mirrors/activitypub-federation-rust
1
0
Fork 0
mirror of https://github.com/LemmyNet/activitypub-federation-rust.git synced 2024-11-10 18:51:03 +00:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: mirrors:0.5.0-beta.6
Branches Tags
mirrors:main
mirrors:dereference-default
mirrors:release/v0.5
mirrors:warn-slow-send
mirrors:refetch-id-no-match
mirrors:nested-comments-stack-overflow
mirrors:url-wrapper
mirrors:pbzweihander-upgrade-axum
mirrors:fix_clippy
mirrors:upgrade-deps4
mirrors:add_codeowners
mirrors:remove-pleroma-webfinger-test
mirrors:content-type-lower
mirrors:renovate/configure
mirrors:content-type-case-insensitive
mirrors:upgrade-deps
mirrors:signed-digest
mirrors:is-local-no-domain
mirrors:security-fixes
mirrors:object-id-is-local
mirrors:no-duplicate-ci
mirrors:follow-local-redirect
mirrors:retry-more-activity-errors
mirrors:actix-inbox-parts
mirrors:activity-published-field
mirrors:fix-fetch-limit
mirrors:debug-signed-fetch
mirrors:optional-activity-queue
mirrors:fetch-security-checks
mirrors:deserialize_one_return
mirrors:better-json-errors
mirrors:context-not-array
mirrors:refactoring
mirrors:fetch-errors
mirrors:diesel-feature
mirrors:upgrade-deps3
mirrors:parse-impl
mirrors:partialeq
mirrors:webfinger-alphabets
mirrors:fetch-redirect
mirrors:0.4
mirrors:webfinger-template
mirrors:url-verifier-error
mirrors:Nutomic-patch-1
mirrors:fix-tests
mirrors:send-rate-limit
mirrors:fix-signature-expiration
mirrors:retry-connection-failure
mirrors:http-signature-expire-day
mirrors:update-deps
mirrors:actix-rt-dev-dep
mirrors:upgrade-deps2
mirrors:add_woodpecker
mirrors:0.4-lemmy-compat
mirrors:readd-verify-methods
mirrors:various-improvements
mirrors:merge-handler-params
mirrors:0.3
mirrors:fix-deserialize-skip-error
mirrors:no-verify
mirrors:rename-http-fetch-limit
mirrors:fix-date-header
mirrors:abort-retry
mirrors:less-retries
mirrors:digest-verified
mirrors:use-enum-delegate
mirrors:async-verify
mirrors:prepare-0.2.0
mirrors:0.5.9
mirrors:0.6.0-alpha2
mirrors:0.6.0-alpha1
mirrors:0.5.8
mirrors:0.5.7
mirrors:0.5.6
mirrors:0.5.5
mirrors:0.5.4
mirrors:0.5.3
mirrors:0.5.2
mirrors:0.5.1
mirrors:0.5.1-beta.1
mirrors:0.5.0
mirrors:0.5.0-beta.7
mirrors:0.5.0-beta.6
mirrors:0.5.0-beta.5
mirrors:0.5.0-beta.4
mirrors:0.5.0-beta.3
mirrors:0.5.0-beta.2
mirrors:0.4.7
mirrors:0.5.0-beta.1
mirrors:0.4.6
mirrors:0.4.5
mirrors:0.4.4
mirrors:0.4.3
mirrors:0.4.2
mirrors:0.4.1
mirrors:0.4.0
mirrors:0.4.0-rc3
mirrors:0.4.0-rc2
mirrors:0.4.0-rc1
mirrors:0.3.5
mirrors:0.3.4
mirrors:0.3.3
mirrors:0.3.2
mirrors:0.3.1
mirrors:0.3.0
mirrors:0.2.3
mirrors:0.2.2
mirrors:0.2.1
mirrors:0.2.0
mirrors:0.1.0
...
compare: mirrors:main
Branches Tags
mirrors:main
mirrors:dereference-default
mirrors:release/v0.5
mirrors:warn-slow-send
mirrors:refetch-id-no-match
mirrors:nested-comments-stack-overflow
mirrors:url-wrapper
mirrors:pbzweihander-upgrade-axum
mirrors:fix_clippy
mirrors:upgrade-deps4
mirrors:add_codeowners
mirrors:remove-pleroma-webfinger-test
mirrors:content-type-lower
mirrors:renovate/configure
mirrors:content-type-case-insensitive
mirrors:upgrade-deps
mirrors:signed-digest
mirrors:is-local-no-domain
mirrors:security-fixes
mirrors:object-id-is-local
mirrors:no-duplicate-ci
mirrors:follow-local-redirect
mirrors:retry-more-activity-errors
mirrors:actix-inbox-parts
mirrors:activity-published-field
mirrors:fix-fetch-limit
mirrors:debug-signed-fetch
mirrors:optional-activity-queue
mirrors:fetch-security-checks
mirrors:deserialize_one_return
mirrors:better-json-errors
mirrors:context-not-array
mirrors:refactoring
mirrors:fetch-errors
mirrors:diesel-feature
mirrors:upgrade-deps3
mirrors:parse-impl
mirrors:partialeq
mirrors:webfinger-alphabets
mirrors:fetch-redirect
mirrors:0.4
mirrors:webfinger-template
mirrors:url-verifier-error
mirrors:Nutomic-patch-1
mirrors:fix-tests
mirrors:send-rate-limit
mirrors:fix-signature-expiration
mirrors:retry-connection-failure
mirrors:http-signature-expire-day
mirrors:update-deps
mirrors:actix-rt-dev-dep
mirrors:upgrade-deps2
mirrors:add_woodpecker
mirrors:0.4-lemmy-compat
mirrors:readd-verify-methods
mirrors:various-improvements
mirrors:merge-handler-params
mirrors:0.3
mirrors:fix-deserialize-skip-error
mirrors:no-verify
mirrors:rename-http-fetch-limit
mirrors:fix-date-header
mirrors:abort-retry
mirrors:less-retries
mirrors:digest-verified
mirrors:use-enum-delegate
mirrors:async-verify
mirrors:prepare-0.2.0
mirrors:0.5.9
mirrors:0.6.0-alpha2
mirrors:0.6.0-alpha1
mirrors:0.5.8
mirrors:0.5.7
mirrors:0.5.6
mirrors:0.5.5
mirrors:0.5.4
mirrors:0.5.3
mirrors:0.5.2
mirrors:0.5.1
mirrors:0.5.1-beta.1
mirrors:0.5.0
mirrors:0.5.0-beta.7
mirrors:0.5.0-beta.6
mirrors:0.5.0-beta.5
mirrors:0.5.0-beta.4
mirrors:0.5.0-beta.3
mirrors:0.5.0-beta.2
mirrors:0.4.7
mirrors:0.5.0-beta.1
mirrors:0.4.6
mirrors:0.4.5
mirrors:0.4.4
mirrors:0.4.3
mirrors:0.4.2
mirrors:0.4.1
mirrors:0.4.0
mirrors:0.4.0-rc3
mirrors:0.4.0-rc2
mirrors:0.4.0-rc1
mirrors:0.3.5
mirrors:0.3.4
mirrors:0.3.3
mirrors:0.3.2
mirrors:0.3.1
mirrors:0.3.0
mirrors:0.2.3
mirrors:0.2.2
mirrors:0.2.1
mirrors:0.2.0
mirrors:0.1.0

46 commits
0.5.0-beta ... main

Author SHA1 Message Date
Nutomic
6814ff1932
If dereference fails, return object from local db instead (#129) 2024-11-08 07:37:55 -05:00
MrKaplan
6dfd30a8ab
Add test case for http fetch limit fixed in #97 (#128) 2024-09-20 10:02:04 +02:00
Nutomic
df8876c096
Log warning if activity sending is slow (#127) 2024-09-19 06:22:48 -04:00
Nutomic
a35c8cbea5
If id of fetched object doesnt match url, refetch it (#126) 2024-09-13 16:09:04 +02:00
Felix Ableitner
1126603b61 Version 0.6.0-alpha2 2024-09-13 11:22:39 +02:00
Felix Ableitner
027b386514 Avoid stack overflow when fetching deeply nested comments (#124) 2024-09-13 11:21:26 +02:00
Felix Ableitner
2079b82de7 Version 0.6.0-alpha1 2024-09-11 15:00:47 +02:00
Kangwook Lee (이강욱)
487c988377
Upgrade axum and http (#123) 
* Upgrade axum and http

* Fix formatting

* use expect

---------

Co-authored-by: Felix Ableitner <me@nutomic.com>
 2024-09-11 08:47:13 -04:00
Dessalines
83a156394e
Fixing clippy. (#121) 2024-07-17 10:00:31 +02:00
Dessalines
d45ce32e88
Adding codeowners. (#119) 2024-07-17 10:00:04 +02:00
Felix Ableitner
a0e0c54b57 Version 0.5.8 2024-07-16 12:29:56 +02:00
Nutomic
4920d1a2de
Upgrade dependencies (#120) 2024-07-16 12:29:14 +02:00
藍+85CD
472f6ffac5
chore(deps/reqwest): enable rustls-tls feature (#118) 2024-07-16 11:48:45 +02:00
藍+85CD
8f47daa2e2
refactor!: use rsa instead of openssl (#116) 
* refactor!: use `rsa` instead of `openssl`

* fix: format code

* fix: format code

* fix: lint code

* fix: format code
 2024-07-15 10:20:35 +02:00
Nutomic
08af457453
Dont connect to broken Pleroma instance during webfinger test (#117) 2024-07-11 11:42:31 -04:00
藍+85CD
930c928878
chore: update .gitignore (#115) 
* chore: update .gitignore

* chore(gitignore): add comments
 2024-07-09 18:07:08 +02:00
Nutomic
6edbc06a78
Convert content-type to lowercase for comparison (#114) 
* Convert content-type to lowercase for comparison

* rust 1.78

* clippy priority

* upgrade dep
 2024-06-11 11:16:04 +02:00
Felix Ableitner
175b22006b Revert "Version 0.5.7" 
This reverts commit a251140952.
 2024-06-06 00:02:41 +02:00
Felix Ableitner
e118e4f240 Reapply "Retry activity send in case of timeout or rate limit (#102)" 
This reverts commit 32da1b747c.
 2024-06-06 00:02:36 +02:00
Felix Ableitner
a251140952 Version 0.5.7 2024-06-05 23:09:53 +02:00
Felix Ableitner
32da1b747c Revert "Retry activity send in case of timeout or rate limit (#102)" 
This reverts commit 5402bc9c19.
 2024-06-05 23:05:26 +02:00
Felix Ableitner
16844f048a Version 0.5.6 2024-05-06 11:09:47 +02:00
Nutomic
cf1f84993b
Make response content-type check case insensitive (#111) 
* Make response content-type check case insensitive

For wordpress compat

* cleaner

* clippy

* fmt

* fmt
 2024-05-06 11:09:23 +02:00
Felix Ableitner
24afad7abc Version 0.5.5 2024-05-02 13:06:22 +02:00
Nutomic
c48de9e944
Upgrade dependencies (#110) 2024-05-02 06:58:08 -04:00
Nutomic
be69efdee3
Require signed digest when verifying signatures (#109) 2024-05-02 10:58:56 +02:00
Nutomic
ddc455510b
Dont crash when calling is_local_url() without domain (#108) 2024-05-02 10:58:33 +02:00
Felix Ableitner
ee268405f7 Version 0.5.4 2024-04-10 11:32:14 +02:00
Nutomic
54e8a1145f
Add function ObjectId.is_local (#106) 
* Add function ObjectId.is_local

* add test

* add test
 2024-04-10 11:31:55 +02:00
Felix Ableitner
779313ac22 Version 0.5.3 2024-04-09 11:30:43 +02:00
Nutomic
7def01a19a
Avoid running ci checks twice (#105) 
* Avoid running ci checks twice

* upgrade rust

* move clippy config to cargo.toml
 2024-04-09 11:28:57 +02:00
Nutomic
a2ac97db98
Allow fetching from local domain in case it redirects to remote (#104) 
* Allow fetching from local domain in case it redirects to remote

* clippy

* fix lemmy tests
 2024-04-09 11:28:22 +02:00
Nutomic
5402bc9c19
Retry activity send in case of timeout or rate limit (#102) 2024-04-09 10:38:08 +02:00
Felix Ableitner
1b46dd6f80 Version 0.5.2 2024-03-08 15:43:43 +01:00
Nutomic
da28c9c890
Fix request_counter check because fetch_add returns original value (#97) 2024-03-08 09:36:44 -05:00
Nutomic
9b31a7b44b
Get Mastodon signed fetch working (#98) 
* debug signed fetch

