Implement push subscription API

This commit is contained in:
Vyr Cossont 2024-11-30 20:13:06 -08:00
parent 4ddfbad557
commit b99ea8121c
26 changed files with 2084 additions and 101 deletions

View file

@ -46,6 +46,7 @@ import (
"github.com/superseriousbusiness/gotosocial/internal/api/client/notifications" "github.com/superseriousbusiness/gotosocial/internal/api/client/notifications"
"github.com/superseriousbusiness/gotosocial/internal/api/client/polls" "github.com/superseriousbusiness/gotosocial/internal/api/client/polls"
"github.com/superseriousbusiness/gotosocial/internal/api/client/preferences" "github.com/superseriousbusiness/gotosocial/internal/api/client/preferences"
"github.com/superseriousbusiness/gotosocial/internal/api/client/push"
"github.com/superseriousbusiness/gotosocial/internal/api/client/reports" "github.com/superseriousbusiness/gotosocial/internal/api/client/reports"
"github.com/superseriousbusiness/gotosocial/internal/api/client/search" "github.com/superseriousbusiness/gotosocial/internal/api/client/search"
"github.com/superseriousbusiness/gotosocial/internal/api/client/statuses" "github.com/superseriousbusiness/gotosocial/internal/api/client/statuses"
@ -89,6 +90,7 @@ type Client struct {
notifications *notifications.Module // api/v1/notifications notifications *notifications.Module // api/v1/notifications
polls *polls.Module // api/v1/polls polls *polls.Module // api/v1/polls
preferences *preferences.Module // api/v1/preferences preferences *preferences.Module // api/v1/preferences
push *push.Module // api/v1/push
reports *reports.Module // api/v1/reports reports *reports.Module // api/v1/reports
search *search.Module // api/v1/search, api/v2/search search *search.Module // api/v1/search, api/v2/search
statuses *statuses.Module // api/v1/statuses statuses *statuses.Module // api/v1/statuses
@ -140,6 +142,7 @@ func (c *Client) Route(r *router.Router, m ...gin.HandlerFunc) {
c.notifications.Route(h) c.notifications.Route(h)
c.polls.Route(h) c.polls.Route(h)
c.preferences.Route(h) c.preferences.Route(h)
c.push.Route(h)
c.reports.Route(h) c.reports.Route(h)
c.search.Route(h) c.search.Route(h)
c.statuses.Route(h) c.statuses.Route(h)
@ -179,6 +182,7 @@ func NewClient(state *state.State, p *processing.Processor) *Client {
notifications: notifications.New(p), notifications: notifications.New(p),
polls: polls.New(p), polls: polls.New(p),
preferences: preferences.New(p), preferences: preferences.New(p),
push: push.New(p),
reports: reports.New(p), reports: reports.New(p),
search: search.New(p), search: search.New(p),
statuses: statuses.New(p), statuses: statuses.New(p),

View file

@ -0,0 +1,49 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push
import (
"net/http"
"github.com/gin-gonic/gin"
"github.com/superseriousbusiness/gotosocial/internal/processing"
)
const (
// BasePath is the base path for serving the push API, minus the 'api' prefix.
BasePath = "/v1/push"
// SubscriptionPath is the path for serving requests for the current auth token's push subscription.
SubscriptionPath = BasePath + "/subscription"
)
type Module struct {
processor *processing.Processor
}
func New(processor *processing.Processor) *Module {
return &Module{
processor: processor,
}
}
func (m *Module) Route(attachHandler func(method string, path string, f ...gin.HandlerFunc) gin.IRoutes) {
attachHandler(http.MethodGet, SubscriptionPath, m.PushSubscriptionGETHandler)
attachHandler(http.MethodPost, SubscriptionPath, m.PushSubscriptionPOSTHandler)
attachHandler(http.MethodPut, SubscriptionPath, m.PushSubscriptionPUTHandler)
attachHandler(http.MethodDelete, SubscriptionPath, m.PushSubscriptionDELETEHandler)
}

View file

@ -0,0 +1,111 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push_test
import (
"testing"
"github.com/stretchr/testify/suite"
"github.com/superseriousbusiness/gotosocial/internal/api/client/push"
"github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/superseriousbusiness/gotosocial/internal/db"
"github.com/superseriousbusiness/gotosocial/internal/email"
"github.com/superseriousbusiness/gotosocial/internal/federation"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/media"
"github.com/superseriousbusiness/gotosocial/internal/processing"
"github.com/superseriousbusiness/gotosocial/internal/state"
"github.com/superseriousbusiness/gotosocial/internal/storage"
"github.com/superseriousbusiness/gotosocial/internal/webpush"
"github.com/superseriousbusiness/gotosocial/testrig"
)
type PushTestSuite struct {
suite.Suite
db db.DB
storage *storage.Driver
mediaManager *media.Manager
federator *federation.Federator
processor *processing.Processor
emailSender email.Sender
sentEmails map[string]string
state state.State
// standard suite models
testTokens map[string]*gtsmodel.Token
testClients map[string]*gtsmodel.Client
testApplications map[string]*gtsmodel.Application
testUsers map[string]*gtsmodel.User
testAccounts map[string]*gtsmodel.Account
testWebPushSubscriptions map[string]*gtsmodel.WebPushSubscription
// module being tested
pushModule *push.Module
}
func (suite *PushTestSuite) SetupSuite() {
suite.testTokens = testrig.NewTestTokens()
suite.testClients = testrig.NewTestClients()
suite.testApplications = testrig.NewTestApplications()
suite.testUsers = testrig.NewTestUsers()
suite.testAccounts = testrig.NewTestAccounts()
suite.testWebPushSubscriptions = testrig.NewTestWebPushSubscriptions()
}
func (suite *PushTestSuite) SetupTest() {
suite.state.Caches.Init()
testrig.StartNoopWorkers(&suite.state)
testrig.InitTestConfig()
config.Config(func(cfg *config.Configuration) {
cfg.WebAssetBaseDir = "../../../../web/assets/"
cfg.WebTemplateBaseDir = "../../../../web/templates/"
})
testrig.InitTestLog()
suite.db = testrig.NewTestDB(&suite.state)
suite.state.DB = suite.db
suite.storage = testrig.NewInMemoryStorage()
suite.state.Storage = suite.storage
suite.mediaManager = testrig.NewTestMediaManager(&suite.state)
suite.federator = testrig.NewTestFederator(&suite.state, testrig.NewTestTransportController(&suite.state, testrig.NewMockHTTPClient(nil, "../../../../testrig/media")), suite.mediaManager)
suite.sentEmails = make(map[string]string)
suite.emailSender = testrig.NewEmailSender("../../../../web/template/", suite.sentEmails)
suite.processor = testrig.NewTestProcessor(
&suite.state,
suite.federator,
suite.emailSender,
webpush.NewNoopSender(),
suite.mediaManager,
)
suite.pushModule = push.New(suite.processor)
testrig.StandardDBSetup(suite.db, nil)
testrig.StandardStorageSetup(suite.storage, "../../../../testrig/media")
}
func (suite *PushTestSuite) TearDownTest() {
testrig.StandardDBTeardown(suite.db)
testrig.StandardStorageTeardown(suite.storage)
testrig.StopWorkers(&suite.state)
}
func TestPushTestSuite(t *testing.T) {
suite.Run(t, new(PushTestSuite))
}

View file

@ -0,0 +1,64 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push
import (
"net/http"
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// PushSubscriptionDELETEHandler swagger:operation DELETE /api/v1/push/subscription pushSubscriptionDelete
//
// Delete the Web Push subscription associated with the current auth token.
// If there is no subscription, returns successfully anyway.
//
// ---
// tags:
// - push
//
// security:
// - OAuth2 Bearer:
// - push
//
// responses:
// '200':
// description: Push subscription deleted, or did not exist.
// '400':
// description: bad request
// '401':
// description: unauthorized
// '500':
// description: internal server error
func (m *Module) PushSubscriptionDELETEHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
return
}
if errWithCode := m.processor.Push().Delete(c.Request.Context(), authed.Token.GetAccess()); errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
apiutil.Data(c, http.StatusOK, apiutil.AppJSON, apiutil.EmptyJSONObject)
}

