upub/src/server/fetcher.rs

use std::collections::BTreeMap;

use apb::target::Addressed;
use base64::Engine;
use reqwest::{header::{ACCEPT, CONTENT_TYPE, USER_AGENT}, Method, Response};
use sea_orm::{EntityTrait, IntoActiveModel};

use crate::{model, VERSION};

use super::{auth::HttpSignature, Context};

#[axum::async_trait]
pub trait Fetcher {
	async fn request(
		method: reqwest::Method,
		url: &str,
		payload: Option<&str>,
		from: &str,
		key: &str,
		domain: &str,
	) -> crate::Result<Response>;

	async fn fetch_user(&self, id: &str) -> crate::Result<model::user::Model>;
	async fn fetch_object(&self, id: &str) -> crate::Result<model::object::Model>;
	async fn fetch_activity(&self, id: &str) -> crate::Result<model::activity::Model>;
}


#[axum::async_trait]
impl Fetcher for Context {
	async fn request(
		method: reqwest::Method,
		url: &str,
		payload: Option<&str>,
		from: &str,
		key: &str,
		domain: &str,
	) -> crate::Result<Response> {
		let host = Context::server(url);
		let date = chrono::Utc::now().format("%a, %d %b %Y %H:%M:%S GMT").to_string(); // lmao @ "GMT"
		let path = url.replace("https://", "").replace("http://", "").replace(&host, "");

		let mut headers = vec!["(request-target)", "host", "date"];
		let mut headers_map : BTreeMap<String, String> = [
			("host".to_string(), host.clone()),
			("date".to_string(), date.clone()),
		].into();

		let mut client = reqwest::Client::new()
			.request(method.clone(), url)
			.header(ACCEPT, "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"")
			.header(CONTENT_TYPE, "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"")
			.header(USER_AGENT, format!("upub+{VERSION} ({domain})"))
			.header("Host", host.clone())
			.header("Date", date.clone());


		if let Some(payload) = payload {
			let digest = format!("sha-256={}", base64::prelude::BASE64_STANDARD.encode(openssl::sha::sha256(payload.as_bytes())));
			headers_map.insert("digest".to_string(), digest.clone());
			headers.push("digest");
			client = client
				.header("Digest", digest)
				.body(payload.to_string());
		}

		let mut signer = HttpSignature::new(
			format!("{from}#main-key"), // TODO don't hardcode #main-key
			"rsa-sha256".to_string(),
			&headers,
		);
		
		signer
			.build_manually(&method.to_string().to_lowercase(), &path, headers_map)
			.sign(key)?;

		let res = client
				.header("Signature", signer.header())
				.send()
				.await?;

		Ok(res.error_for_status()?)
	}

	async fn fetch_user(&self, id: &str) -> crate::Result<model::user::Model> {
		if let Some(x) = model::user::Entity::find_by_id(id).one(self.db()).await? {
			return Ok(x); // already in db, easy
		}

		let user = Self::request(
			Method::GET, id, None, &format!("https://{}", self.base()), &self.app().private_key, self.base(),
		).await?.json::<serde_json::Value>().await?;
		let user_model = model::user::Model::new(&user)?;

		model::user::Entity::insert(user_model.clone().into_active_model())
			.exec(self.db()).await?;

		Ok(user_model)
	}

	async fn fetch_activity(&self, id: &str) -> crate::Result<model::activity::Model> {
		if let Some(x) = model::activity::Entity::find_by_id(id).one(self.db()).await? {
			return Ok(x); // already in db, easy
		}

		let activity = Self::request(
			Method::GET, id, None, &format!("https://{}", self.base()), &self.app().private_key, self.base(),
		).await?.json::<serde_json::Value>().await?;

		let addressed = activity.addressed();
		let activity_model = model::activity::Model::new(&activity)?;

		model::activity::Entity::insert(activity_model.clone().into_active_model())
			.exec(self.db()).await?;

		let expanded_addresses = self.expand_addressing(addressed).await?;
		self.address_to(&activity_model.id, activity_model.object.as_deref(), &expanded_addresses).await?;

		Ok(activity_model)
	}

	async fn fetch_object(&self, id: &str) -> crate::Result<model::object::Model> {
		if let Some(x) = model::object::Entity::find_by_id(id).one(self.db()).await? {
			return Ok(x); // already in db, easy
		}

		let object = Self::request(
			Method::GET, id, None, &format!("https://{}", self.base()), &self.app().private_key, self.base(),
		).await?.json::<serde_json::Value>().await?;

		let addressed = object.addressed();
		let object_model = model::object::Model::new(&object)?;

		model::object::Entity::insert(object_model.clone().into_active_model())
			.exec(self.db()).await?;

		let expanded_addresses = self.expand_addressing(addressed).await?;
		// TODO we don't know which activity created this!
		self.address_to("", Some(&object_model.id), &expanded_addresses).await?;