* regex

* content-type

* no dbg

* clippy
 2024-03-08 15:26:57 +01:00
Felix Ableitner
147f144769 Version 0.5.1 2024-03-04 16:27:44 +01:00
Felix Ableitner
3b5e5f66ba Upgrade dependencies 2024-03-04 16:23:46 +01:00
Nutomic
636b47c8b2
Add back activity send queue as optional feature (#94) 
* Add back activity send queue as optional feature

* fix port collision in tests

* improve docs

* serialize fn

* deduplicate

* more dedup

* more dedup

* dedupupup

* test cleanup

* remove fn
 2024-03-04 08:53:33 -05:00
Nutomic
a859db05bb
Add security checks when fetching objects (#95) 
* Add security checks when fetching objects

* static

* as ref

* update comment

* fix header

* Update comment
 2024-03-04 12:47:42 +01:00
Felix Ableitner
f907b6efa7 Version 0.5.1-beta.1 2024-01-05 16:21:20 +01:00
Nutomic
ec97b44de4
Fix return type for deserialize_one (#93) 2024-01-05 10:18:12 -05:00
Felix Ableitner
3efa99514c Version 0.5.0 2024-01-02 11:40:55 +01:00
Felix Ableitner
9c3c756890 Version 0.5.0-beta.7 2023-12-20 12:28:43 +01:00
Nutomic
9e8d466b40
Better JSON error messages (#91) 2023-12-20 06:19:58 -05:00
Nutomic
709f29b7f8
Context doesnt have to be an array (#90) 2023-12-20 11:21:33 +01:00
31 changed files with 1262 additions and 364 deletions
Show stats Expand all files Collapse all files

1
.github/CODEOWNERS vendored Normal file
View file

@ -0,0 +1 @@
* @Nutomic @dessalines

10
.gitignore vendored
View file

@ -2,4 +2,12 @@
/.idea
/Cargo.lock
perf.data*
flamegraph.svg
flamegraph.svg
# direnv
/.direnv
/.envrc
# nix flake
/flake.nix
/flake.lock

42
.woodpecker.yml
View file

@ -1,54 +1,56 @@
pipeline:
variables:
- &rust_image "rust:1.78-bullseye"
steps:
cargo_fmt:
image: rustdocker/rust:nightly
commands:
- /root/.cargo/bin/cargo fmt -- --check
cargo_check:
image: rust:1.70-bullseye
environment:
CARGO_HOME: .cargo
commands:
- cargo check --all-features --all-targets
when:
- event: pull_request
cargo_clippy:
image: rust:1.70-bullseye
image: *rust_image
environment:
CARGO_HOME: .cargo
commands:
- rustup component add clippy
- cargo clippy --all-targets --all-features --
-D warnings -D deprecated -D clippy::perf -D clippy::complexity
-D clippy::dbg_macro -D clippy::inefficient_to_string
-D clippy::items-after-statements -D clippy::implicit_clone
-D clippy::wildcard_imports -D clippy::cast_lossless
-D clippy::manual_string_new -D clippy::redundant_closure_for_method_calls
- cargo clippy --all-features -- -D clippy::unwrap_used
- cargo clippy --all-targets --all-features
when:
- event: pull_request
cargo_test:
image: rust:1.70-bullseye
image: *rust_image
environment:
CARGO_HOME: .cargo
commands:
- cargo test --all-features --no-fail-fast
when:
- event: pull_request
cargo_doc:
image: rust:1.70-bullseye
image: *rust_image
environment:
CARGO_HOME: .cargo
commands:
- cargo doc --all-features
when:
- event: pull_request
cargo_run_actix_example:
image: rust:1.70-bullseye
image: *rust_image
environment:
CARGO_HOME: .cargo
commands:
- cargo run --example local_federation actix-web
when:
- event: pull_request
cargo_run_axum_example:
image: rust:1.70-bullseye
image: *rust_image
environment:
CARGO_HOME: .cargo
commands:
- cargo run --example local_federation axum
when:
- event: pull_request

107
Cargo.toml
View file

@ -1,6 +1,6 @@
[package]
name = "activitypub_federation"
version = "0.5.0-beta.6"
version = "0.6.0-alpha2"
edition = "2021"
description = "High-level Activitypub framework"
keywords = ["activitypub", "activitystreams", "federation", "fediverse"]
@ -10,75 +10,92 @@ documentation = "https://docs.rs/activitypub_federation/"
[features]
default = ["actix-web", "axum"]
actix-web = ["dep:actix-web"]
axum = ["dep:axum", "dep:tower", "dep:hyper", "dep:http-body-util"]
actix-web = ["dep:actix-web", "dep:http02"]
axum = ["dep:axum", "dep:tower"]
diesel = ["dep:diesel"]
[lints.rust]
warnings = "deny"
deprecated = "deny"
[lints.clippy]
perf = { level = "deny", priority = -1 }
complexity = { level = "deny", priority = -1 }
dbg_macro = "deny"
inefficient_to_string = "deny"
items-after-statements = "deny"
implicit_clone = "deny"
wildcard_imports = "deny"
cast_lossless = "deny"
manual_string_new = "deny"
redundant_closure_for_method_calls = "deny"
unwrap_used = "deny"
[dependencies]
chrono = { version = "0.4.31", features = ["clock"], default-features = false }
serde = { version = "1.0.193", features = ["derive"] }
async-trait = "0.1.74"
url = { version = "2.5.0", features = ["serde"] }
serde_json = { version = "1.0.108", features = ["preserve_order"] }
reqwest = { version = "0.11.22", features = ["json", "stream"] }
reqwest-middleware = "0.2.4"
chrono = { version = "0.4.38", features = ["clock"], default-features = false }
serde = { version = "1.0.204", features = ["derive"] }
async-trait = "0.1.81"
url = { version = "2.5.2", features = ["serde"] }
serde_json = { version = "1.0.120", features = ["preserve_order"] }
reqwest = { version = "0.12.5", default-features = false, features = [
"json",
"stream",
"rustls-tls",
] }
reqwest-middleware = "0.3.2"
tracing = "0.1.40"
base64 = "0.21.5"
openssl = "0.10.61"
base64 = "0.22.1"
rand = "0.8.5"
rsa = "0.9.6"
once_cell = "1.19.0"
http = "0.2.11"
sha2 = "0.10.8"
thiserror = "1.0.50"
derive_builder = "0.12.0"
itertools = "0.12.0"
dyn-clone = "1.0.16"
http = "1.1.0"
sha2 = { version = "0.10.8", features = ["oid"] }
thiserror = "1.0.62"
derive_builder = "0.20.0"
itertools = "0.13.0"
dyn-clone = "1.0.17"
enum_delegate = "0.2.0"
httpdate = "1.0.3"
http-signature-normalization-reqwest = { version = "0.10.0", default-features = false, features = [
http-signature-normalization-reqwest = { version = "0.12.0", default-features = false, features = [
"sha-2",
"middleware",
"default-spawner",
] }
http-signature-normalization = "0.7.0"
bytes = "1.5.0"
futures-core = { version = "0.3.29", default-features = false }
pin-project-lite = "0.2.13"
bytes = "1.6.1"
futures-core = { version = "0.3.30", default-features = false }
pin-project-lite = "0.2.14"
activitystreams-kinds = "0.3.0"
regex = { version = "1.10.2", default-features = false, features = ["std", "unicode-case"] }
tokio = { version = "1.35.0", features = [
regex = { version = "1.10.5", default-features = false, features = [
"std",
"unicode",
] }
tokio = { version = "1.38.0", features = [
"sync",
"rt",
"rt-multi-thread",
"time",
] }
diesel = { version = "2.1.4", features = ["postgres"], default-features = false, optional = true }
futures = "0.3.29"
moka = { version = "0.12.1", features = ["future"] }
diesel = { version = "2.2.1", features = [
"postgres",
], default-features = false, optional = true }
futures = "0.3.30"
moka = { version = "0.12.8", features = ["future"] }
# Actix-web
actix-web = { version = "4.4.0", default-features = false, optional = true }
actix-web = { version = "4.8.0", default-features = false, optional = true }
http02 = { package = "http", version = "0.2.12", optional = true }
# Axum
axum = { version = "0.6.20", features = [
"json",
"headers",
], default-features = false, optional = true }
axum = { version = "0.7.5", features = ["json"], default-features = false, optional = true }
tower = { version = "0.4.13", optional = true }
hyper = { version = "0.14", optional = true }
http-body-util = {version = "0.1.0", optional = true }
[dev-dependencies]
anyhow = "1.0.75"
rand = "0.8.5"
env_logger = "0.10.1"
tower-http = { version = "0.5.0", features = ["map-request-body", "util"] }
axum = { version = "0.6.20", features = [
"http1",
"tokio",
"query",
], default-features = false }
axum-macros = "0.3.8"
tokio = { version = "1.35.0", features = ["full"] }
anyhow = "1.0.86"
axum = { version = "0.7.5", features = ["macros"] }
axum-extra = { version = "0.9.3", features = ["typed-header"] }
env_logger = "0.11.3"
tokio = { version = "1.38.0", features = ["full"] }
[profile.dev]
strip = "symbols"

9
docs/06_http_endpoints_axum.md
View file

@ -15,9 +15,9 @@ The next step is to allow other servers to fetch our actors and objects. For thi
# use activitypub_federation::config::FederationMiddleware;
# use axum::routing::get;
# use crate::activitypub_federation::traits::Object;
# use axum::headers::ContentType;
# use axum_extra::headers::ContentType;
# use activitypub_federation::FEDERATION_CONTENT_TYPE;
# use axum::TypedHeader;
# use axum_extra::TypedHeader;
# use axum::response::IntoResponse;
# use http::HeaderMap;
# async fn generate_user_html(_: String, _: Data<DbConnection>) -> axum::response::Response { todo!() }
@ -34,10 +34,9 @@ async fn main() -> Result<(), Error> {
.layer(FederationMiddleware::new(data));
let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
let listener = tokio::net::TcpListener::bind(addr).await?;
tracing::debug!("listening on {}", addr);
axum::Server::bind(&addr)
.serve(app.into_make_service())
.await?;
axum::serve(listener, app.into_make_service()).await?;
Ok(())
}