View file

@ -0,0 +1,83 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push_test
import (
"fmt"
"net/http"
"net/http/httptest"
"github.com/superseriousbusiness/gotosocial/internal/api/client/push"
"github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/testrig"
)
// deleteSubscription deletes the push subscription for the named account and token.
func (suite *PushTestSuite) deleteSubscription(
accountFixtureName string,
tokenFixtureName string,
expectedHTTPStatus int,
) error {
// instantiate recorder + test context
recorder := httptest.NewRecorder()
ctx, _ := testrig.CreateGinTestContext(recorder, nil)
ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts[accountFixtureName])
ctx.Set(oauth.SessionAuthorizedToken, oauth.DBTokenToToken(suite.testTokens[tokenFixtureName]))
ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers[accountFixtureName])
// create the request
requestUrl := config.GetProtocol() + "://" + config.GetHost() + "/api" + push.SubscriptionPath
ctx.Request = httptest.NewRequest(http.MethodDelete, requestUrl, nil)
// trigger the handler
suite.pushModule.PushSubscriptionDELETEHandler(ctx)
// read the response
result := recorder.Result()
defer func() {
_ = result.Body.Close()
}()
if resultCode := recorder.Code; expectedHTTPStatus != resultCode {
return fmt.Errorf("expected %d got %d", expectedHTTPStatus, resultCode)
}
return nil
}
// Delete a subscription that should exist.
func (suite *PushTestSuite) TestDeleteSubscription() {
accountFixtureName := "local_account_1"
// This token should have a subscription associated with it already.
tokenFixtureName := "local_account_1"
err := suite.deleteSubscription(accountFixtureName, tokenFixtureName, 200)
suite.NoError(err)
}
// Delete a subscription that should not exist, which should succeed anyway.
func (suite *PushTestSuite) TestDeleteMissingSubscription() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
err := suite.deleteSubscription(accountFixtureName, tokenFixtureName, 200)
suite.NoError(err)
}

View file

@ -0,0 +1,72 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push
import (
"net/http"
"github.com/gin-gonic/gin"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// PushSubscriptionGETHandler swagger:operation GET /api/v1/push/subscription pushSubscriptionGet
//
// Get the push subscription for the current access token.
//
// ---
// tags:
// - push
//
// produces:
// - application/json
//
// security:
// - OAuth2 Bearer:
// - push
//
// responses:
// '200':
// name: pushSubscription
// description: Push subscription for current access token.
// schema:
// "$ref": "#/definitions/pushSubscription"
// '400':
// description: bad request
// '401':
// description: unauthorized
// '404':
// description: This access token doesn't have an associated subscription.
// '500':
// description: internal server error
func (m *Module) PushSubscriptionGETHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
return
}
apiSubscription, errWithCode := m.processor.Push().Get(c, authed.Token.GetAccess())
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
apiutil.JSON(c, http.StatusOK, apiSubscription)
}

View file

@ -0,0 +1,102 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push_test
import (
"encoding/json"
"fmt"
"io"
"net/http"
"net/http/httptest"
"github.com/superseriousbusiness/gotosocial/internal/api/client/push"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
"github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/testrig"
)
// getSubscription gets the push subscription for the named account and token.
func (suite *PushTestSuite) getSubscription(
accountFixtureName string,
tokenFixtureName string,
expectedHTTPStatus int,
) (*apimodel.WebPushSubscription, error) {
// instantiate recorder + test context
recorder := httptest.NewRecorder()
ctx, _ := testrig.CreateGinTestContext(recorder, nil)
ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts[accountFixtureName])
ctx.Set(oauth.SessionAuthorizedToken, oauth.DBTokenToToken(suite.testTokens[tokenFixtureName]))
ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers[accountFixtureName])
// create the request
requestUrl := config.GetProtocol() + "://" + config.GetHost() + "/api" + push.SubscriptionPath
ctx.Request = httptest.NewRequest(http.MethodGet, requestUrl, nil)
ctx.Request.Header.Set("accept", "application/json")
// trigger the handler
suite.pushModule.PushSubscriptionGETHandler(ctx)
// read the response
result := recorder.Result()
defer func() {
_ = result.Body.Close()
}()
b, err := io.ReadAll(result.Body)
if err != nil {
return nil, err
}
if resultCode := recorder.Code; expectedHTTPStatus != resultCode {
return nil, fmt.Errorf("expected %d got %d", expectedHTTPStatus, resultCode)
}
resp := &apimodel.WebPushSubscription{}
if err := json.Unmarshal(b, resp); err != nil {
return nil, err
}
return resp, nil
}
// Get a subscription that should exist.
func (suite *PushTestSuite) TestGetSubscription() {
accountFixtureName := "local_account_1"
// This token should have a subscription associated with it already, with all event types turned on.
tokenFixtureName := "local_account_1"
subscription, err := suite.getSubscription(accountFixtureName, tokenFixtureName, 200)
if suite.NoError(err) {
suite.NotEmpty(subscription.ID)
suite.NotEmpty(subscription.Endpoint)
suite.NotEmpty(subscription.ServerKey)
suite.True(subscription.Alerts.Mention)
}
}
// Get a subscription that should not exist, which should fail.
func (suite *PushTestSuite) TestGetMissingSubscription() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
_, err := suite.getSubscription(accountFixtureName, tokenFixtureName, 404)
suite.NoError(err)
}

