improvements for usability, examples and docs 2023-02-19 12:26:01 +00:00			`///`
			/// ```
			`/// # use url::Url;`
			`/// # use activitypub_federation::utils::verify_domains_match;`
			`/// let a = Url::parse("https://example.com/abc")?;`
			`/// let b = Url::parse("https://sample.net/abc")?;`
			`/// assert!(verify_domains_match(&a, &b).is_err());`
			`/// # Ok::<(), url::ParseError>(())`
			/// ```
Initial commit 2022-06-02 11:17:12 +00:00			`pub fn verify_domains_match(a: &Url, b: &Url) -> Result<(), Error> {`
			`if a.domain() != b.domain() {`
			`return Err(Error::UrlVerificationError("Domains do not match"));`
			`}`
			`Ok(())`
			`}`

			`/// Check that both urls are identical. If not, return UrlVerificationError.`
Various improvements for usability, examples and docs 2023-02-19 12:26:01 +00:00			`///`
			/// ```
			`/// # use url::Url;`
			`/// # use activitypub_federation::utils::verify_urls_match;`
			`/// let a = Url::parse("https://example.com/abc")?;`
			`/// let b = Url::parse("https://example.com/123")?;`
			`/// assert!(verify_urls_match(&a, &b).is_err());`
			`/// # Ok::<(), url::ParseError>(())`
			/// ```
Initial commit 2022-06-02 11:17:12 +00:00			`pub fn verify_urls_match(a: &Url, b: &Url) -> Result<(), Error> {`
			`if a != b {`
			`return Err(Error::UrlVerificationError("Urls do not match"));`
			`}`
			`Ok(())`
			`}`
Improved url verification, explicit debug mode 2022-06-02 12:30:08 +00:00
feat: add axum compat (#12) * feat: add actix feature flag * (WIP)feat: add axum feature * WIP: axum veridy digest + example Note: this does not compile yet * WIP * chore: clippy lints * Use actix rt for axum example * ci: run example in CI for both actix and axum * feat: add json wrapper type for axum * docs: update readme with actix and axum feature flags * fix: fix ci * chore: more clippy lints * refactor: update according to PR comment and factorize 'verify_digest' 2022-11-28 21:19:56 +00:00			`/// Utility to converts either actix or axum headermap to a BTreeMap`
			`pub fn header_to_map<'a, H>(headers: H) -> BTreeMap<String, String>`
			`where`
			`H: IntoIterator<Item = (&'a HeaderName, &'a HeaderValue)>,`
			`{`
			`let mut header_map = BTreeMap::new();`
Improved url verification, explicit debug mode 2022-06-02 12:30:08 +00:00
feat: add axum compat (#12) * feat: add actix feature flag * (WIP)feat: add axum feature * WIP: axum veridy digest + example Note: this does not compile yet * WIP * chore: clippy lints * Use actix rt for axum example * ci: run example in CI for both actix and axum * feat: add json wrapper type for axum * docs: update readme with actix and axum feature flags * fix: fix ci * chore: more clippy lints * refactor: update according to PR comment and factorize 'verify_digest' 2022-11-28 21:19:56 +00:00			`for (name, value) in headers {`
			`if let Ok(value) = value.to_str() {`
			`header_map.insert(name.to_string(), value.to_string());`
			`}`
Improved url verification, explicit debug mode 2022-06-02 12:30:08 +00:00			`}`

feat: add axum compat (#12) * feat: add actix feature flag * (WIP)feat: add axum feature * WIP: axum veridy digest + example Note: this does not compile yet * WIP * chore: clippy lints * Use actix rt for axum example * ci: run example in CI for both actix and axum * feat: add json wrapper type for axum * docs: update readme with actix and axum feature flags * fix: fix ci * chore: more clippy lints * refactor: update according to PR comment and factorize 'verify_digest' 2022-11-28 21:19:56 +00:00			`header_map`
Improved url verification, explicit debug mode 2022-06-02 12:30:08 +00:00			`}`