59
docs/09_sending_activities.md
View file

@ -4,6 +4,46 @@ To send an activity we need to initialize our previously defined struct, and pic
```
# use activitypub_federation::config::FederationConfig;
# use activitypub_federation::activity_queue::queue_activity;
# use activitypub_federation::http_signatures::generate_actor_keypair;
# use activitypub_federation::traits::Actor;
# use activitypub_federation::fetch::object_id::ObjectId;
# use activitypub_federation::traits::tests::{DB_USER, DbConnection, Follow};
# tokio::runtime::Runtime::new().unwrap().block_on(async {
# let db_connection = DbConnection;
# let config = FederationConfig::builder()
# .domain("example.com")
# .app_data(db_connection)
# .build().await?;
# let data = config.to_request_data();
# let sender = DB_USER.clone();
# let recipient = DB_USER.clone();
let activity = Follow {
actor: ObjectId::parse("https://lemmy.ml/u/nutomic")?,
object: recipient.federation_id.clone().into(),
kind: Default::default(),
id: "https://lemmy.ml/activities/321".try_into()?
};
let inboxes = vec![recipient.shared_inbox_or_inbox()];
queue_activity(&activity, &sender, inboxes, &data).await?;
# Ok::<(), anyhow::Error>(())
# }).unwrap()
```
The list of inboxes gets deduplicated (important for shared inbox). All inboxes on the local domain and those which fail the [crate::config::UrlVerifier] check are excluded from delivery. For each remaining inbox a background tasks is created. It signs the HTTP header with the given private key. Finally the activity is delivered to the inbox.
It is possible that delivery fails because the target instance is temporarily unreachable. In this case the task is scheduled for retry after a certain waiting time. For each task delivery is retried up to 3 times after the initial attempt. The retry intervals are as follows:
- one minute, in case of service restart
- one hour, in case of instance maintenance
- 2.5 days, in case of major incident with rebuild from backup
In case [crate::config::FederationConfigBuilder::debug] is enabled, no background thread is used but activities are sent directly on the foreground. This makes it easier to catch delivery errors and avoids complicated steps to await delivery in tests.
In some cases you may want to bypass the builtin activity queue, and implement your own. For example to specify different retry intervals, or to persist retries across application restarts. You can do it with the following code:
```rust
# use activitypub_federation::config::FederationConfig;
# use activitypub_federation::activity_sending::SendActivityTask;
# use activitypub_federation::http_signatures::generate_actor_keypair;
# use activitypub_federation::traits::Actor;
@ -28,23 +68,8 @@ let inboxes = vec![recipient.shared_inbox_or_inbox()];
let sends = SendActivityTask::prepare(&activity, &sender, inboxes, &data).await?;
for send in sends {
send.sign_and_send(&data).await?;
send.sign_and_send(&data).await?;
}
# Ok::<(), anyhow::Error>(())
# }).unwrap()
```
The list of inboxes gets deduplicated (important for shared inbox). All inboxes on the local
domain and those which fail the [crate::config::UrlVerifier] check are excluded from delivery.
For each remaining inbox a background tasks is created. It signs the HTTP header with the given
private key. Finally the activity is delivered to the inbox.
It is possible that delivery fails because the target instance is temporarily unreachable. In
this case the task is scheduled for retry after a certain waiting time. For each task delivery
is retried up to 3 times after the initial attempt. The retry intervals are as follows:
- one minute, in case of service restart
- one hour, in case of instance maintenance
- 2.5 days, in case of major incident with rebuild from backup
In case [crate::config::FederationConfigBuilder::debug] is enabled, no background thread is used but activities are sent directly on the foreground. This makes it easier to catch delivery errors and avoids complicated steps to await delivery in tests.
```

2
examples/live_federation/http.rs
View file

@ -14,11 +14,11 @@ use activitypub_federation::{
traits::Object,
};
use axum::{
debug_handler,
extract::{Path, Query},
response::{IntoResponse, Response},
Json,
};
use axum_macros::debug_handler;
use http::StatusCode;
use serde::Deserialize;

7
examples/live_federation/main.rs
View file

@ -1,3 +1,5 @@
#![allow(clippy::unwrap_used)]
use crate::{
database::Database,
http::{http_get_user, http_post_user_inbox, webfinger},
@ -62,9 +64,8 @@ async fn main() -> Result<(), Error> {
.to_socket_addrs()?
.next()
.expect("Failed to lookup domain name");
axum::Server::bind(&addr)
.serve(app.into_make_service())
.await?;
let listener = tokio::net::TcpListener::bind(addr).await?;
axum::serve(listener, app.into_make_service()).await?;
Ok(())
}

12
examples/live_federation/objects/post.rs
View file

@ -21,7 +21,6 @@ pub struct DbPost {
pub text: String,
pub ap_id: ObjectId<DbPost>,
pub creator: ObjectId<DbUser>,
pub local: bool,
}
#[derive(Deserialize, Serialize, Debug)]
@ -59,7 +58,15 @@ impl Object for DbPost {
}
async fn into_json(self, _data: &Data<Self::DataType>) -> Result<Self::Kind, Self::Error> {
unimplemented!()
Ok(Note {
kind: NoteType::Note,
id: self.ap_id,
content: self.text,
attributed_to: self.creator,
to: vec![public()],
tag: vec![],
in_reply_to: None,
})
}
async fn verify(
@ -81,7 +88,6 @@ impl Object for DbPost {
text: json.content,
ap_id: json.id.clone(),
creator: json.attributed_to.clone(),
local: false,
};
let mention = Mention {

2
examples/local_federation/activities/follow.rs
View file

@ -67,7 +67,7 @@ impl ActivityHandler for Follow {
let id = generate_object_id(data.domain())?;
let accept = Accept::new(local_user.ap_id.clone(), self, id.clone());
local_user
.send(accept, vec![follower.shared_inbox_or_inbox()], data)
.send(accept, vec![follower.shared_inbox_or_inbox()], false, data)
.await?;
Ok(())
}

11
examples/local_federation/axum/http.rs
View file

@ -14,13 +14,13 @@ use activitypub_federation::{
traits::Object,
};
use axum::{
debug_handler,
extract::{Path, Query},
response::IntoResponse,
routing::{get, post},
Json,
Router,
};
use axum_macros::debug_handler;
use serde::Deserialize;
use std::net::ToSocketAddrs;
use tracing::info;
@ -39,9 +39,14 @@ pub fn listen(config: &FederationConfig<DatabaseHandle>) -> Result<(), Error> {
.to_socket_addrs()?
.next()
.expect("Failed to lookup domain name");
let server = axum::Server::bind(&addr).serve(app.into_make_service());
let fut = async move {
let listener = tokio::net::TcpListener::bind(addr).await.unwrap();
axum::serve(listener, app.into_make_service())
.await
.unwrap();
};
tokio::spawn(server);
tokio::spawn(fut);
Ok(())
}

1
examples/local_federation/instance.rs
View file

@ -28,6 +28,7 @@ pub async fn new_instance(
.domain(hostname)
.signed_fetch_actor(&system_user)
.app_data(database)
.url_verifier(Box::new(MyUrlVerifier()))
.debug(true)
.build()
.await?;

2
examples/local_federation/main.rs
View file

@ -1,3 +1,5 @@
#![allow(clippy::unwrap_used)]
use crate::{
instance::{listen, new_instance, Webserver},
objects::post::DbPost,

17
examples/local_federation/objects/person.rs
View file

@ -6,6 +6,7 @@ use crate::{
utils::generate_object_id,
};
use activitypub_federation::{
activity_queue::queue_activity,
activity_sending::SendActivityTask,
config::Data,
fetch::{object_id::ObjectId, webfinger::webfinger_resolve_actor},
@ -85,7 +86,7 @@ impl DbUser {
let other: DbUser = webfinger_resolve_actor(other, data).await?;
let id = generate_object_id(data.domain())?;
let follow = Follow::new(self.ap_id.clone(), other.ap_id.clone(), id.clone());
self.send(follow, vec![other.shared_inbox_or_inbox()], data)
self.send(follow, vec![other.shared_inbox_or_inbox()], false, data)
.await?;
Ok(())
}
@ -98,7 +99,7 @@ impl DbUser {
let user: DbUser = ObjectId::from(f).dereference(data).await?;
inboxes.push(user.shared_inbox_or_inbox());
}
self.send(create, inboxes, data).await?;
self.send(create, inboxes, true, data).await?;
Ok(())
}
@ -106,6 +107,7 @@ impl DbUser {
&self,
activity: Activity,
recipients: Vec<Url>,
use_queue: bool,
data: &Data<DatabaseHandle>,
) -> Result<(), Error>
where
@ -113,9 +115,14 @@ impl DbUser {
<Activity as ActivityHandler>::Error: From<anyhow::Error> + From<serde_json::Error>,
{
let activity = WithContext::new_default(activity);
let sends = SendActivityTask::prepare(&activity, self, recipients, data).await?;
for send in sends {
send.sign_and_send(data).await?;
// Send through queue in some cases and bypass it in others to test both code paths
if use_queue {
queue_activity(&activity, self, recipients, data).await?;
} else {
let sends = SendActivityTask::prepare(&activity, self, recipients, data).await?;
for send in sends {
send.sign_and_send(data).await?;
}
}
Ok(())
}

521
src/activity_queue.rs Normal file
View file

@ -0,0 +1,521 @@
//! Queue for signing and sending outgoing activities with retry
//!
#![doc = include_str!("../docs/09_sending_activities.md")]
use crate::{
activity_sending::{build_tasks, SendActivityTask},
config::Data,
error::Error,
traits::{ActivityHandler, Actor},
};
use futures_core::Future;
use reqwest_middleware::ClientWithMiddleware;
use serde::Serialize;
use std::{
fmt::{Debug, Display},
sync::{
atomic::{AtomicUsize, Ordering},
Arc,
},
time::Duration,
};
use tokio::{
sync::mpsc::{unbounded_channel, UnboundedSender},
task::{JoinHandle, JoinSet},
};
use tracing::{info, warn};
use url::Url;
/// Send a new activity to the given inboxes with automatic retry on failure. Alternatively you
/// can implement your own queue and then send activities using [[crate::activity_sending::SendActivityTask]].
///
/// - `activity`: The activity to be sent, gets converted to json
/// - `private_key`: Private key belonging to the actor who sends the activity, for signing HTTP
/// signature. Generated with [crate::http_signatures::generate_actor_keypair].
/// - `inboxes`: List of remote actor inboxes that should receive the activity. Ignores local actor
/// inboxes. Should be built by calling [crate::traits::Actor::shared_inbox_or_inbox]
/// for each target actor.
pub async fn queue_activity<Activity, Datatype, ActorType>(
activity: &Activity,
actor: &ActorType,
inboxes: Vec<Url>,
data: &Data<Datatype>,
) -> Result<(), Error>
where
Activity: ActivityHandler + Serialize + Debug,
Datatype: Clone,
ActorType: Actor,
{
let config = &data.config;
let tasks = build_tasks(activity, actor, inboxes, data).await?;
for task in tasks {
// Don't use the activity queue if this is in debug mode, send and wait directly
if config.debug {
if let Err(err) = sign_and_send(
&task,
&config.client,
config.request_timeout,
Default::default(),
)
.await
{
warn!("{err}");
}
} else {
// This field is only optional to make builder work, its always present at this point
let activity_queue = config
.activity_queue
.as_ref()
.expect("Config has activity queue");
activity_queue.queue(task).await?;
let stats = activity_queue.get_stats();
let running = stats.running.load(Ordering::Relaxed);
if running == config.queue_worker_count && config.queue_worker_count != 0 {
warn!("Reached max number of send activity workers ({}). Consider increasing worker count to avoid federation delays", config.queue_worker_count);