View file

@ -0,0 +1,288 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push
import (
"crypto/ecdh"
"encoding/base64"
"errors"
"fmt"
"net/http"
"net/url"
"github.com/gin-gonic/gin"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// TODO: (Vyr) real parameters
// PushSubscriptionPOSTHandler swagger:operation POST /api/v1/push/subscription pushSubscriptionPost
//
// Get the push subscription
//
// ---
// tags:
// - push
//
// consumes:
// - application/json
// - application/x-www-form-urlencoded
//
// produces:
// - application/json
//
// parameters:
// -
// name: subscription[endpoint]
// in: formData
// type: string
// required: true
// minLength: 1
// description: The URL to which Web Push notifications will be sent.
// -
// name: subscription[keys][auth]
// in: formData
// type: string
// required: true
// minLength: 1
// description: The auth secret, a Base64 encoded string of 16 bytes of random data.
// -
// name: subscription[keys][p256dh]
// in: formData
// type: string
// required: true
// minLength: 1
// description: The user agent public key, a Base64 encoded string of a public key from an ECDH keypair using the prime256v1 curve.
// -
// name: data[alerts][follow]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when someone has followed you?
// -
// name: data[alerts][follow_request]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when someone has requested to follow you?
// -
// name: data[alerts][favourite]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a status you created has been favourited by someone else?
// -
// name: data[alerts][mention]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when someone else has mentioned you in a status?
// -
// name: data[alerts][reblog]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a status you created has been boosted by someone else?
// -
// name: data[alerts][poll]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a poll you voted in or created has ended?
// -
// name: data[alerts][status]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a subscribed account posts a status?
// -
// name: data[alerts][update]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a status you interacted with has been edited?
// -
// name: data[alerts][admin.sign_up]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a new user has signed up?
// -
// name: data[alerts][admin.report]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a new report has been filed?
// -
// name: data[alerts][pending.favourite]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a fave is pending?
// -
// name: data[alerts][pending.reply]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a reply is pending?
// -
// name: data[alerts][pending.reblog]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a boost is pending?
//
// security:
// - OAuth2 Bearer:
// - push
//
// responses:
// '200':
// name: pushSubscription
// description: Push subscription for current auth token.
// schema:
// "$ref": "#/definitions/pushSubscription"
// '400':
// description: bad request
// '401':
// description: unauthorized
// '403':
// description: forbidden
// '404':
// description: not found
// '406':
// description: not acceptable
// '500':
// description: internal server error
func (m *Module) PushSubscriptionPOSTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
return
}
if authed.Account.IsMoving() {
apiutil.ForbiddenAfterMove(c)
return
}
if _, err := apiutil.NegotiateAccept(c, apiutil.JSONAcceptHeaders...); err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
return
}
form := &apimodel.WebPushSubscriptionCreateRequest{}
if err := c.ShouldBind(form); err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1)
return
}
if err := validateNormalizeCreate(form); err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnprocessableEntity(err, err.Error()), m.processor.InstanceGetV1)
return
}
apiSubscription, errWithCode := m.processor.Push().CreateOrReplace(c, authed.Account.ID, authed.Token.GetAccess(), form)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
apiutil.JSON(c, http.StatusOK, apiSubscription)
}
// validateNormalizeCreate checks subscription endpoint format and keys decodability,
// and copies form fields to their canonical JSON equivalents.
func validateNormalizeCreate(request *apimodel.WebPushSubscriptionCreateRequest) error {
if request.Subscription == nil {
request.Subscription = &apimodel.WebPushSubscriptionRequestSubscription{}
}
// Normalize and validate endpoint URL.
if request.SubscriptionEndpoint != nil {
request.Subscription.Endpoint = *request.SubscriptionEndpoint
}
if request.Subscription.Endpoint == "" {
return errors.New("endpoint is required")
}
endpointUrl, err := url.Parse(request.Subscription.Endpoint)
if err != nil {
return errors.New("endpoint must be a valid URL")
}
// TODO: (Vyr) remove http option after testing
if endpointUrl.Scheme != "https" && endpointUrl.Scheme != "http" {
return errors.New("endpoint must be an https:// URL")
}
if endpointUrl.Host == "" {
return errors.New("endpoint URL must have a host")
}
if endpointUrl.Fragment != "" {
return errors.New("endpoint URL must not have a fragment")
}
// Normalize and validate auth secret.
if request.SubscriptionKeysAuth != nil {
request.Subscription.Keys.Auth = *request.SubscriptionKeysAuth
}
authBytes, err := base64DecodeAny("auth", request.Subscription.Keys.Auth)
if err != nil {
return err
}
if len(authBytes) != 16 {
return fmt.Errorf("auth must be 16 bytes long, got %d", len(authBytes))
}
// Normalize and validate public key.
if request.SubscriptionKeysP256dh != nil {
request.Subscription.Keys.P256dh = *request.SubscriptionKeysP256dh
}
p256dhBytes, err := base64DecodeAny("p256dh", request.Subscription.Keys.P256dh)
if err != nil {
return err
}
_, err = ecdh.P256().NewPublicKey(p256dhBytes)
if err != nil {
return fmt.Errorf("p256dh must be a valid public key on the NIST P-256 curve: %w", err)
}
return validateNormalizeUpdate(&request.WebPushSubscriptionUpdateRequest)
}
// base64DecodeAny tries decoding a string with standard and URL alphabets of Base64, with and without padding.
func base64DecodeAny(name string, value string) ([]byte, error) {
encodings := []*base64.Encoding{
base64.StdEncoding,
base64.URLEncoding,
base64.RawStdEncoding,
base64.RawURLEncoding,
}
for _, encoding := range encodings {
if bytes, err := encoding.DecodeString(value); err == nil {
return bytes, nil
}
}
return nil, fmt.Errorf("%s is not valid Base64 data", name)
}

View file

@ -0,0 +1,346 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push_test
import (
"encoding/json"
"fmt"
"io"
"net/http"
"net/http/httptest"
"net/url"
"strconv"
"strings"
"github.com/superseriousbusiness/gotosocial/internal/api/client/push"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
"github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/testrig"
)
// postSubscription creates or replaces the push subscription for the named account and token.
// It only allows updating two event types if using the form API. Add more if you need them.
func (suite *PushTestSuite) postSubscription(
accountFixtureName string,
tokenFixtureName string,
endpoint *string,
auth *string,
p256dh *string,
alertsMention *bool,
alertsStatus *bool,
requestJson *string,
expectedHTTPStatus int,
) (*apimodel.WebPushSubscription, error) {
// instantiate recorder + test context
recorder := httptest.NewRecorder()
ctx, _ := testrig.CreateGinTestContext(recorder, nil)
ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts[accountFixtureName])
ctx.Set(oauth.SessionAuthorizedToken, oauth.DBTokenToToken(suite.testTokens[tokenFixtureName]))
ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers[accountFixtureName])
// create the request
requestUrl := config.GetProtocol() + "://" + config.GetHost() + "/api" + push.SubscriptionPath
ctx.Request = httptest.NewRequest(http.MethodPost, requestUrl, nil)
ctx.Request.Header.Set("accept", "application/json")
if requestJson != nil {
ctx.Request.Header.Set("content-type", "application/json")
ctx.Request.Body = io.NopCloser(strings.NewReader(*requestJson))
} else {
ctx.Request.Form = make(url.Values)
if endpoint != nil {
ctx.Request.Form["subscription[endpoint]"] = []string{*endpoint}
}
if auth != nil {
ctx.Request.Form["subscription[keys][auth]"] = []string{*auth}
}
if p256dh != nil {
ctx.Request.Form["subscription[keys][p256dh]"] = []string{*p256dh}
}
if alertsMention != nil {
ctx.Request.Form["data[alerts][mention]"] = []string{strconv.FormatBool(*alertsMention)}
}
if alertsStatus != nil {
ctx.Request.Form["data[alerts][status]"] = []string{strconv.FormatBool(*alertsStatus)}
}
}
// trigger the handler
suite.pushModule.PushSubscriptionPOSTHandler(ctx)
// read the response
result := recorder.Result()
defer func() {
_ = result.Body.Close()
}()
b, err := io.ReadAll(result.Body)
if err != nil {
return nil, err
}
if resultCode := recorder.Code; expectedHTTPStatus != resultCode {
return nil, fmt.Errorf("expected %d got %d", expectedHTTPStatus, resultCode)
}
resp := &apimodel.WebPushSubscription{}
if err := json.Unmarshal(b, resp); err != nil {
return nil, err
}
return resp, nil
}
// Create a new subscription.
func (suite *PushTestSuite) TestPostSubscription() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
endpoint := "https://example.test/push"
auth := "cgna/fzrYLDQyPf5hD7IsA=="
p256dh := "BMYVItYVOX+AHBdtA62Q0i6c+F7MV2Gia3aoDr8mvHkuPBNIOuTLDfmFcnBqoZcQk6BtLcIONbxhHpy2R+mYIUY="
alertsMention := true
alertsStatus := false
subscription, err := suite.postSubscription(
accountFixtureName,
tokenFixtureName,
&endpoint,
&auth,
&p256dh,
&alertsMention,
&alertsStatus,
nil,
200,
)
if suite.NoError(err) {
suite.NotEmpty(subscription.ID)
suite.NotEmpty(subscription.Endpoint)
suite.NotEmpty(subscription.ServerKey)
suite.True(subscription.Alerts.Mention)
suite.False(subscription.Alerts.Status)
// Omitted event types should default to off.
suite.False(subscription.Alerts.Favourite)
}
}
// Create a new subscription with only required fields.
func (suite *PushTestSuite) TestPostSubscriptionMinimal() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
endpoint := "https://example.test/push"
auth := "cgna/fzrYLDQyPf5hD7IsA=="
p256dh := "BMYVItYVOX+AHBdtA62Q0i6c+F7MV2Gia3aoDr8mvHkuPBNIOuTLDfmFcnBqoZcQk6BtLcIONbxhHpy2R+mYIUY="
subscription, err := suite.postSubscription(
accountFixtureName,
tokenFixtureName,
&endpoint,
&auth,
&p256dh,
nil,
nil,
nil,
200,
)
if suite.NoError(err) {
suite.NotEmpty(subscription.ID)
suite.NotEmpty(subscription.Endpoint)
suite.NotEmpty(subscription.ServerKey)
// All event types should default to off.
suite.False(subscription.Alerts.Mention)
suite.False(subscription.Alerts.Status)
suite.False(subscription.Alerts.Favourite)
}
}
// Create a new subscription with a missing endpoint, which should fail.
func (suite *PushTestSuite) TestPostInvalidSubscription() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
// No endpoint.
auth := "cgna/fzrYLDQyPf5hD7IsA=="
p256dh := "BMYVItYVOX+AHBdtA62Q0i6c+F7MV2Gia3aoDr8mvHkuPBNIOuTLDfmFcnBqoZcQk6BtLcIONbxhHpy2R+mYIUY="
alertsMention := true
alertsStatus := false
_, err := suite.postSubscription(
accountFixtureName,
tokenFixtureName,
nil,
&auth,
&p256dh,
&alertsMention,
&alertsStatus,
nil,
422,
)
suite.NoError(err)
}
// Create a new subscription, using the JSON format.
func (suite *PushTestSuite) TestPostSubscriptionJSON() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
requestJson := `{
"subscription": {
"endpoint": "https://example.test/push",
"keys": {
"auth": "cgna/fzrYLDQyPf5hD7IsA==",
"p256dh": "BMYVItYVOX+AHBdtA62Q0i6c+F7MV2Gia3aoDr8mvHkuPBNIOuTLDfmFcnBqoZcQk6BtLcIONbxhHpy2R+mYIUY="
}
},
"data": {
"alerts": {
"mention": true,
"status": false
}
}
}`
subscription, err := suite.postSubscription(
accountFixtureName,
tokenFixtureName,
nil,
nil,
nil,
nil,
nil,
&requestJson,
200,
)
if suite.NoError(err) {
suite.NotEmpty(subscription.ID)
suite.NotEmpty(subscription.Endpoint)
suite.NotEmpty(subscription.ServerKey)
suite.True(subscription.Alerts.Mention)
suite.False(subscription.Alerts.Status)
// Omitted event types should default to off.
suite.False(subscription.Alerts.Favourite)
}
}
// Create a new subscription, using the JSON format and only required fields.
func (suite *PushTestSuite) TestPostSubscriptionJSONMinimal() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
requestJson := `{
"subscription": {
"endpoint": "https://example.test/push",
"keys": {
"auth": "cgna/fzrYLDQyPf5hD7IsA==",
"p256dh": "BMYVItYVOX+AHBdtA62Q0i6c+F7MV2Gia3aoDr8mvHkuPBNIOuTLDfmFcnBqoZcQk6BtLcIONbxhHpy2R+mYIUY="
}
}
}`
subscription, err := suite.postSubscription(
accountFixtureName,
tokenFixtureName,
nil,
nil,
nil,
nil,
nil,
&requestJson,
200,
)
if suite.NoError(err) {
suite.NotEmpty(subscription.ID)
suite.NotEmpty(subscription.Endpoint)
suite.NotEmpty(subscription.ServerKey)
// All event types should default to off.
suite.False(subscription.Alerts.Mention)
suite.False(subscription.Alerts.Status)
suite.False(subscription.Alerts.Favourite)
}
}
// Create a new subscription with a missing endpoint, using the JSON format, which should fail.
func (suite *PushTestSuite) TestPostInvalidSubscriptionJSON() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
// No endpoint.
requestJson := `{
"subscription": {
"keys": {
"auth": "cgna/fzrYLDQyPf5hD7IsA==",
"p256dh": "BMYVItYVOX+AHBdtA62Q0i6c+F7MV2Gia3aoDr8mvHkuPBNIOuTLDfmFcnBqoZcQk6BtLcIONbxhHpy2R+mYIUY="
}
},
"data": {
"alerts": {
"mention": true,
"status": false
}
}
}`
_, err := suite.postSubscription(
accountFixtureName,
tokenFixtureName,
nil,
nil,
nil,
nil,
nil,
&requestJson,
422,
)
suite.NoError(err)
}
// Replace a subscription that already exists.
func (suite *PushTestSuite) TestPostExistingSubscription() {
accountFixtureName := "local_account_1"
// This token should have a subscription associated with it already, with all event types turned on.
tokenFixtureName := "local_account_1"
endpoint := "https://example.test/push"
auth := "JMFtMRgZaeHpwsDjBnhcmQ=="
p256dh := "BMYVItYVOX+AHBdtA62Q0i6c+F7MV2Gia3aoDr8mvHkuPBNIOuTLDfmFcnBqoZcQk6BtLcIONbxhHpy2R+mYIUY="
alertsMention := true
alertsStatus := false
subscription, err := suite.postSubscription(
accountFixtureName,
tokenFixtureName,
&endpoint,
&auth,
&p256dh,
&alertsMention,
&alertsStatus,
nil,
200,
)
if suite.NoError(err) {
suite.NotEqual(suite.testWebPushSubscriptions["local_account_1_token_1"].ID, subscription.ID)
suite.NotEmpty(subscription.Endpoint)
suite.NotEmpty(subscription.ServerKey)
suite.True(subscription.Alerts.Mention)
suite.False(subscription.Alerts.Status)
// Omitted event types should default to off.
suite.False(subscription.Alerts.Favourite)
}
}

View file

@ -0,0 +1,233 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push
import (
"net/http"
"github.com/gin-gonic/gin"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
)
// PushSubscriptionPUTHandler swagger:operation PUT /api/v1/push/subscription pushSubscriptionPut
//
// Update the Web Push subscription for the current access token.
// Only which notifications you receive can be updated.
//
// ---
// tags:
// - push
//
// consumes:
// - application/json
// - application/x-www-form-urlencoded
//
// produces:
// - application/json
//
// parameters:
// -
// name: data[alerts][follow]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when someone has followed you?
// -
// name: data[alerts][follow_request]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when someone has requested to follow you?
// -
// name: data[alerts][favourite]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a status you created has been favourited by someone else?
// -
// name: data[alerts][mention]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when someone else has mentioned you in a status?
// -
// name: data[alerts][reblog]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a status you created has been boosted by someone else?
// -
// name: data[alerts][poll]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a poll you voted in or created has ended?
// -
// name: data[alerts][status]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a subscribed account posts a status?
// -
// name: data[alerts][update]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a status you interacted with has been edited?
// -
// name: data[alerts][admin.sign_up]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a new user has signed up?
// -
// name: data[alerts][admin.report]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a new report has been filed?
// -
// name: data[alerts][pending.favourite]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a fave is pending?
// -
// name: data[alerts][pending.reply]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a reply is pending?
// -
// name: data[alerts][pending.reblog]
// in: formData
// type: boolean
// default: false
// description: Receive a push notification when a boost is pending?
//
// security:
// - OAuth2 Bearer:
// - push
//
// responses:
// '200':
// name: pushSubscription
// description: Push subscription for current auth token.
// schema:
// "$ref": "#/definitions/pushSubscription"
// '400':
// description: bad request
// '401':
// description: unauthorized
// '403':
// description: forbidden
// '404':
// description: This access token doesn't have an associated subscription.
// '406':
// description: not acceptable
// '500':
// description: internal server error
func (m *Module) PushSubscriptionPUTHandler(c *gin.Context) {
authed, err := oauth.Authed(c, true, true, true, true)
if err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
return
}
if authed.Account.IsMoving() {
apiutil.ForbiddenAfterMove(c)
return
}
if _, err := apiutil.NegotiateAccept(c, apiutil.JSONAcceptHeaders...); err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
return
}
form := &apimodel.WebPushSubscriptionUpdateRequest{}
if err := c.ShouldBind(form); err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGetV1)
return
}
if err := validateNormalizeUpdate(form); err != nil {
apiutil.ErrorHandler(c, gtserror.NewErrorUnprocessableEntity(err, err.Error()), m.processor.InstanceGetV1)
return
}
apiSubscription, errWithCode := m.processor.Push().Update(c, authed.Token.GetAccess(), form)
if errWithCode != nil {
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
return
}
apiutil.JSON(c, http.StatusOK, apiSubscription)
}
// validateNormalizeUpdate copies form fields to their canonical JSON equivalents.
func validateNormalizeUpdate(request *apimodel.WebPushSubscriptionUpdateRequest) error {
if request.Data == nil {
request.Data = &apimodel.WebPushSubscriptionRequestData{}
}
if request.Data.Alerts == nil {
request.Data.Alerts = &apimodel.WebPushSubscriptionAlerts{}
}
if request.DataAlertsFollow != nil {
request.Data.Alerts.Follow = *request.DataAlertsFollow
}
if request.DataAlertsFollowRequest != nil {
request.Data.Alerts.FollowRequest = *request.DataAlertsFollowRequest
}
if request.DataAlertsMention != nil {
request.Data.Alerts.Mention = *request.DataAlertsMention
}
if request.DataAlertsReblog != nil {
request.Data.Alerts.Reblog = *request.DataAlertsReblog
}
if request.DataAlertsPoll != nil {
request.Data.Alerts.Poll = *request.DataAlertsPoll
}
if request.DataAlertsStatus != nil {
request.Data.Alerts.Status = *request.DataAlertsStatus
}
if request.DataAlertsUpdate != nil {
request.Data.Alerts.Update = *request.DataAlertsUpdate
}
if request.DataAlertsAdminSignup != nil {
request.Data.Alerts.AdminSignup = *request.DataAlertsAdminSignup
}
if request.DataAlertsAdminReport != nil {
request.Data.Alerts.AdminReport = *request.DataAlertsAdminReport
}
if request.DataAlertsPendingFavourite != nil {
request.Data.Alerts.PendingFavourite = *request.DataAlertsPendingFavourite
}
if request.DataAlertsPendingReply != nil {
request.Data.Alerts.PendingReply = *request.DataAlertsPendingReply
}
if request.DataAlertsPendingReblog != nil {
request.Data.Alerts.Reblog = *request.DataAlertsPendingReblog
}
return nil
}