warn!("{:?}", stats);
} else {
info!("{:?}", stats);
}
}
}
Ok(())
}
async fn sign_and_send(
task: &SendActivityTask,
client: &ClientWithMiddleware,
timeout: Duration,
retry_strategy: RetryStrategy,
) -> Result<(), Error> {
retry(
|| task.sign_and_send_internal(client, timeout),
retry_strategy,
)
.await
}
/// A simple activity queue which spawns tokio workers to send out requests
/// When creating a queue, it will spawn a task per worker thread
/// Uses an unbounded mpsc queue for communication (i.e, all messages are in memory)
pub(crate) struct ActivityQueue {
// Stats shared between the queue and workers
stats: Arc<Stats>,
sender: UnboundedSender<SendActivityTask>,
sender_task: JoinHandle<()>,
retry_sender_task: JoinHandle<()>,
}
/// Simple stat counter to show where we're up to with sending messages
/// This is a lock-free way to share things between tasks
/// When reading these values it's possible (but extremely unlikely) to get stale data if a worker task is in the middle of transitioning
#[derive(Default)]
pub(crate) struct Stats {
pending: AtomicUsize,
running: AtomicUsize,
retries: AtomicUsize,
dead_last_hour: AtomicUsize,
completed_last_hour: AtomicUsize,
}
impl Debug for Stats {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(
f,
"Activity queue stats: pending: {}, running: {}, retries: {}, dead: {}, complete: {}",
self.pending.load(Ordering::Relaxed),
self.running.load(Ordering::Relaxed),
self.retries.load(Ordering::Relaxed),
self.dead_last_hour.load(Ordering::Relaxed),
self.completed_last_hour.load(Ordering::Relaxed)
)
}
}
#[derive(Clone, Copy, Default)]
struct RetryStrategy {
/// Amount of time in seconds to back off
backoff: usize,
/// Amount of times to retry
retries: usize,
/// If this particular request has already been retried, you can add an offset here to increment the count to start
offset: usize,
/// Number of seconds to sleep before trying
initial_sleep: usize,
}
/// A tokio spawned worker which is responsible for submitting requests to federated servers
/// This will retry up to one time with the same signature, and if it fails, will move it to the retry queue.
/// We need to retry activity sending in case the target instances is temporarily unreachable.
/// In this case, the task is stored and resent when the instance is hopefully back up. This
/// list shows the retry intervals, and which events of the target instance can be covered:
/// - 60s (one minute, service restart) -- happens in the worker w/ same signature
/// - 60min (one hour, instance maintenance) --- happens in the retry worker
/// - 60h (2.5 days, major incident with rebuild from backup) --- happens in the retry worker
async fn worker(
client: ClientWithMiddleware,
timeout: Duration,
message: SendActivityTask,
retry_queue: UnboundedSender<SendActivityTask>,
stats: Arc<Stats>,
strategy: RetryStrategy,
) {
stats.pending.fetch_sub(1, Ordering::Relaxed);
stats.running.fetch_add(1, Ordering::Relaxed);
let outcome = sign_and_send(&message, &client, timeout, strategy).await;
// "Running" has finished, check the outcome
stats.running.fetch_sub(1, Ordering::Relaxed);
match outcome {
Ok(_) => {
stats.completed_last_hour.fetch_add(1, Ordering::Relaxed);
}
Err(_err) => {
stats.retries.fetch_add(1, Ordering::Relaxed);
warn!(
"Sending activity {} to {} to the retry queue to be tried again later",
message.activity_id, message.inbox
);
// Send to the retry queue. Ignoring whether it succeeds or not
retry_queue.send(message).ok();
}
}
}
async fn retry_worker(
client: ClientWithMiddleware,
timeout: Duration,
message: SendActivityTask,
stats: Arc<Stats>,
strategy: RetryStrategy,
) {
// Because the times are pretty extravagant between retries, we have to re-sign each time
let outcome = retry(
|| {
sign_and_send(
&message,
&client,
timeout,
RetryStrategy {
backoff: 0,
retries: 0,
offset: 0,
initial_sleep: 0,
},
)
},
strategy,
)
.await;
stats.retries.fetch_sub(1, Ordering::Relaxed);
match outcome {
Ok(_) => {
stats.completed_last_hour.fetch_add(1, Ordering::Relaxed);
}
Err(_err) => {
stats.dead_last_hour.fetch_add(1, Ordering::Relaxed);
}
}
}
impl ActivityQueue {
fn new(
client: ClientWithMiddleware,
worker_count: usize,
retry_count: usize,
timeout: Duration,
backoff: usize, // This should be 60 seconds by default or 1 second in tests
) -> Self {
let stats: Arc<Stats> = Default::default();
// This task clears the dead/completed stats every hour
let hour_stats = stats.clone();
tokio::spawn(async move {
let duration = Duration::from_secs(3600);
loop {
tokio::time::sleep(duration).await;
hour_stats.completed_last_hour.store(0, Ordering::Relaxed);
hour_stats.dead_last_hour.store(0, Ordering::Relaxed);
}
});
let (retry_sender, mut retry_receiver) = unbounded_channel();
let retry_stats = stats.clone();
let retry_client = client.clone();
// The "fast path" retry
// The backoff should be < 5 mins for this to work otherwise signatures may expire
// This strategy is the one that is used with the *same* signature
let strategy = RetryStrategy {
backoff,
retries: 1,
offset: 0,
initial_sleep: 0,
};
// The "retry path" strategy
// After the fast path fails, a task will sleep up to backoff ^ 2 and then retry again
let retry_strategy = RetryStrategy {
backoff,
retries: 3,
offset: 2,
initial_sleep: backoff.pow(2), // wait 60 mins before even trying
};
let retry_sender_task = tokio::spawn(async move {
let mut join_set = JoinSet::new();
while let Some(message) = retry_receiver.recv().await {
let retry_task = retry_worker(
retry_client.clone(),
timeout,
message,
retry_stats.clone(),
retry_strategy,
);
if retry_count > 0 {
// If we're over the limit of retries, wait for them to finish before spawning
while join_set.len() >= retry_count {
join_set.join_next().await;
}
join_set.spawn(retry_task);
} else {
// If the retry worker count is `0` then just spawn and don't use the join_set
tokio::spawn(retry_task);
}
}
while !join_set.is_empty() {
join_set.join_next().await;
}
});
let (sender, mut receiver) = unbounded_channel();
let sender_stats = stats.clone();
let sender_task = tokio::spawn(async move {
let mut join_set = JoinSet::new();
while let Some(message) = receiver.recv().await {
let task = worker(
client.clone(),
timeout,
message,
retry_sender.clone(),
sender_stats.clone(),
strategy,
);
if worker_count > 0 {
// If we're over the limit of workers, wait for them to finish before spawning
while join_set.len() >= worker_count {
join_set.join_next().await;
}
join_set.spawn(task);
} else {
// If the worker count is `0` then just spawn and don't use the join_set
tokio::spawn(task);
}
}
drop(retry_sender);
while !join_set.is_empty() {
join_set.join_next().await;
}
});
Self {
stats,
sender,
sender_task,
retry_sender_task,
}
}
async fn queue(&self, message: SendActivityTask) -> Result<(), Error> {
self.stats.pending.fetch_add(1, Ordering::Relaxed);
self.sender
.send(message)
.map_err(|e| Error::ActivityQueueError(e.0.activity_id))?;
Ok(())
}
fn get_stats(&self) -> &Stats {
&self.stats
}
#[allow(unused)]
// Drops all the senders and shuts down the workers
pub(crate) async fn shutdown(self, wait_for_retries: bool) -> Result<Arc<Stats>, Error> {
drop(self.sender);
self.sender_task.await?;
if wait_for_retries {
self.retry_sender_task.await?;
}
Ok(self.stats)
}
}
/// Creates an activity queue using tokio spawned tasks
/// Note: requires a tokio runtime
pub(crate) fn create_activity_queue(
client: ClientWithMiddleware,
worker_count: usize,
retry_count: usize,
request_timeout: Duration,
) -> ActivityQueue {
ActivityQueue::new(client, worker_count, retry_count, request_timeout, 60)
}
/// Retries a future action factory function up to `amount` times with an exponential backoff timer between tries
async fn retry<T, E: Display + Debug, F: Future<Output = Result<T, E>>, A: FnMut() -> F>(
mut action: A,
strategy: RetryStrategy,
) -> Result<T, E> {
let mut count = strategy.offset;
// Do an initial sleep if it's called for
if strategy.initial_sleep > 0 {
let sleep_dur = Duration::from_secs(strategy.initial_sleep as u64);
tokio::time::sleep(sleep_dur).await;
}
loop {
match action().await {
Ok(val) => return Ok(val),
Err(err) => {
if count < strategy.retries {
count += 1;
let sleep_amt = strategy.backoff.pow(count as u32) as u64;
let sleep_dur = Duration::from_secs(sleep_amt);
warn!("{err:?}. Sleeping for {sleep_dur:?} and trying again");
tokio::time::sleep(sleep_dur).await;
continue;
} else {
return Err(err);
}
}
}
}
}
#[cfg(test)]
#[allow(clippy::unwrap_used)]
mod tests {
use super::*;
use crate::http_signatures::generate_actor_keypair;
use axum::extract::State;
use bytes::Bytes;
use http::{HeaderMap, StatusCode};
use std::time::Instant;
use tracing::debug;
// This will periodically send back internal errors to test the retry
async fn dodgy_handler(
State(state): State<Arc<AtomicUsize>>,
headers: HeaderMap,
body: Bytes,
) -> Result<(), StatusCode> {
debug!("Headers:{:?}", headers);
debug!("Body len:{}", body.len());
if state.fetch_add(1, Ordering::Relaxed) % 20 == 0 {
return Err(StatusCode::INTERNAL_SERVER_ERROR);
}
Ok(())
}
async fn test_server() {
use axum::{routing::post, Router};
// We should break every now and then ;)
let state = Arc::new(AtomicUsize::new(0));
let app = Router::new()
.route("/", post(dodgy_handler))
.with_state(state);
let listener = tokio::net::TcpListener::bind("0.0.0.0:8002").await.unwrap();
axum::serve(listener, app.into_make_service())
.await
.unwrap();
}
#[tokio::test(flavor = "multi_thread")]
// Queues 100 messages and then asserts that the worker runs them
async fn test_activity_queue_workers() {
let num_workers = 64;
let num_messages: usize = 100;
tokio::spawn(test_server());
/*
// uncomment for debug logs & stats
use tracing::log::LevelFilter;
env_logger::builder()
.filter_level(LevelFilter::Warn)
.filter_module("activitypub_federation", LevelFilter::Info)
.format_timestamp(None)
.init();
*/
let activity_queue = ActivityQueue::new(
reqwest::Client::default().into(),
num_workers,
num_workers,
Duration::from_secs(10),
1,
);
let keypair = generate_actor_keypair().unwrap();
let message = SendActivityTask {
actor_id: "http://localhost:8002".parse().unwrap(),
activity_id: "http://localhost:8002/activity".parse().unwrap(),
activity: "{}".into(),
inbox: "http://localhost:8002".parse().unwrap(),
private_key: keypair.private_key().unwrap(),
http_signature_compat: true,
};
let start = Instant::now();
for _ in 0..num_messages {
activity_queue.queue(message.clone()).await.unwrap();
}
info!("Queue Sent: {:?}", start.elapsed());
let stats = activity_queue.shutdown(true).await.unwrap();
info!(
"Queue Finished. Num msgs: {}, Time {:?}, msg/s: {:0.0}",
num_messages,
start.elapsed(),
num_messages as f64 / start.elapsed().as_secs_f64()
);
assert_eq!(
stats.completed_last_hour.load(Ordering::Relaxed),
num_messages
);
}
}

251
src/activity_sending.rs
View file

@ -10,116 +10,123 @@ use crate::{
traits::{ActivityHandler, Actor},
FEDERATION_CONTENT_TYPE,
};
use bytes::Bytes;
use futures::StreamExt;
use http::StatusCode;
use httpdate::fmt_http_date;
use itertools::Itertools;
use openssl::pkey::{PKey, Private};
use reqwest::header::{HeaderMap, HeaderName, HeaderValue};
use reqwest::{
header::{HeaderMap, HeaderName, HeaderValue},
Response,
};
use reqwest_middleware::ClientWithMiddleware;
use rsa::{pkcs8::DecodePrivateKey, RsaPrivateKey};
use serde::Serialize;
use std::{
self,
fmt::{Debug, Display},
time::SystemTime,
time::{Duration, Instant, SystemTime},
};
use tracing::debug;
use tracing::{debug, warn};
use url::Url;
#[derive(Clone, Debug)]
/// all info needed to send one activity to one inbox
pub struct SendActivityTask<'a> {
actor_id: &'a Url,
activity_id: &'a Url,
activity: Bytes,
inbox: Url,
private_key: PKey<Private>,
http_signature_compat: bool,
/// All info needed to sign and send one activity to one inbox. You should generally use
/// [[crate::activity_queue::queue_activity]] unless you want implement your own queue.
pub struct SendActivityTask {
pub(crate) actor_id: Url,
pub(crate) activity_id: Url,
pub(crate) activity: Bytes,
pub(crate) inbox: Url,
pub(crate) private_key: RsaPrivateKey,
pub(crate) http_signature_compat: bool,
}
impl Display for SendActivityTask<'_> {
impl Display for SendActivityTask {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
write!(f, "{} to {}", self.activity_id, self.inbox)
}
}
impl SendActivityTask<'_> {
/// prepare an activity for sending
impl SendActivityTask {
/// Prepare an activity for sending
///
/// - `activity`: The activity to be sent, gets converted to json
/// - `inboxes`: List of remote actor inboxes that should receive the activity. Ignores local actor
/// inboxes. Should be built by calling [crate::traits::Actor::shared_inbox_or_inbox]
/// for each target actor.
pub async fn prepare<'a, Activity, Datatype, ActorType>(
activity: &'a Activity,
pub async fn prepare<Activity, Datatype, ActorType>(
activity: &Activity,
actor: &ActorType,
inboxes: Vec<Url>,
data: &Data<Datatype>,
) -> Result<Vec<SendActivityTask<'a>>, Error>
) -> Result<Vec<SendActivityTask>, Error>
where
Activity: ActivityHandler + Serialize,
Activity: ActivityHandler + Serialize + Debug,
Datatype: Clone,
ActorType: Actor,
{
let config = &data.config;
let actor_id = activity.actor();
let activity_id = activity.id();
let activity_serialized: Bytes = serde_json::to_vec(&activity).map_err(Error::Json)?.into();
let private_key = get_pkey_cached(data, actor).await?;
Ok(futures::stream::iter(
inboxes
.into_iter()
.unique()
.filter(|i| !config.is_local_url(i)),
)
.filter_map(|inbox| async {
if let Err(err) = config.verify_url_valid(&inbox).await {
debug!("inbox url invalid, skipping: {inbox}: {err}");
return None;
};
Some(SendActivityTask {
actor_id,
activity_id,
inbox,
activity: activity_serialized.clone(),
private_key: private_key.clone(),
http_signature_compat: config.http_signature_compat,
})
})
.collect()
.await)
build_tasks(activity, actor, inboxes, data).await
}
/// convert a sendactivitydata to a request, signing and sending it
pub async fn sign_and_send<Datatype: Clone>(&self, data: &Data<Datatype>) -> Result<(), Error> {
let client = &data.config.client;
self.sign_and_send_internal(&data.config.client, data.config.request_timeout)
.await
}
pub(crate) async fn sign_and_send_internal(
&self,
client: &ClientWithMiddleware,
timeout: Duration,
) -> Result<(), Error> {
debug!("Sending {} to {}", self.activity_id, self.inbox,);
let request_builder = client
.post(self.inbox.to_string())
.timeout(data.config.request_timeout)
.timeout(timeout)
.headers(generate_request_headers(&self.inbox));
let request = sign_request(
request_builder,
self.actor_id,
&self.actor_id,
self.activity.clone(),
self.private_key.clone(),
self.http_signature_compat,
)
.await?;
let response = client.execute(request).await?;
match response {
o if o.status().is_success() => {
// Send the activity, and log a warning if its too slow.
let now = Instant::now();
let response = client.execute(request).await?;
let elapsed = now.elapsed().as_secs();
if elapsed > 10 {
warn!(
"Sending activity {} to {} took {}s",
self.activity_id, self.inbox, elapsed
);
}
self.handle_response(response).await
}
/// Based on the HTTP status code determines if an activity was delivered successfully. In that case
/// Ok is returned. Otherwise it returns Err and the activity send should be retried later.
///
/// Equivalent code in mastodon: https://github.com/mastodon/mastodon/blob/v4.2.8/app/helpers/jsonld_helper.rb#L215-L217
async fn handle_response(&self, response: Response) -> Result<(), Error> {
match response.status() {
status if status.is_success() => {
debug!("Activity {self} delivered successfully");
Ok(())
}
o if o.status().is_client_error() => {
let text = o.text_limited().await?;
status
if status.is_client_error()
&& status != StatusCode::REQUEST_TIMEOUT
&& status != StatusCode::TOO_MANY_REQUESTS =>
{
let text = response.text_limited().await?;
debug!("Activity {self} was rejected, aborting: {text}");
Ok(())
}
o => {
let status = o.status();
let text = o.text_limited().await?;
status => {
let text = response.text_limited().await?;
Err(Error::Other(format!(
"Activity {self} failure with status {status}: {text}",
@ -129,10 +136,53 @@ impl SendActivityTask<'_> {
}
}
async fn get_pkey_cached<ActorType>(
pub(crate) async fn build_tasks<'a, Activity, Datatype, ActorType>(
activity: &'a Activity,
actor: &ActorType,
inboxes: Vec<Url>,
data: &Data<Datatype>,
) -> Result<Vec<SendActivityTask>, Error>
where
Activity: ActivityHandler + Serialize + Debug,
Datatype: Clone,
ActorType: Actor,
{
let config = &data.config;
let actor_id = activity.actor();
let activity_id = activity.id();
let activity_serialized: Bytes = serde_json::to_vec(activity)
.map_err(|e| Error::SerializeOutgoingActivity(e, format!("{:?}", activity)))?
.into();
let private_key = get_pkey_cached(data, actor).await?;
Ok(futures::stream::iter(
inboxes
.into_iter()
.unique()
.filter(|i| !config.is_local_url(i)),
)
.filter_map(|inbox| async {
if let Err(err) = config.verify_url_valid(&inbox).await {
debug!("inbox url invalid, skipping: {inbox}: {err}");
return None;
};
Some(SendActivityTask {
actor_id: actor_id.clone(),
activity_id: activity_id.clone(),
inbox,
activity: activity_serialized.clone(),
private_key: private_key.clone(),
http_signature_compat: config.http_signature_compat,
})
})
.collect()
.await)
}
pub(crate) async fn get_pkey_cached<ActorType>(
data: &Data<impl Clone>,
actor: &ActorType,
) -> Result<PKey<Private>, Error>
) -> Result<RsaPrivateKey, Error>
where
ActorType: Actor,
{
@ -149,13 +199,13 @@ where
// This is a mostly expensive blocking call, we don't want to tie up other tasks while this is happening
let pkey = tokio::task::spawn_blocking(move || {
PKey::private_key_from_pem(private_key_pem.as_bytes()).map_err(|err| {
RsaPrivateKey::from_pkcs8_pem(&private_key_pem).map_err(|err| {
Error::Other(format!("Could not create private key from PEM data:{err}"))
})
})
.await
.map_err(|err| Error::Other(format!("Error joining: {err}")))??;
std::result::Result::<PKey<Private>, Error>::Ok(pkey)
std::result::Result::<RsaPrivateKey, Error>::Ok(pkey)
})
.await
.map_err(|e| Error::Other(format!("cloned error: {e}")))
@ -184,33 +234,20 @@ pub(crate) fn generate_request_headers(inbox_url: &Url) -> HeaderMap {
}
#[cfg(test)]
#[allow(clippy::unwrap_used)]
mod tests {
use axum::extract::State;
use bytes::Bytes;
use http::StatusCode;
use super::*;
use crate::{config::FederationConfig, http_signatures::generate_actor_keypair};
use std::{
sync::{atomic::AtomicUsize, Arc},
time::Instant,
};
use tracing::info;
use crate::{config::FederationConfig, http_signatures::generate_actor_keypair};
use super::*;
#[allow(unused)]
// This will periodically send back internal errors to test the retry
async fn dodgy_handler(
State(state): State<Arc<AtomicUsize>>,
headers: HeaderMap,
body: Bytes,
) -> Result<(), StatusCode> {
async fn dodgy_handler(headers: HeaderMap, body: Bytes) -> Result<(), StatusCode> {
debug!("Headers:{:?}", headers);
debug!("Body len:{}", body.len());
/*if state.fetch_add(1, Ordering::Relaxed) % 20 == 0 {
return Err(StatusCode::INTERNAL_SERVER_ERROR);
}*/
Ok(())
}
@ -224,8 +261,8 @@ mod tests {
.route("/", post(dodgy_handler))
.with_state(state);
axum::Server::bind(&"0.0.0.0:8001".parse().unwrap())
.serve(app.into_make_service())
let listener = tokio::net::TcpListener::bind("0.0.0.0:8001").await.unwrap();
axum::serve(listener, app.into_make_service())
.await
.unwrap();
}
@ -251,8 +288,8 @@ mod tests {
let keypair = generate_actor_keypair().unwrap();
let message = SendActivityTask {
actor_id: &"http://localhost:8001".parse().unwrap(),
activity_id: &"http://localhost:8001/activity".parse().unwrap(),
actor_id: "http://localhost:8001".parse().unwrap(),
activity_id: "http://localhost:8001/activity".parse().unwrap(),
activity: "{}".into(),
inbox: "http://localhost:8001".parse().unwrap(),
private_key: keypair.private_key().unwrap(),
@ -274,4 +311,48 @@ mod tests {
info!("Queue Sent: {:?}", start.elapsed());
Ok(())
}
#[tokio::test]
async fn test_handle_response() {
let keypair = generate_actor_keypair().unwrap();
let message = SendActivityTask {
actor_id: "http://localhost:8001".parse().unwrap(),
activity_id: "http://localhost:8001/activity".parse().unwrap(),
activity: "{}".into(),
inbox: "http://localhost:8001".parse().unwrap(),
private_key: keypair.private_key().unwrap(),
http_signature_compat: true,
};
let res = |status| {
http::Response::builder()
.status(status)
.body(vec![])
.unwrap()
.into()
};
assert!(message.handle_response(res(StatusCode::OK)).await.is_ok());
assert!(message
.handle_response(res(StatusCode::BAD_REQUEST))
.await
.is_ok());
assert!(message
.handle_response(res(StatusCode::MOVED_PERMANENTLY))
.await
.is_err());
assert!(message
.handle_response(res(StatusCode::REQUEST_TIMEOUT))
.await
.is_err());
assert!(message
.handle_response(res(StatusCode::TOO_MANY_REQUESTS))
.await
.is_err());
assert!(message
.handle_response(res(StatusCode::INTERNAL_SERVER_ERROR))
.await
.is_err());
}
}

30
src/actix_web/http_compat.rs Normal file
View file

@ -0,0 +1,30 @@
//! Remove these conversion helpers after actix-web upgrades to http 1.0
use std::str::FromStr;
pub fn header_value(v: &http02::HeaderValue) -> http::HeaderValue {
http::HeaderValue::from_bytes(v.as_bytes()).expect("can convert http types")
}
pub fn header_map<'a, H>(m: H) -> http::HeaderMap
where
H: IntoIterator<Item = (&'a http02::HeaderName, &'a http02::HeaderValue)>,
{
let mut new_map = http::HeaderMap::new();
for (n, v) in m {
new_map.insert(
http::HeaderName::from_lowercase(n.as_str().as_bytes())
.expect("can convert http types"),
header_value(v),
);
}
new_map
}
pub fn method(m: &http02::Method) -> http::Method {
http::Method::from_bytes(m.as_str().as_bytes()).expect("can convert http types")
}
pub fn uri(m: &http02::Uri) -> http::Uri {
http::Uri::from_str(&m.to_string()).expect("can convert http types")
}

34
src/actix_web/inbox.rs
View file

@ -1,5 +1,6 @@
//! Handles incoming activities, verifying HTTP signatures and other checks
use super::http_compat;
use crate::{
config::Data,
error::Error,
@ -27,16 +28,18 @@ where
<ActorT as Object>::Error: From<Error>,
Datatype: Clone,
{
verify_body_hash(request.headers().get("Digest"), &body)?;
let digest_header = request
.headers()
.get("Digest")
.map(http_compat::header_value);
verify_body_hash(digest_header.as_ref(), &body)?;
let (activity, actor) = parse_received_activity::<Activity, ActorT, _>(&body, data).await?;
verify_signature(
request.headers(),
request.method(),
request.uri(),