View file

@ -0,0 +1,176 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push_test
import (
"encoding/json"
"fmt"
"io"
"net/http"
"net/http/httptest"
"net/url"
"strconv"
"strings"
"github.com/superseriousbusiness/gotosocial/internal/api/client/push"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
"github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/superseriousbusiness/gotosocial/internal/oauth"
"github.com/superseriousbusiness/gotosocial/testrig"
)
// putSubscription updates the push subscription for the named account and token.
// It only allows updating two event types if using the form API. Add more if you need them.
func (suite *PushTestSuite) putSubscription(
accountFixtureName string,
tokenFixtureName string,
alertsMention *bool,
alertsStatus *bool,
requestJson *string,
expectedHTTPStatus int,
) (*apimodel.WebPushSubscription, error) {
// instantiate recorder + test context
recorder := httptest.NewRecorder()
ctx, _ := testrig.CreateGinTestContext(recorder, nil)
ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts[accountFixtureName])
ctx.Set(oauth.SessionAuthorizedToken, oauth.DBTokenToToken(suite.testTokens[tokenFixtureName]))
ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers[accountFixtureName])
// create the request
requestUrl := config.GetProtocol() + "://" + config.GetHost() + "/api" + push.SubscriptionPath
ctx.Request = httptest.NewRequest(http.MethodPut, requestUrl, nil)
ctx.Request.Header.Set("accept", "application/json")
if requestJson != nil {
ctx.Request.Header.Set("content-type", "application/json")
ctx.Request.Body = io.NopCloser(strings.NewReader(*requestJson))
} else {
ctx.Request.Form = make(url.Values)
if alertsMention != nil {
ctx.Request.Form["data[alerts][mention]"] = []string{strconv.FormatBool(*alertsMention)}
}
if alertsStatus != nil {
ctx.Request.Form["data[alerts][status]"] = []string{strconv.FormatBool(*alertsStatus)}
}
}
// trigger the handler
suite.pushModule.PushSubscriptionPUTHandler(ctx)
// read the response
result := recorder.Result()
defer func() {
_ = result.Body.Close()
}()
b, err := io.ReadAll(result.Body)
if err != nil {
return nil, err
}
if resultCode := recorder.Code; expectedHTTPStatus != resultCode {
return nil, fmt.Errorf("expected %d got %d", expectedHTTPStatus, resultCode)
}
resp := &apimodel.WebPushSubscription{}
if err := json.Unmarshal(b, resp); err != nil {
return nil, err
}
return resp, nil
}
// Update a subscription that already exists.
func (suite *PushTestSuite) TestPutSubscription() {
accountFixtureName := "local_account_1"
// This token should have a subscription associated with it already, with all event types turned on.
tokenFixtureName := "local_account_1"
alertsMention := true
alertsStatus := false
subscription, err := suite.putSubscription(
accountFixtureName,
tokenFixtureName,
&alertsMention,
&alertsStatus,
nil,
200,
)
if suite.NoError(err) {
suite.NotEmpty(subscription.ID)
suite.NotEmpty(subscription.Endpoint)
suite.NotEmpty(subscription.ServerKey)
suite.True(subscription.Alerts.Mention)
suite.False(subscription.Alerts.Status)
// Omitted event types should default to off.
suite.False(subscription.Alerts.Favourite)
}
}
// Update a subscription that already exists, using the JSON format.
func (suite *PushTestSuite) TestPutSubscriptionJSON() {
accountFixtureName := "local_account_1"
// This token should have a subscription associated with it already, with all event types turned on.
tokenFixtureName := "local_account_1"
requestJson := `{
"data": {
"alerts": {
"mention": true,
"status": false
}
}
}`
subscription, err := suite.putSubscription(
accountFixtureName,
tokenFixtureName,
nil,
nil,
&requestJson,
200,
)
if suite.NoError(err) {
suite.NotEmpty(subscription.ID)
suite.NotEmpty(subscription.Endpoint)
suite.NotEmpty(subscription.ServerKey)
suite.True(subscription.Alerts.Mention)
suite.False(subscription.Alerts.Status)
// Omitted event types should default to off.
suite.False(subscription.Alerts.Favourite)
}
}
// Update a subscription that does not exist, which should fail.
func (suite *PushTestSuite) TestPutMissingSubscription() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
alertsMention := true
alertsStatus := false
_, err := suite.putSubscription(
accountFixtureName,
tokenFixtureName,
&alertsMention,
&alertsStatus,
nil,
404,
)
suite.NoError(err)
}

View file

@ -1,58 +0,0 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package model
// PushSubscription represents a subscription to the push streaming server.
//
// swagger:model pushSubscription
type PushSubscription struct {
// The id of the push subscription in the database.
ID string `json:"id"`
// Where push alerts will be sent to.
Endpoint string `json:"endpoint"`
// The streaming server's VAPID public key.
ServerKey string `json:"server_key"`
// Which alerts should be delivered to the endpoint.
Alerts *PushSubscriptionAlerts `json:"alerts"`
}
// PushSubscriptionAlerts represents the specific alerts that this push subscription will give.
//
// swagger:model pushSubscriptionAlerts
type PushSubscriptionAlerts struct {
// Receive a push notification when someone has followed you?
Follow bool `json:"follow"`
// Receive a push notification when someone has requested to followed you?
FollowRequest bool `json:"follow_request"`
// Receive a push notification when a status you created has been favourited by someone else?
Favourite bool `json:"favourite"`
// Receive a push notification when someone else has mentioned you in a status?
Mention bool `json:"mention"`
// Receive a push notification when a status you created has been boosted by someone else?
Reblog bool `json:"reblog"`
// Receive a push notification when a poll you voted in or created has ended?
Poll bool `json:"poll"`
// Receive a push notification when a subscribed account posts a status?
Status bool `json:"status"`
// Receive a push notification when a status you interacted with has been edited?
Update bool `json:"update"`
// Receive a push notification when a new user has signed up?
AdminSignup bool `json:"admin.sign_up"`
// Receive a push notification when a new report has been filed?
AdminReport bool `json:"admin.report"`
}

View file

@ -17,12 +17,12 @@
package model package model
// PushNotification represents a notification summary delivered to the client by the Web Push server. // WebPushNotification represents a notification summary delivered to the client by the Web Push server.
// It does not contain an entire Notification, just the NotificationID and some preview information. // It does not contain an entire Notification, just the NotificationID and some preview information.
// It is not used in the client API directly. // It is not used in the client API directly, but is included in the API doc for decoding Web Push notifications.
// //
// swagger:model pushNotification // swagger:model webPushNotification
type PushNotification struct { type WebPushNotification struct {
// NotificationID is the Notification.ID of the referenced Notification. // NotificationID is the Notification.ID of the referenced Notification.
NotificationID string `json:"notification_id"` NotificationID string `json:"notification_id"`

View file

@ -0,0 +1,142 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package model
// WebPushSubscription represents a subscription to a Web Push server.
//
// swagger:model webPushSubscription
type WebPushSubscription struct {
// The id of the push subscription in the database.
ID string `json:"id"`
// Where push alerts will be sent to.
Endpoint string `json:"endpoint"`
// The streaming server's VAPID public key.
ServerKey string `json:"server_key"`
// Which alerts should be delivered to the endpoint.
Alerts WebPushSubscriptionAlerts `json:"alerts"`
}
// WebPushSubscriptionAlerts represents the specific events that this Web Push subscription will receive.
//
// swagger:model webPushSubscriptionAlerts
type WebPushSubscriptionAlerts struct {
// Receive a push notification when someone has followed you?
Follow bool `json:"follow"`
// Receive a push notification when someone has requested to follow you?
FollowRequest bool `json:"follow_request"`
// Receive a push notification when a status you created has been favourited by someone else?
Favourite bool `json:"favourite"`
// Receive a push notification when someone else has mentioned you in a status?
Mention bool `json:"mention"`
// Receive a push notification when a status you created has been boosted by someone else?
Reblog bool `json:"reblog"`
// Receive a push notification when a poll you voted in or created has ended?
Poll bool `json:"poll"`
// Receive a push notification when a subscribed account posts a status?
Status bool `json:"status"`
// Receive a push notification when a status you interacted with has been edited?
Update bool `json:"update"`
// Receive a push notification when a new user has signed up?
AdminSignup bool `json:"admin.sign_up"`
// Receive a push notification when a new report has been filed?
AdminReport bool `json:"admin.report"`
// Receive a push notification when a fave is pending?
PendingFavourite bool `json:"pending.favourite"`
// Receive a push notification when a reply is pending?
PendingReply bool `json:"pending.reply"`
// Receive a push notification when a boost is pending?
PendingReblog bool `json:"pending.reblog"`
}
// WebPushSubscriptionCreateRequest captures params for creating or replacing a Web Push subscription.
//
// swagger:ignore
type WebPushSubscriptionCreateRequest struct {
Subscription *WebPushSubscriptionRequestSubscription `form:"-" json:"subscription"`
SubscriptionEndpoint *string `form:"subscription[endpoint]" json:"-"`
SubscriptionKeysAuth *string `form:"subscription[keys][auth]" json:"-"`
SubscriptionKeysP256dh *string `form:"subscription[keys][p256dh]" json:"-"`
WebPushSubscriptionUpdateRequest
}
// WebPushSubscriptionRequestSubscription is the part of a Web Push subscription that is fixed at creation.
//
// swagger:ignore
type WebPushSubscriptionRequestSubscription struct {
// Endpoint is the URL to which Web Push notifications will be sent.
Endpoint string `json:"endpoint"`
Keys WebPushSubscriptionRequestSubscriptionKeys `json:"keys"`
}
// WebPushSubscriptionRequestSubscriptionKeys is the part of a Web Push subscription that contains auth secrets.
//
// swagger:ignore
type WebPushSubscriptionRequestSubscriptionKeys struct {
// Auth is the auth secret, a Base64 encoded string of 16 bytes of random data.
Auth string `json:"auth"`
// P256dh is the user agent public key, a Base64 encoded string of a public key from an ECDH keypair using the prime256v1 curve.
P256dh string `json:"p256dh"`
}
// WebPushSubscriptionUpdateRequest captures params for updating a Web Push subscription.
//
// swagger:ignore
type WebPushSubscriptionUpdateRequest struct {
Data *WebPushSubscriptionRequestData `form:"-" json:"data"`
DataAlertsFollow *bool `form:"data[alerts][follow]" json:"-"`
DataAlertsFollowRequest *bool `form:"data[alerts][follow_request]" json:"-"`
DataAlertsFavourite *bool `form:"data[alerts][favourite]" json:"-"`
DataAlertsMention *bool `form:"data[alerts][mention]" json:"-"`
DataAlertsReblog *bool `form:"data[alerts][reblog]" json:"-"`
DataAlertsPoll *bool `form:"data[alerts][poll]" json:"-"`
DataAlertsStatus *bool `form:"data[alerts][status]" json:"-"`
DataAlertsUpdate *bool `form:"data[alerts][update]" json:"-"`
DataAlertsAdminSignup *bool `form:"data[alerts][admin.sign_up]" json:"-"`
DataAlertsAdminReport *bool `form:"data[alerts][admin.report]" json:"-"`
DataAlertsPendingFavourite *bool `form:"data[alerts][pending.favourite]" json:"-"`
DataAlertsPendingReply *bool `form:"data[alerts][pending.reply]" json:"-"`
DataAlertsPendingReblog *bool `form:"data[alerts][pending.reblog]" json:"-"`
}
// WebPushSubscriptionRequestData is the part of a Web Push subscription that can be changed after creation.
//
// swagger:ignore
type WebPushSubscriptionRequestData struct {
// Alerts selects the specific events that this Web Push subscription will receive.
Alerts *WebPushSubscriptionAlerts `form:"-" json:"alerts"`
}

View file

@ -5,6 +5,7 @@ import (
"errors" "errors"
"github.com/superseriousbusiness/gotosocial/internal/db" "github.com/superseriousbusiness/gotosocial/internal/db"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel" "github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/state" "github.com/superseriousbusiness/gotosocial/internal/state"
"github.com/superseriousbusiness/gotosocial/internal/util/xslices" "github.com/superseriousbusiness/gotosocial/internal/util/xslices"
@ -54,7 +55,7 @@ func (w *webPushDB) PutVAPIDKeyPair(ctx context.Context, vapidKeyPair *gtsmodel.
} }
func (w *webPushDB) GetWebPushSubscriptionByTokenID(ctx context.Context, tokenID string) (*gtsmodel.WebPushSubscription, error) { func (w *webPushDB) GetWebPushSubscriptionByTokenID(ctx context.Context, tokenID string) (*gtsmodel.WebPushSubscription, error) {
return w.state.Caches.DB.WebPushSubscription.LoadOne( subscription, err := w.state.Caches.DB.WebPushSubscription.LoadOne(
"TokenID", "TokenID",
func() (*gtsmodel.WebPushSubscription, error) { func() (*gtsmodel.WebPushSubscription, error) {
var subscription gtsmodel.WebPushSubscription var subscription gtsmodel.WebPushSubscription
@ -67,6 +68,10 @@ func (w *webPushDB) GetWebPushSubscriptionByTokenID(ctx context.Context, tokenID
}, },
tokenID, tokenID,
) )
if err != nil {
return nil, err
}
return subscription, nil
} }
func (w *webPushDB) PutWebPushSubscription(ctx context.Context, subscription *gtsmodel.WebPushSubscription) error { func (w *webPushDB) PutWebPushSubscription(ctx context.Context, subscription *gtsmodel.WebPushSubscription) error {
@ -85,15 +90,22 @@ func (w *webPushDB) UpdateWebPushSubscription(ctx context.Context, subscription
} }
// Update database. // Update database.
if _, err := w.db. result, err := w.db.
NewUpdate(). NewUpdate().
Model(subscription). Model(subscription).
Column(columns...). Column(columns...).
Where("? = ?", bun.Ident("id"), subscription.ID). Where("? = ?", bun.Ident("id"), subscription.ID).
Exec(ctx); // nocollapse Exec(ctx)
err != nil { if err != nil {
return err return err
} }
rowsAffected, err := result.RowsAffected()
if err != nil {
return gtserror.Newf("error getting updated row count: %w", err)
}
if rowsAffected == 0 {
return db.ErrNoEntries
}
// Update cache. // Update cache.
w.state.Caches.DB.WebPushSubscription.Put(subscription) w.state.Caches.DB.WebPushSubscription.Put(subscription)