actor.public_key_pem(),
)?;
let headers = http_compat::header_map(request.headers());
let method = http_compat::method(request.method());
let uri = http_compat::uri(request.uri());
verify_signature(&headers, &method, &uri, actor.public_key_pem())?;
debug!("Receiving activity {}", activity.id().to_string());
activity.verify(data).await?;
@ -45,6 +48,7 @@ where
}
#[cfg(test)]
#[allow(clippy::unwrap_used)]
mod test {
use super::*;
use crate::{
@ -60,6 +64,16 @@ mod test {
use serde_json::json;
use url::Url;
/// Remove this conversion helper after actix-web upgrades to http 1.0
fn header_pair(
p: (&http::HeaderName, &http::HeaderValue),
) -> (http02::HeaderName, http02::HeaderValue) {
(
http02::HeaderName::from_lowercase(p.0.as_str().as_bytes()).unwrap(),
http02::HeaderValue::from_bytes(p.1.as_bytes()).unwrap(),
)
}
#[tokio::test]
async fn test_receive_activity() {
let (body, incoming_request, config) = setup_receive_test().await;
@ -130,8 +144,8 @@ mod test {
.await;
match res {
Err(Error::ParseReceivedActivity(url, _)) => {
assert_eq!(id, url.as_str());
Err(Error::ParseReceivedActivity(_, url)) => {
assert_eq!(id, url.expect("has url").as_str());
}
_ => unreachable!(),
}
@ -154,7 +168,7 @@ mod test {
.unwrap();
let mut incoming_request = TestRequest::post().uri(outgoing_request.url().path());
for h in outgoing_request.headers() {
incoming_request = incoming_request.append_header(h);
incoming_request = incoming_request.append_header(header_pair(h));
}
incoming_request
}

12
src/actix_web/mod.rs
View file

@ -1,5 +1,6 @@
//! Utilities for using this library with actix-web framework
mod http_compat;
pub mod inbox;
#[doc(hidden)]
pub mod middleware;
@ -25,7 +26,14 @@ where
<A as Object>::Error: From<Error>,
for<'de2> <A as Object>::Kind: Deserialize<'de2>,
{
verify_body_hash(request.headers().get("Digest"), &body.unwrap_or_default())?;
let digest_header = request
.headers()
.get("Digest")
.map(http_compat::header_value);
verify_body_hash(digest_header.as_ref(), &body.unwrap_or_default())?;
http_signatures::signing_actor(request.headers(), request.method(), request.uri(), data).await
let headers = http_compat::header_map(request.headers());
let method = http_compat::method(request.method());
let uri = http_compat::uri(request.uri());
http_signatures::signing_actor(&headers, &method, &uri, data).await
}

12
src/axum/inbox.rs
View file

@ -11,7 +11,7 @@ use crate::{
};
use axum::{
async_trait,
body::{Bytes, HttpBody},
body::Body,
extract::FromRequest,
http::{Request, StatusCode},
response::{IntoResponse, Response},
@ -59,21 +59,17 @@ pub struct ActivityData {
}
#[async_trait]
impl<S, B> FromRequest<S, B> for ActivityData
impl<S> FromRequest<S> for ActivityData
where
Bytes: FromRequest<S, B>,
B: HttpBody + Send + 'static,
S: Send + Sync,
<B as HttpBody>::Error: std::fmt::Display,
<B as HttpBody>::Data: Send,
{
type Rejection = Response;
async fn from_request(req: Request<B>, _state: &S) -> Result<Self, Self::Rejection> {
async fn from_request(req: Request<Body>, _state: &S) -> Result<Self, Self::Rejection> {
let (parts, body) = req.into_parts();
// this wont work if the body is an long running stream
let bytes = hyper::body::to_bytes(body)
let bytes = axum::body::to_bytes(body, usize::MAX)
.await
.map_err(|err| (StatusCode::INTERNAL_SERVER_ERROR, err.to_string()).into_response())?;

79
src/config.rs
View file

@ -15,6 +15,7 @@
//! ```
use crate::{
activity_queue::{create_activity_queue, ActivityQueue},
error::Error,
protocol::verification::verify_domains_match,
traits::{ActivityHandler, Actor},
@ -23,8 +24,8 @@ use async_trait::async_trait;
use derive_builder::Builder;
use dyn_clone::{clone_trait_object, DynClone};
use moka::future::Cache;
use openssl::pkey::{PKey, Private};
use reqwest_middleware::ClientWithMiddleware;
use rsa::{pkcs8::DecodePrivateKey, RsaPrivateKey};
use serde::de::DeserializeOwned;
use std::{
ops::Deref,
@ -79,12 +80,26 @@ pub struct FederationConfig<T: Clone> {
/// This can be used to implement secure mode federation.
/// <https://docs.joinmastodon.org/spec/activitypub/#secure-mode>
#[builder(default = "None", setter(custom))]
pub(crate) signed_fetch_actor: Option<Arc<(Url, PKey<Private>)>>,
pub(crate) signed_fetch_actor: Option<Arc<(Url, RsaPrivateKey)>>,
#[builder(
default = "Cache::builder().max_capacity(10000).build()",
setter(custom)
)]
pub(crate) actor_pkey_cache: Cache<Url, PKey<Private>>,
pub(crate) actor_pkey_cache: Cache<Url, RsaPrivateKey>,
/// Queue for sending outgoing activities. Only optional to make builder work, its always
/// present once constructed.
#[builder(setter(skip))]
pub(crate) activity_queue: Option<Arc<ActivityQueue>>,
/// When sending with activity queue: Number of tasks that can be in-flight concurrently.
/// Tasks are retried once after a minute, then put into the retry queue.
/// Setting this count to `0` means that there is no limit to concurrency
#[builder(default = "0")]
pub(crate) queue_worker_count: usize,
/// When sending with activity queue: Number of concurrent tasks that are being retried
/// in-flight concurrently. Tasks are retried after an hour, then again in 60 hours.
/// Setting this count to `0` means that there is no limit to concurrency
#[builder(default = "0")]
pub(crate) queue_retry_count: usize,
}
impl<T: Clone> FederationConfig<T> {
@ -159,11 +174,17 @@ impl<T: Clone> FederationConfig<T> {
/// Returns true if the url refers to this instance. Handles hostnames like `localhost:8540` for
/// local debugging.
pub(crate) fn is_local_url(&self, url: &Url) -> bool {
let mut domain = url.host_str().expect("id has domain").to_string();
if let Some(port) = url.port() {
domain = format!("{}:{}", domain, port);
match url.host_str() {
Some(domain) => {
let domain = if let Some(port) = url.port() {
format!("{}:{}", domain, port)
} else {
domain.to_string()
};
domain == self.domain
}
None => false,
}
domain == self.domain
}
/// Returns the local domain
@ -179,8 +200,8 @@ impl<T: Clone> FederationConfigBuilder<T> {
.private_key_pem()
.expect("actor does not have a private key to sign with");
let private_key = PKey::private_key_from_pem(private_key_pem.as_bytes())
.expect("Could not decode PEM data");
let private_key =
RsaPrivateKey::from_pkcs8_pem(&private_key_pem).expect("Could not decode PEM data");
self.signed_fetch_actor = Some(Some(Arc::new((actor.id(), private_key))));
self
}
@ -197,7 +218,14 @@ impl<T: Clone> FederationConfigBuilder<T> {
/// queue for outgoing activities, which is stored internally in the config struct.
/// Requires a tokio runtime for the background queue.
pub async fn build(&mut self) -> Result<FederationConfig<T>, FederationConfigBuilderError> {
let config = self.partial_build()?;
let mut config = self.partial_build()?;
let queue = create_activity_queue(
config.client.clone(),
config.queue_worker_count,
config.queue_retry_count,
config.request_timeout,
);
config.activity_queue = Some(Arc::new(queue));
Ok(config)
}
}
@ -319,3 +347,34 @@ impl<T: Clone> FederationMiddleware<T> {
FederationMiddleware(config)
}
}
#[cfg(test)]
#[allow(clippy::unwrap_used)]
mod test {
use super::*;
async fn config() -> FederationConfig<i32> {
FederationConfig::builder()
.domain("example.com")
.app_data(1)
.build()
.await
.unwrap()
}
#[tokio::test]
async fn test_url_is_local() -> Result<(), Error> {
let config = config().await;
assert!(config.is_local_url(&Url::parse("http://example.com")?));
assert!(!config.is_local_url(&Url::parse("http://other.com")?));
// ensure that missing domain doesnt cause crash
assert!(!config.is_local_url(&Url::parse("http://127.0.0.1")?));
Ok(())
}
#[tokio::test]
async fn test_get_domain() {
let config = config().await;
assert_eq!("example.com", config.domain());
}
}

60
src/error.rs
View file

@ -1,12 +1,14 @@
//! Error messages returned by this library
use std::string::FromUtf8Error;
use http_signature_normalization_reqwest::SignError;
use openssl::error::ErrorStack;
use url::Url;
use crate::fetch::webfinger::WebFingerError;
use http_signature_normalization_reqwest::SignError;
use rsa::{
errors::Error as RsaError,
pkcs8::{spki::Error as SpkiError, Error as Pkcs8Error},
};
use std::string::FromUtf8Error;
use tokio::task::JoinError;
use url::Url;
/// Error messages returned by this library
#[derive(thiserror::Error, Debug)]
@ -35,12 +37,18 @@ pub enum Error {
/// Failed to resolve actor via webfinger
#[error("Failed to resolve actor via webfinger")]
WebfingerResolveFailed(#[from] WebFingerError),
/// JSON Error
#[error(transparent)]
Json(#[from] serde_json::Error),
/// Failed to serialize outgoing activity
#[error("Failed to serialize outgoing activity {1}: {0}")]
SerializeOutgoingActivity(serde_json::Error, String),
/// Failed to parse an object fetched from url
#[error("Failed to parse object {1} with content {2}: {0}")]
ParseFetchedObject(serde_json::Error, Url, String),
/// Failed to parse an activity received from another instance
#[error("Failed to parse incoming activity with id {0}: {1}")]
ParseReceivedActivity(Url, serde_json::Error),
#[error("Failed to parse incoming activity {}: {0}", match .1 {
Some(t) => format!("with id {t}"),
None => String::new(),
})]
ParseReceivedActivity(serde_json::Error, Option<Url>),
/// Reqwest Middleware Error
#[error(transparent)]
ReqwestMiddleware(#[from] reqwest_middleware::Error),
@ -56,13 +64,39 @@ pub enum Error {
/// Signing errors
#[error(transparent)]
SignError(#[from] SignError),
/// Failed to queue activity for sending
#[error("Failed to queue activity {0} for sending")]
ActivityQueueError(Url),
/// Stop activity queue
#[error(transparent)]
StopActivityQueue(#[from] JoinError),
/// Attempted to fetch object which doesn't have valid ActivityPub Content-Type
#[error(
"Attempted to fetch object from {0} which doesn't have valid ActivityPub Content-Type"
)]
FetchInvalidContentType(Url),
/// Attempted to fetch object but the response's id field doesn't match
#[error("Attempted to fetch object from {0} but the response's id field doesn't match")]
FetchWrongId(Url),
/// Other generic errors
#[error("{0}")]
Other(String),
}
impl From<ErrorStack> for Error {
fn from(value: ErrorStack) -> Self {
impl From<RsaError> for Error {
fn from(value: RsaError) -> Self {
Error::Other(value.to_string())
}
}
impl From<Pkcs8Error> for Error {
fn from(value: Pkcs8Error) -> Self {
Error::Other(value.to_string())
}
}
impl From<SpkiError> for Error {
fn from(value: SpkiError) -> Self {
Error::Other(value.to_string())
}
}

111
src/fetch/mod.rs
View file

@ -4,13 +4,14 @@
use crate::{
config::Data,
error::Error,
error::{Error, Error::ParseFetchedObject},
extract_id,
http_signatures::sign_request,
reqwest_shim::ResponseExt,
FEDERATION_CONTENT_TYPE,
};
use bytes::Bytes;
use http::StatusCode;
use http::{HeaderValue, StatusCode};
use serde::de::DeserializeOwned;
use std::sync::atomic::Ordering;
use tracing::info;
@ -29,6 +30,8 @@ pub struct FetchObjectResponse<Kind> {
pub object: Kind,
/// Contains the final URL (different from request URL in case of redirect)
pub url: Url,
content_type: Option<HeaderValue>,
object_id: Option<Url>,
}
/// Fetch a remote object over HTTP and convert to `Kind`.
@ -42,12 +45,52 @@ pub struct FetchObjectResponse<Kind> {
/// [Error::RequestLimit]. This prevents denial of service attacks where an attack triggers
/// infinite, recursive fetching of data.
///
/// The `Accept` header will be set to the content of [`FEDERATION_CONTENT_TYPE`].
/// The `Accept` header will be set to the content of [`FEDERATION_CONTENT_TYPE`]. When parsing the
/// response it ensures that it has a valid `Content-Type` header as defined by ActivityPub, to
/// prevent security vulnerabilities like [this one](https://github.com/mastodon/mastodon/security/advisories/GHSA-jhrq-qvrm-qr36).
/// Additionally it checks that the `id` field is identical to the fetch URL (after redirects).
pub async fn fetch_object_http<T: Clone, Kind: DeserializeOwned>(
url: &Url,
data: &Data<T>,
) -> Result<FetchObjectResponse<Kind>, Error> {
fetch_object_http_with_accept(url, data, FEDERATION_CONTENT_TYPE).await
static FETCH_CONTENT_TYPE: HeaderValue = HeaderValue::from_static(FEDERATION_CONTENT_TYPE);
const VALID_RESPONSE_CONTENT_TYPES: [&str; 3] = [
FEDERATION_CONTENT_TYPE, // lemmy
r#"application/ld+json; profile="https://www.w3.org/ns/activitystreams""#, // activitypub standard
r#"application/activity+json; charset=utf-8"#, // mastodon
];
let res = fetch_object_http_with_accept(url, data, &FETCH_CONTENT_TYPE).await?;
// Ensure correct content-type to prevent vulnerabilities, with case insensitive comparison.
let content_type = res
.content_type
.as_ref()
.and_then(|c| Some(c.to_str().ok()?.to_lowercase()))
.ok_or(Error::FetchInvalidContentType(res.url.clone()))?;
if !VALID_RESPONSE_CONTENT_TYPES.contains(&content_type.as_str()) {
return Err(Error::FetchInvalidContentType(res.url));
}
// Ensure id field matches final url after redirect
if res.object_id.as_ref() != Some(&res.url) {
if let Some(res_object_id) = res.object_id {
// If id is different but still on the same domain, attempt to request object
// again from url in id field.
if res_object_id.domain() == res.url.domain() {
return Box::pin(fetch_object_http(&res_object_id, data)).await;
}
}
// Failed to fetch the object from its specified id
return Err(Error::FetchWrongId(res.url));
}
// Dont allow fetching local object. Only check this after the request as a local url
// may redirect to a remote object.
if data.config.is_local_url(&res.url) {
return Err(Error::NotFound);
}
Ok(res)
}
/// Fetch a remote object over HTTP and convert to `Kind`. This function works exactly as
@ -55,15 +98,15 @@ pub async fn fetch_object_http<T: Clone, Kind: DeserializeOwned>(
async fn fetch_object_http_with_accept<T: Clone, Kind: DeserializeOwned>(
url: &Url,
data: &Data<T>,
content_type: &str,
content_type: &HeaderValue,
) -> Result<FetchObjectResponse<Kind>, Error> {
let config = &data.config;
// dont fetch local objects this way
debug_assert!(url.domain() != Some(&config.domain));
config.verify_url_valid(url).await?;
info!("Fetching remote object {}", url.to_string());
let counter = data.request_counter.fetch_add(1, Ordering::SeqCst);
let mut counter = data.request_counter.fetch_add(1, Ordering::SeqCst);
// fetch_add returns old value so we need to increment manually here
counter += 1;
if counter > config.http_fetch_limit {
return Err(Error::RequestLimit);
}
@ -93,8 +136,52 @@ async fn fetch_object_http_with_accept<T: Clone, Kind: DeserializeOwned>(
}
let url = res.url().clone();
Ok(FetchObjectResponse {
object: res.json_limited().await?,
url,
})
let content_type = res.headers().get("Content-Type").cloned();
let text = res.bytes_limited().await?;
let object_id = extract_id(&text).ok();
match serde_json::from_slice(&text) {
Ok(object) => Ok(FetchObjectResponse {
object,
url,
content_type,
object_id,
}),
Err(e) => Err(ParseFetchedObject(
e,
url,
String::from_utf8(Vec::from(text))?,
)),
}
}
#[cfg(test)]
#[allow(clippy::unwrap_used)]
mod tests {
use super::*;
use crate::{
config::FederationConfig,
traits::tests::{DbConnection, Person},
};
#[tokio::test]
async fn test_request_limit() -> Result<(), Error> {
let config = FederationConfig::builder()
.domain("example.com")
.app_data(DbConnection)
.http_fetch_limit(0)
.build()
.await
.unwrap();
let data = config.to_request_data();
let fetch_url = "https://example.net/".to_string();
let res: Result<FetchObjectResponse<Person>, Error> =
fetch_object_http(&Url::parse(&fetch_url).map_err(Error::UrlParse)?, &data).await;
assert_eq!(res.err(), Some(Error::RequestLimit));
Ok(())
}
}

43
src/fetch/object_id.rs
View file

@ -88,19 +88,13 @@ where
<Kind as Object>::Error: From<Error>,
{
let db_object = self.dereference_from_db(data).await?;
// if its a local object, only fetch it from the database and not over http
if data.config.is_local_url(&self.0) {
return match db_object {
None => Err(Error::NotFound.into()),
Some(o) => Ok(o),
};
}
// object found in database
if let Some(object) = db_object {
// object is old and should be refetched
if let Some(last_refreshed_at) = object.last_refreshed_at() {
if should_refetch_object(last_refreshed_at) {
let is_local = data.config.is_local_url(&self.0);
if !is_local && should_refetch_object(last_refreshed_at) {
// object is outdated and should be refetched
return self.dereference_from_http(data, Some(object)).await;
}
}
@ -126,6 +120,7 @@ where
.await
.map(|o| o.ok_or(Error::NotFound.into()))?
} else {
// Don't pass in any db object, otherwise it would be returned in case http fetch fails
self.dereference_from_http(data, None).await
}
}
@ -152,6 +147,10 @@ where
Object::read_from_id(*id, data).await
}
/// Fetch object from origin instance over HTTP, then verify and parse it.
///
/// Uses Box::pin to wrap futures to reduce stack size and avoid stack overflow when
/// when fetching objects recursively.
async fn dereference_from_http(
&self,
data: &Data<<Kind as Object>::DataType>,
@ -160,7 +159,7 @@ where
where
<Kind as Object>::Error: From<Error>,
{
let res = fetch_object_http(&self.0, data).await;
let res = Box::pin(fetch_object_http(&self.0, data)).await;
if let Err(Error::ObjectDeleted(url)) = res {
if let Some(db_object) = db_object {
@ -169,11 +168,20 @@ where
return Err(Error::ObjectDeleted(url).into());
}
// If fetch failed, return the existing object from local database
if let (Err(_), Some(db_object)) = (&res, db_object) {
return Ok(db_object);
}
let res = res?;
let redirect_url = &res.url;
Kind::verify(&res.object, redirect_url, data).await?;
Kind::from_json(res.object, data).await
Box::pin(Kind::verify(&res.object, redirect_url, data)).await?;
Box::pin(Kind::from_json(res.object, data)).await
}
/// Returns true if the object's domain matches the one defined in [[FederationConfig.domain]].
pub fn is_local(&self, data: &Data<<Kind as Object>::DataType>) -> bool {
data.config.is_local_url(&self.0)
}
}
@ -197,9 +205,9 @@ static ACTOR_REFETCH_INTERVAL_SECONDS_DEBUG: i64 = 20;
fn should_refetch_object(last_refreshed: DateTime<Utc>) -> bool {
let update_interval = if cfg!(debug_assertions) {
// avoid infinite loop when fetching community outbox
ChronoDuration::seconds(ACTOR_REFETCH_INTERVAL_SECONDS_DEBUG)
ChronoDuration::try_seconds(ACTOR_REFETCH_INTERVAL_SECONDS_DEBUG).expect("valid duration")
} else {
ChronoDuration::seconds(ACTOR_REFETCH_INTERVAL_SECONDS)
ChronoDuration::try_seconds(ACTOR_REFETCH_INTERVAL_SECONDS).expect("valid duration")
};
let refresh_limit = Utc::now() - update_interval;
last_refreshed.lt(&refresh_limit)
@ -345,9 +353,10 @@ const _IMPL_DIESEL_NEW_TYPE_FOR_OBJECT_ID: () = {
};
#[cfg(test)]
#[allow(clippy::unwrap_used)]
pub mod tests {
use super::*;
use crate::{fetch::object_id::should_refetch_object, traits::tests::DbUser};
use crate::traits::tests::DbUser;
#[test]
fn test_deserialize() {
@ -362,10 +371,10 @@ pub mod tests {
#[test]
fn test_should_refetch_object() {
let one_second_ago = Utc::now() - ChronoDuration::seconds(1);
let one_second_ago = Utc::now() - ChronoDuration::try_seconds(1).unwrap();
assert!(!should_refetch_object(one_second_ago));
let two_days_ago = Utc::now() - ChronoDuration::days(2);
let two_days_ago = Utc::now() - ChronoDuration::try_days(2).unwrap();
assert!(should_refetch_object(two_days_ago));
}
}

19
src/fetch/webfinger.rs
View file

@ -5,6 +5,7 @@ use crate::{
traits::{Actor, Object},
FEDERATION_CONTENT_TYPE,
};
use http::HeaderValue;
use itertools::Itertools;
use once_cell::sync::Lazy;
use regex::Regex;
@ -33,6 +34,9 @@ impl WebFingerError {
}
}
/// The content-type for webfinger responses.
pub static WEBFINGER_CONTENT_TYPE: HeaderValue = HeaderValue::from_static("application/jrd+json");
/// Takes an identifier of the form `name@example.com`, and returns an object of `Kind`.
///
/// For this the identifier is first resolved via webfinger protocol to an Activitypub ID. This ID
@ -58,7 +62,7 @@ where
let res: Webfinger = fetch_object_http_with_accept(
&Url::parse(&fetch_url).map_err(Error::UrlParse)?,
data,
"application/jrd+json",
&WEBFINGER_CONTENT_TYPE,
)
.await?
.object;
@ -117,7 +121,7 @@ where
T: Clone,
{
static WEBFINGER_REGEX: Lazy<Regex> =
Lazy::new(|| Regex::new(r"^acct:([\p{L}0-9_]+)@(.*)$").expect("compile regex"));
Lazy::new(|| Regex::new(r"^acct:([\p{L}0-9_\.\-]+)@(.*)$").expect("compile regex"));
// Regex to extract usernames from webfinger query. Supports different alphabets using `\p{L}`.
// TODO: This should use a URL parser
let captures = WEBFINGER_REGEX
@ -241,6 +245,7 @@ pub struct WebfingerLink {
}
#[cfg(test)]
#[allow(clippy::unwrap_used)]
mod tests {
use super::*;
use crate::{
@ -259,8 +264,6 @@ mod tests {
let data = config.to_request_data();
webfinger_resolve_actor::<DbConnection, DbUser>("LemmyDev@mastodon.social", &data).await?;
// poa.st is as of 2023-07-14 the largest Pleroma instance
webfinger_resolve_actor::<DbConnection, DbUser>("graf@poa.st", &data).await?;
Ok(())
}
@ -284,6 +287,14 @@ mod tests {
Ok("Владимир"),
extract_webfinger_name("acct:Владимир@example.com", &data)
);
assert_eq!(
Ok("example.com"),
extract_webfinger_name("acct:example.com@example.com", &data)
);
assert_eq!(
Ok("da-sh"),
extract_webfinger_name("acct:da-sh@example.com", &data)
);
assert_eq!(
Ok("تجريب"),
extract_webfinger_name("acct:تجريب@example.com", &data)

91
src/http_signatures.rs
View file

@ -1,7 +1,7 @@
//! Generating keypairs, creating and verifying signatures
//!
//! Signature creation and verification is handled internally in the library. See
//! [send_activity](crate::activity_sending::send_activity) and
//! [send_activity](crate::activity_sending::SendActivityTask::sign_and_send) and
//! [receive_activity (actix-web)](crate::actix_web::inbox::receive_activity) /
//! [receive_activity (axum)](crate::axum::inbox::receive_activity).
@ -20,17 +20,17 @@ use http_signature_normalization_reqwest::{
DefaultSpawner,
};
use once_cell::sync::Lazy;
use openssl::{
hash::MessageDigest,
pkey::{PKey, Private},
rsa::Rsa,
sign::{Signer, Verifier},
};
use reqwest::Request;
use reqwest_middleware::RequestBuilder;
use rsa::{
pkcs8::{DecodePublicKey, EncodePrivateKey, EncodePublicKey, LineEnding},
Pkcs1v15Sign,
RsaPrivateKey,
RsaPublicKey,
};
use serde::Deserialize;
use sha2::{Digest, Sha256};
use std::{collections::BTreeMap, fmt::Debug, io::ErrorKind, time::Duration};
use std::{collections::BTreeMap, fmt::Debug, time::Duration};
use tracing::debug;
use url::Url;
@ -46,27 +46,23 @@ pub struct Keypair {
impl Keypair {
/// Helper method to turn this into an openssl private key
#[cfg(test)]
pub(crate) fn private_key(&self) -> Result<PKey<Private>, anyhow::Error> {