View file

@ -33,13 +33,15 @@ type WebPush interface {
// This should be called at most once, during server startup. // This should be called at most once, during server startup.
PutVAPIDKeyPair(ctx context.Context, vapidKeyPair *gtsmodel.VAPIDKeyPair) error PutVAPIDKeyPair(ctx context.Context, vapidKeyPair *gtsmodel.VAPIDKeyPair) error
// GetWebPushSubscriptionByTokenID retrieves an access token's Web Push subscription, if there is one. // GetWebPushSubscriptionByTokenID retrieves an access token's Web Push subscription.
// There may not be one, in which case an error will be returned.
GetWebPushSubscriptionByTokenID(ctx context.Context, tokenID string) (*gtsmodel.WebPushSubscription, error) GetWebPushSubscriptionByTokenID(ctx context.Context, tokenID string) (*gtsmodel.WebPushSubscription, error)
// PutWebPushSubscription creates an access token's Web Push subscription. // PutWebPushSubscription creates an access token's Web Push subscription.
PutWebPushSubscription(ctx context.Context, subscription *gtsmodel.WebPushSubscription) error PutWebPushSubscription(ctx context.Context, subscription *gtsmodel.WebPushSubscription) error
// UpdateWebPushSubscription updates an access token's Web Push subscription. // UpdateWebPushSubscription updates an access token's Web Push subscription.
// There may not be one, in which case an error will be returned.
UpdateWebPushSubscription(ctx context.Context, subscription *gtsmodel.WebPushSubscription, columns ...string) error UpdateWebPushSubscription(ctx context.Context, subscription *gtsmodel.WebPushSubscription, columns ...string) error
// DeleteWebPushSubscriptionByTokenID deletes an access token's Web Push subscription, if there is one. // DeleteWebPushSubscriptionByTokenID deletes an access token's Web Push subscription, if there is one.

View file

@ -61,7 +61,7 @@ type WebPushSubscription struct {
NotifyUpdate *bool `bun:",nullzero,notnull,default:false"` NotifyUpdate *bool `bun:",nullzero,notnull,default:false"`
NotifyAdminSignup *bool `bun:",nullzero,notnull,default:false"` NotifyAdminSignup *bool `bun:",nullzero,notnull,default:false"`
NotifyAdminReport *bool `bun:",nullzero,notnull,default:false"` NotifyAdminReport *bool `bun:",nullzero,notnull,default:false"`
NotifyPendingFave *bool `bun:",nullzero,notnull,default:false"` NotifyPendingFavourite *bool `bun:",nullzero,notnull,default:false"`
NotifyPendingReply *bool `bun:",nullzero,notnull,default:false"` NotifyPendingReply *bool `bun:",nullzero,notnull,default:false"`
NotifyPendingReblog *bool `bun:",nullzero,notnull,default:false"` NotifyPendingReblog *bool `bun:",nullzero,notnull,default:false"`
} }

View file

@ -39,6 +39,7 @@ import (
"github.com/superseriousbusiness/gotosocial/internal/processing/markers" "github.com/superseriousbusiness/gotosocial/internal/processing/markers"
"github.com/superseriousbusiness/gotosocial/internal/processing/media" "github.com/superseriousbusiness/gotosocial/internal/processing/media"
"github.com/superseriousbusiness/gotosocial/internal/processing/polls" "github.com/superseriousbusiness/gotosocial/internal/processing/polls"
"github.com/superseriousbusiness/gotosocial/internal/processing/push"
"github.com/superseriousbusiness/gotosocial/internal/processing/report" "github.com/superseriousbusiness/gotosocial/internal/processing/report"
"github.com/superseriousbusiness/gotosocial/internal/processing/search" "github.com/superseriousbusiness/gotosocial/internal/processing/search"
"github.com/superseriousbusiness/gotosocial/internal/processing/status" "github.com/superseriousbusiness/gotosocial/internal/processing/status"
@ -88,6 +89,7 @@ type Processor struct {
markers markers.Processor markers markers.Processor
media media.Processor media media.Processor
polls polls.Processor polls polls.Processor
push push.Processor
report report.Processor report report.Processor
search search.Processor search search.Processor
status status.Processor status status.Processor
@ -146,6 +148,10 @@ func (p *Processor) Polls() *polls.Processor {
return &p.polls return &p.polls
} }
func (p *Processor) Push() *push.Processor {
return &p.push
}
func (p *Processor) Report() *report.Processor { func (p *Processor) Report() *report.Processor {
return &p.report return &p.report
} }
@ -221,6 +227,7 @@ func NewProcessor(
processor.list = list.New(state, converter) processor.list = list.New(state, converter)
processor.markers = markers.New(state, converter) processor.markers = markers.New(state, converter)
processor.polls = polls.New(&common, state, converter) processor.polls = polls.New(&common, state, converter)
processor.push = push.New(state, converter)
processor.report = report.New(state, converter) processor.report = report.New(state, converter)
processor.tags = tags.New(state, converter) processor.tags = tags.New(state, converter)
processor.timeline = timeline.New(state, converter, visFilter) processor.timeline = timeline.New(state, converter, visFilter)

View file

@ -0,0 +1,78 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push
import (
"context"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/id"
)
// CreateOrReplace creates a Web Push subscription for the given access token,
// or entirely replaces the previously existing subscription for that token.
func (p *Processor) CreateOrReplace(
ctx context.Context,
accountID string,
accessToken string,
request *apimodel.WebPushSubscriptionCreateRequest,
) (*apimodel.WebPushSubscription, gtserror.WithCode) {
tokenID, errWithCode := p.getTokenID(ctx, accessToken)
if errWithCode != nil {
return nil, errWithCode
}
// Clear any previous subscription.
if err := p.state.DB.DeleteWebPushSubscriptionByTokenID(ctx, tokenID); err != nil {
return nil, gtserror.NewErrorInternalError(
gtserror.Newf("couldn't delete Web Push subscription for token ID %s: %w", tokenID, err),
)
}
// Insert a new one.
subscription := &gtsmodel.WebPushSubscription{
ID: id.NewULID(),
AccountID: accountID,
TokenID: tokenID,
Endpoint: request.Subscription.Endpoint,
Auth: request.Subscription.Keys.Auth,
P256dh: request.Subscription.Keys.P256dh,
NotifyFollow: &request.Data.Alerts.Follow,
NotifyFollowRequest: &request.Data.Alerts.FollowRequest,
NotifyFavourite: &request.Data.Alerts.Favourite,
NotifyMention: &request.Data.Alerts.Mention,
NotifyReblog: &request.Data.Alerts.Reblog,
NotifyPoll: &request.Data.Alerts.Poll,
NotifyStatus: &request.Data.Alerts.Status,
NotifyUpdate: &request.Data.Alerts.Update,
NotifyAdminSignup: &request.Data.Alerts.AdminSignup,
NotifyAdminReport: &request.Data.Alerts.AdminReport,
NotifyPendingFavourite: &request.Data.Alerts.PendingFavourite,
NotifyPendingReply: &request.Data.Alerts.PendingReply,
NotifyPendingReblog: &request.Data.Alerts.PendingReblog,
}
if err := p.state.DB.PutWebPushSubscription(ctx, subscription); err != nil {
return nil, gtserror.NewErrorInternalError(
gtserror.Newf("couldn't create Web Push subscription for token ID %s: %w", tokenID, err),
)
}
return p.apiSubscription(ctx, subscription)
}

View file

@ -0,0 +1,40 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push
import (
"context"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
)
// Delete deletes the Web Push subscription for the given access token, if there is one.
func (p *Processor) Delete(ctx context.Context, accessToken string) gtserror.WithCode {
tokenID, errWithCode := p.getTokenID(ctx, accessToken)
if errWithCode != nil {
return errWithCode
}
if err := p.state.DB.DeleteWebPushSubscriptionByTokenID(ctx, tokenID); err != nil {
return gtserror.NewErrorInternalError(
gtserror.Newf("couldn't delete Web Push subscription for token ID %s: %w", tokenID, err),
)
}
return nil
}