Ok(PKey::private_key_from_pem(self.private_key.as_bytes())?)
pub(crate) fn private_key(&self) -> Result<RsaPrivateKey, anyhow::Error> {
use rsa::pkcs8::DecodePrivateKey;
Ok(RsaPrivateKey::from_pkcs8_pem(&self.private_key)?)
}
}
/// Generate a random asymmetric keypair for ActivityPub HTTP signatures.
pub fn generate_actor_keypair() -> Result<Keypair, std::io::Error> {
let rsa = Rsa::generate(2048)?;
let pkey = PKey::from_rsa(rsa)?;
let public_key = pkey.public_key_to_pem()?;
let private_key = pkey.private_key_to_pem_pkcs8()?;
let key_to_string = |key| match String::from_utf8(key) {
Ok(s) => Ok(s),
Err(e) => Err(std::io::Error::new(
ErrorKind::Other,
format!("Failed converting key to string: {}", e),
)),
};
pub fn generate_actor_keypair() -> Result<Keypair, Error> {
let mut rng = rand::thread_rng();
let rsa = RsaPrivateKey::new(&mut rng, 2048)?;
let pkey = RsaPublicKey::from(&rsa);
let public_key = pkey.to_public_key_pem(LineEnding::default())?;
let private_key = rsa.to_pkcs8_pem(LineEnding::default())?.to_string();
Ok(Keypair {
private_key: key_to_string(private_key)?,
public_key: key_to_string(public_key)?,
private_key,
public_key,
})
}
@ -83,7 +79,7 @@ pub(crate) async fn sign_request(
request_builder: RequestBuilder,
actor_id: &Url,
activity: Bytes,
private_key: PKey<Private>,
private_key: RsaPrivateKey,
http_signature_compat: bool,
) -> Result<Request, Error> {
static CONFIG: Lazy<Config<DefaultSpawner>> =
@ -106,10 +102,10 @@ pub(crate) async fn sign_request(
Sha256::new(),
activity,
move |signing_string| {
let mut signer = Signer::new(MessageDigest::sha256(), &private_key)?;
signer.update(signing_string.as_bytes())?;
Ok(Base64.encode(signer.sign_to_vec()?)) as Result<_, Error>
Ok(Base64.encode(private_key.sign(
Pkcs1v15Sign::new::<Sha256>(),
&Sha256::digest(signing_string.as_bytes()),
)?)) as Result<_, Error>
},
)
.await
@ -189,8 +185,11 @@ fn verify_signature_inner(
uri: &Uri,
public_key: &str,
) -> Result<(), Error> {
static CONFIG: Lazy<http_signature_normalization::Config> =
Lazy::new(|| http_signature_normalization::Config::new().set_expiration(EXPIRES_AFTER));
static CONFIG: Lazy<http_signature_normalization::Config> = Lazy::new(|| {
http_signature_normalization::Config::new()
.set_expiration(EXPIRES_AFTER)
.require_digest()
});
let path_and_query = uri.path_and_query().map(PathAndQuery::as_str).unwrap_or("");
@ -202,15 +201,19 @@ fn verify_signature_inner(
"Verifying with key {}, message {}",
&public_key, &signing_string
);
let public_key = PKey::public_key_from_pem(public_key.as_bytes())?;
let mut verifier = Verifier::new(MessageDigest::sha256(), &public_key)?;
verifier.update(signing_string.as_bytes())?;
let public_key = RsaPublicKey::from_public_key_pem(public_key)?;
let base64_decoded = Base64
.decode(signature)
.map_err(|err| Error::Other(err.to_string()))?;
Ok(verifier.verify(&base64_decoded)?)
Ok(public_key
.verify(
Pkcs1v15Sign::new::<Sha256>(),
&Sha256::digest(signing_string.as_bytes()),
&base64_decoded,
)
.is_ok())
})?;
if verified {
@ -275,11 +278,13 @@ pub(crate) fn verify_body_hash(
}
#[cfg(test)]
#[allow(clippy::unwrap_used)]
pub mod test {
use super::*;
use crate::activity_sending::generate_request_headers;
use reqwest::Client;
use reqwest_middleware::ClientWithMiddleware;
use rsa::{pkcs1::DecodeRsaPrivateKey, pkcs8::DecodePrivateKey};
use std::str::FromStr;
static ACTOR_ID: Lazy<Url> = Lazy::new(|| Url::parse("https://example.com/u/alice").unwrap());
@ -302,7 +307,7 @@ pub mod test {
request_builder,
&ACTOR_ID,
"my activity".into(),
PKey::private_key_from_pem(test_keypair().private_key.as_bytes()).unwrap(),
RsaPrivateKey::from_pkcs8_pem(&test_keypair().private_key).unwrap(),
// set this to prevent created/expires headers to be generated and inserted
// automatically from current time
true,
@ -338,7 +343,7 @@ pub mod test {
request_builder,
&ACTOR_ID,
"my activity".to_string().into(),
PKey::private_key_from_pem(test_keypair().private_key.as_bytes()).unwrap(),
RsaPrivateKey::from_pkcs8_pem(&test_keypair().private_key).unwrap(),
false,
)
.await
@ -374,13 +379,13 @@ pub mod test {
}
pub fn test_keypair() -> Keypair {
let rsa = Rsa::private_key_from_pem(PRIVATE_KEY.as_bytes()).unwrap();
let pkey = PKey::from_rsa(rsa).unwrap();
let private_key = pkey.private_key_to_pem_pkcs8().unwrap();
let public_key = pkey.public_key_to_pem().unwrap();
let rsa = RsaPrivateKey::from_pkcs1_pem(PRIVATE_KEY).unwrap();
let pkey = RsaPublicKey::from(&rsa);
let public_key = pkey.to_public_key_pem(LineEnding::default()).unwrap();
let private_key = rsa.to_pkcs8_pem(LineEnding::default()).unwrap().to_string();
Keypair {
private_key: String::from_utf8(private_key).unwrap(),
public_key: String::from_utf8(public_key).unwrap(),
private_key,
public_key,
}
}

22
src/lib.rs
View file

@ -10,6 +10,7 @@
#![doc = include_str!("../docs/10_fetching_objects_with_unknown_type.md")]
#![deny(missing_docs)]
pub mod activity_queue;
pub mod activity_sending;
#[cfg(feature = "actix-web")]
pub mod actix_web;
@ -35,7 +36,7 @@ use serde::{de::DeserializeOwned, Deserialize};
use url::Url;
/// Mime type for Activitypub data, used for `Accept` and `Content-Type` HTTP headers
pub static FEDERATION_CONTENT_TYPE: &str = "application/activity+json";
pub const FEDERATION_CONTENT_TYPE: &str = "application/activity+json";
/// Deserialize incoming inbox activity to the given type, perform basic
/// validation and extract the actor.
@ -53,14 +54,8 @@ where
{
let activity: Activity = serde_json::from_slice(body).map_err(|e| {
// Attempt to include activity id in error message
#[derive(Deserialize)]
struct Id {
id: Url,
}
match serde_json::from_slice::<Id>(body) {
Ok(id) => Error::ParseReceivedActivity(id.id, e),
Err(e) => Error::Json(e),
}
let id = extract_id(body).ok();
Error::ParseReceivedActivity(e, id)
})?;
data.config.verify_url_and_domain(&activity).await?;
let actor = ObjectId::<ActorT>::from(activity.actor().clone())
@ -68,3 +63,12 @@ where
.await?;
Ok((activity, actor))
}
/// Attempt to parse id field from serialized json
fn extract_id(data: &[u8]) -> serde_json::Result<Url> {
#[derive(Deserialize)]
struct Id {
id: Url,
}
Ok(serde_json::from_slice::<Id>(data)?.id)
}

11
src/protocol/context.rs
View file

@ -15,11 +15,11 @@
//! };
//! let note_with_context = WithContext::new_default(note);
//! let serialized = serde_json::to_string(&note_with_context)?;
//! assert_eq!(serialized, r#"{"@context":["https://www.w3.org/ns/activitystreams"],"content":"Hello world"}"#);
//! assert_eq!(serialized, r#"{"@context":"https://www.w3.org/ns/activitystreams","content":"Hello world"}"#);
//! Ok::<(), serde_json::error::Error>(())
//! ```
use crate::{config::Data, protocol::helpers::deserialize_one_or_many, traits::ActivityHandler};
use crate::{config::Data, traits::ActivityHandler};
use serde::{Deserialize, Serialize};
use serde_json::Value;
use url::Url;
@ -31,8 +31,7 @@ const DEFAULT_CONTEXT: &str = "https://www.w3.org/ns/activitystreams";
#[derive(Serialize, Deserialize, Debug)]
pub struct WithContext<T> {
#[serde(rename = "@context")]
#[serde(deserialize_with = "deserialize_one_or_many")]
context: Vec<Value>,
context: Value,
#[serde(flatten)]
inner: T,
}
@ -40,12 +39,12 @@ pub struct WithContext<T> {
impl<T> WithContext<T> {
/// Create a new wrapper with the default Activitypub context.
pub fn new_default(inner: T) -> WithContext<T> {
let context = vec![Value::String(DEFAULT_CONTEXT.to_string())];
let context = Value::String(DEFAULT_CONTEXT.to_string());
WithContext::new(inner, context)
}
/// Create new wrapper with custom context. Use this in case you are implementing extensions.
pub fn new(inner: T, context: Vec<Value>) -> WithContext<T> {
pub fn new(inner: T, context: Value) -> WithContext<T> {
WithContext { context, inner }
}

10
src/protocol/helpers.rs
View file

@ -56,12 +56,12 @@ where
/// #[derive(serde::Deserialize)]
/// struct Note {
/// #[serde(deserialize_with = "deserialize_one")]
/// to: Url
/// to: [Url; 1]
/// }
///
/// let note = serde_json::from_str::<Note>(r#"{"to": ["https://example.com/u/alice"] }"#);
/// assert!(note.is_ok());
pub fn deserialize_one<'de, T, D>(deserializer: D) -> Result<T, D::Error>
pub fn deserialize_one<'de, T, D>(deserializer: D) -> Result<[T; 1], D::Error>
where
T: Deserialize<'de>,
D: Deserializer<'de>,
@ -75,8 +75,8 @@ where
let result: MaybeArray<T> = Deserialize::deserialize(deserializer)?;
Ok(match result {
MaybeArray::Simple(value) => value,
MaybeArray::Array([value]) => value,
MaybeArray::Simple(value) => [value],
MaybeArray::Array([value]) => [value],
})
}
@ -125,7 +125,7 @@ mod tests {
#[derive(serde::Deserialize)]
struct Note {
#[serde(deserialize_with = "deserialize_one")]
_to: Url,
_to: [Url; 1],
}
let note = serde_json::from_str::<Note>(

34
src/reqwest_shim.rs
View file

@ -3,10 +3,8 @@ use bytes::{BufMut, Bytes, BytesMut};
use futures_core::{ready, stream::BoxStream, Stream};
use pin_project_lite::pin_project;
use reqwest::Response;
use serde::de::DeserializeOwned;
use std::{
future::Future,
marker::PhantomData,
mem,
pin::Pin,
task::{Context, Poll},
@ -46,27 +44,6 @@ impl Future for BytesFuture {
}
}
pin_project! {
pub struct JsonFuture<T> {
_t: PhantomData<T>,
#[pin]
future: BytesFuture,
}
}
impl<T> Future for JsonFuture<T>
where
T: DeserializeOwned,
{
type Output = Result<T, Error>;
fn poll(self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Self::Output> {
let this = self.project();
let bytes = ready!(this.future.poll(cx))?;
Poll::Ready(serde_json::from_slice(&bytes).map_err(Error::Json))
}
}
pin_project! {
pub struct TextFuture {
#[pin]
@ -94,20 +71,16 @@ impl Future for TextFuture {
/// TODO: Remove this shim as soon as reqwest gets support for size-limited bodies.
pub trait ResponseExt {
type BytesFuture;
type JsonFuture<T>;
type TextFuture;
/// Size limited version of `bytes` to work around a reqwest issue. Check [`ResponseExt`] docs for details.
fn bytes_limited(self) -> Self::BytesFuture;
/// Size limited version of `json` to work around a reqwest issue. Check [`ResponseExt`] docs for details.
fn json_limited<T>(self) -> Self::JsonFuture<T>;
/// Size limited version of `text` to work around a reqwest issue. Check [`ResponseExt`] docs for details.
fn text_limited(self) -> Self::TextFuture;
}
impl ResponseExt for Response {
type BytesFuture = BytesFuture;
type JsonFuture<T> = JsonFuture<T>;
type TextFuture = TextFuture;
fn bytes_limited(self) -> Self::BytesFuture {
@ -118,13 +91,6 @@ impl ResponseExt for Response {
}
}
fn json_limited<T>(self) -> Self::JsonFuture<T> {
JsonFuture {
_t: PhantomData,
future: self.bytes_limited(),
}
}
fn text_limited(self) -> Self::TextFuture {
TextFuture {
future: self.bytes_limited(),

4
src/traits.rs
View file

@ -338,12 +338,12 @@ pub trait Collection: Sized {
#[doc(hidden)]
#[allow(clippy::unwrap_used)]
pub mod tests {
use super::*;
use super::{async_trait, ActivityHandler, Actor, Data, Debug, Object, PublicKey, Url};
use crate::{
error::Error,
fetch::object_id::ObjectId,
http_signatures::{generate_actor_keypair, Keypair},
protocol::{public_key::PublicKey, verification::verify_domains_match},
protocol::verification::verify_domains_match,
};
use activitystreams_kinds::{activity::FollowType, actor::PersonType};
use once_cell::sync::Lazy;