View file

@ -0,0 +1,47 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push
import (
"context"
"errors"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
"github.com/superseriousbusiness/gotosocial/internal/db"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
)
// Get returns the Web Push subscription for the given access token.
func (p *Processor) Get(ctx context.Context, accessToken string) (*apimodel.WebPushSubscription, gtserror.WithCode) {
tokenID, errWithCode := p.getTokenID(ctx, accessToken)
if errWithCode != nil {
return nil, errWithCode
}
subscription, err := p.state.DB.GetWebPushSubscriptionByTokenID(ctx, tokenID)
if err != nil && !errors.Is(err, db.ErrNoEntries) {
return nil, gtserror.NewErrorInternalError(
gtserror.Newf("couldn't get Web Push subscription for token ID %s: %w", tokenID, err),
)
}
if subscription == nil {
return nil, gtserror.NewErrorNotFound(errors.New("no Web Push subscription exists for this access token"))
}
return p.apiSubscription(ctx, subscription)
}

View file

@ -0,0 +1,66 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push
import (
"context"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/state"
"github.com/superseriousbusiness/gotosocial/internal/typeutils"
)
type Processor struct {
state *state.State
converter *typeutils.Converter
}
func New(state *state.State, converter *typeutils.Converter) Processor {
return Processor{
state: state,
converter: converter,
}
}
// getTokenID returns the token ID for a given access token.
// Since all push API calls require authentication, this should always be available.
func (p *Processor) getTokenID(ctx context.Context, accessToken string) (string, gtserror.WithCode) {
token, err := p.state.DB.GetTokenByAccess(ctx, accessToken)
if err != nil {
return "", gtserror.NewErrorInternalError(
gtserror.Newf("couldn't find token ID for access token: %w", err),
)
}
return token.ID, nil
}
// apiSubscription is a shortcut to return the API version of the given Web Push subscription,
// or return an appropriate error if conversion fails.
func (p *Processor) apiSubscription(ctx context.Context, subscription *gtsmodel.WebPushSubscription) (*apimodel.WebPushSubscription, gtserror.WithCode) {
apiSubscription, err := p.converter.WebPushSubscriptionToAPIWebPushSubscription(ctx, subscription)
if err != nil {
return nil, gtserror.NewErrorInternalError(
gtserror.Newf("error converting Web Push subscription %s to API representation: %w", subscription.ID, err),
)
}
return apiSubscription, nil
}

View file

@ -0,0 +1,88 @@
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package push
import (
"context"
"errors"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
"github.com/superseriousbusiness/gotosocial/internal/db"
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
)
// Update updates the Web Push subscription for the given access token.
func (p *Processor) Update(
ctx context.Context,
accessToken string,
request *apimodel.WebPushSubscriptionUpdateRequest,
) (*apimodel.WebPushSubscription, gtserror.WithCode) {
tokenID, errWithCode := p.getTokenID(ctx, accessToken)
if errWithCode != nil {
return nil, errWithCode
}
// Get existing subscription.
subscription, err := p.state.DB.GetWebPushSubscriptionByTokenID(ctx, tokenID)
if err != nil && !errors.Is(err, db.ErrNoEntries) {
return nil, gtserror.NewErrorInternalError(
gtserror.Newf("couldn't get Web Push subscription for token ID %s: %w", tokenID, err),
)
}
if subscription == nil {
return nil, gtserror.NewErrorNotFound(errors.New("no Web Push subscription exists for this access token"))
}
// Update it.
subscription.NotifyFollow = &request.Data.Alerts.Follow
subscription.NotifyFollowRequest = &request.Data.Alerts.FollowRequest
subscription.NotifyFavourite = &request.Data.Alerts.Favourite
subscription.NotifyMention = &request.Data.Alerts.Mention
subscription.NotifyReblog = &request.Data.Alerts.Reblog
subscription.NotifyPoll = &request.Data.Alerts.Poll
subscription.NotifyStatus = &request.Data.Alerts.Status
subscription.NotifyUpdate = &request.Data.Alerts.Update
subscription.NotifyAdminSignup = &request.Data.Alerts.AdminSignup
subscription.NotifyAdminReport = &request.Data.Alerts.AdminReport
subscription.NotifyPendingFavourite = &request.Data.Alerts.PendingFavourite
subscription.NotifyPendingReply = &request.Data.Alerts.PendingReply
subscription.NotifyPendingReblog = &request.Data.Alerts.PendingReblog
if err = p.state.DB.UpdateWebPushSubscription(
ctx,
subscription,
"notify_follow",
"notify_follow_request",
"notify_favourite",
"notify_mention",
"notify_reblog",
"notify_poll",
"notify_status",
"notify_update",
"notify_admin_signup",
"notify_admin_report",
"notify_pending_favourite",
"notify_pending_reply",
"notify_pending_reblog",
); err != nil {
return nil, gtserror.NewErrorInternalError(
gtserror.Newf("couldn't update Web Push subscription for token ID %s: %w", tokenID, err),
)
}
return p.apiSubscription(ctx, subscription)
}

View file

@ -2816,3 +2816,34 @@ func (c *Converter) InteractionReqToAPIInteractionReq(
URI: req.URI, URI: req.URI,
}, nil }, nil
} }
func (c *Converter) WebPushSubscriptionToAPIWebPushSubscription(
ctx context.Context,
subscription *gtsmodel.WebPushSubscription,
) (*apimodel.WebPushSubscription, error) {
vapidKeyPair, err := c.state.DB.GetVAPIDKeyPair(ctx)
if err != nil {
return nil, gtserror.Newf("error getting VAPID key pair: %w", err)
}
return &apimodel.WebPushSubscription{
ID: subscription.ID,
Endpoint: subscription.Endpoint,
ServerKey: vapidKeyPair.Public,
Alerts: apimodel.WebPushSubscriptionAlerts{
Follow: *subscription.NotifyFollow,
FollowRequest: *subscription.NotifyFollowRequest,
Favourite: *subscription.NotifyFavourite,
Mention: *subscription.NotifyMention,
Reblog: *subscription.NotifyReblog,
Poll: *subscription.NotifyPoll,
Status: *subscription.NotifyStatus,
Update: *subscription.NotifyUpdate,
AdminSignup: *subscription.NotifyAdminSignup,
AdminReport: *subscription.NotifyAdminReport,
PendingFavourite: *subscription.NotifyPendingFavourite,
PendingReply: *subscription.NotifyPendingReply,
PendingReblog: *subscription.NotifyPendingReblog,
},
}, nil
}

View file

@ -101,7 +101,7 @@ func (r *realSender) Send(
case gtsmodel.NotificationAdminReport: case gtsmodel.NotificationAdminReport:
notify = *subscription.NotifyAdminReport notify = *subscription.NotifyAdminReport
case gtsmodel.NotificationPendingFave: case gtsmodel.NotificationPendingFave:
notify = *subscription.NotifyPendingFave notify = *subscription.NotifyPendingFavourite
case gtsmodel.NotificationPendingReply: case gtsmodel.NotificationPendingReply:
notify = *subscription.NotifyPendingReply notify = *subscription.NotifyPendingReply
case gtsmodel.NotificationPendingReblog: case gtsmodel.NotificationPendingReblog:
@ -174,7 +174,7 @@ func (r *realSender) sendToSubscription(
} }
// Create push notification payload struct. // Create push notification payload struct.
pushNotification := &apimodel.PushNotification{ pushNotification := &apimodel.WebPushNotification{
NotificationID: apiNotification.ID, NotificationID: apiNotification.ID,
NotificationType: apiNotification.Type, NotificationType: apiNotification.Type,
Icon: apiNotification.Account.Avatar, Icon: apiNotification.Account.Avatar,

View file

@ -3495,7 +3495,7 @@ func NewTestWebPushSubscriptions() map[string]*gtsmodel.WebPushSubscription {
NotifyUpdate: util.Ptr(true), NotifyUpdate: util.Ptr(true),
NotifyAdminSignup: util.Ptr(true), NotifyAdminSignup: util.Ptr(true),
NotifyAdminReport: util.Ptr(true), NotifyAdminReport: util.Ptr(true),
NotifyPendingFave: util.Ptr(true), NotifyPendingFavourite: util.Ptr(true),
NotifyPendingReply: util.Ptr(true), NotifyPendingReply: util.Ptr(true),
NotifyPendingReblog: util.Ptr(true), NotifyPendingReblog: util.Ptr(true),
}, },