		Ok(object_model)
	}
}

#[axum::async_trait]
pub trait Fetchable : Sync + Send {
	async fn fetch(&mut self, ctx: &crate::server::Context) -> crate::Result<&mut Self>;
}

#[axum::async_trait]
impl Fetchable for apb::Node<serde_json::Value> {
	async fn fetch(&mut self, ctx: &crate::server::Context) -> crate::Result<&mut Self> {
		if let apb::Node::Link(uri) = self {
			let from = format!("{}{}", ctx.protocol(), ctx.base()); // TODO helper to avoid this?
			let pkey = &ctx.app().private_key;
			*self = Context::request(Method::GET, uri.href(), None, &from, pkey, ctx.base())
				.await?
				.json::<serde_json::Value>()
				.await?
				.into();
		}

		Ok(self)
	}
}
feat: improved http signatures code 2024-04-13 21:22:19 +02:00			`use std::collections::BTreeMap;`

fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`use apb::target::Addressed;`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00			`use base64::Engine;`
fix: fetcher specifies application/json 2024-04-13 04:21:33 +02:00			`use reqwest::{header::{ACCEPT, CONTENT_TYPE, USER_AGENT}, Method, Response};`
fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`use sea_orm::{EntityTrait, IntoActiveModel};`
feat: added basic fetcher, get keys at startup 2024-03-25 21:19:02 +01:00
fix: force overrule signature algorithm really what????? 2024-04-13 03:03:54 +02:00			`use crate::{model, VERSION};`
feat: added basic fetcher, get keys at startup 2024-03-25 21:19:02 +01:00
feat: improved http signatures code 2024-04-13 21:22:19 +02:00			`use super::{auth::HttpSignature, Context};`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00
fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`#[axum::async_trait]`
			`pub trait Fetcher {`
			`async fn request(`
			`method: reqwest::Method,`
			`url: &str,`
			`payload: Option<&str>,`
			`from: &str,`
			`key: &str,`
			`domain: &str,`
			`) -> crate::Result<Response>;`
feat: added basic fetcher, get keys at startup 2024-03-25 21:19:02 +01:00
fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`async fn fetch_user(&self, id: &str) -> crate::Result<model::user::Model>;`
			`async fn fetch_object(&self, id: &str) -> crate::Result<model::object::Model>;`
			`async fn fetch_activity(&self, id: &str) -> crate::Result<model::activity::Model>;`
feat: added basic fetcher, get keys at startup 2024-03-25 21:19:02 +01:00			`}`


fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`#[axum::async_trait]`
			`impl Fetcher for Context {`
			`async fn request(`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00			`method: reqwest::Method,`
			`url: &str,`
			`payload: Option<&str>,`
			`from: &str,`
feat: improved http signatures code 2024-04-13 21:22:19 +02:00			`key: &str,`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00			`domain: &str,`
feat: improved http signatures code 2024-04-13 21:22:19 +02:00			`) -> crate::Result<Response> {`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00			`let host = Context::server(url);`
			`let date = chrono::Utc::now().format("%a, %d %b %Y %H:%M:%S GMT").to_string(); // lmao @ "GMT"`
			`let path = url.replace("https://", "").replace("http://", "").replace(&host, "");`
feat: improved http signatures code 2024-04-13 21:22:19 +02:00
			`let mut headers = vec!["(request-target)", "host", "date"];`
			`let mut headers_map : BTreeMap<String, String> = [`
			`("host".to_string(), host.clone()),`
			`("date".to_string(), date.clone()),`
			`].into();`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00
fix: mastodon compat 2024-04-13 02:35:18 +02:00			`let mut client = reqwest::Client::new()`
fix: also in case of digest 2024-04-13 04:31:50 +02:00			`.request(method.clone(), url)`
fix: fetcher specifies application/json 2024-04-13 04:21:33 +02:00			`.header(ACCEPT, "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"")`
fix: mastodon compat 2024-04-13 02:35:18 +02:00			`.header(CONTENT_TYPE, "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"")`
			`.header(USER_AGENT, format!("upub+{VERSION} ({domain})"))`
fix: having more fun with http signatures 2024-04-13 02:55:10 +02:00			`.header("Host", host.clone())`
			`.header("Date", date.clone());`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00
fix: also in case of digest 2024-04-13 04:31:50 +02:00
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00			`if let Some(payload) = payload {`
			`let digest = format!("sha-256={}", base64::prelude::BASE64_STANDARD.encode(openssl::sha::sha256(payload.as_bytes())));`
feat: improved http signatures code 2024-04-13 21:22:19 +02:00			`headers_map.insert("digest".to_string(), digest.clone());`
			`headers.push("digest");`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00			`client = client`
			`.header("Digest", digest)`
			`.body(payload.to_string());`
feat: added basic fetcher, get keys at startup 2024-03-25 21:19:02 +01:00			`}`

feat: improved http signatures code 2024-04-13 21:22:19 +02:00			`let mut signer = HttpSignature::new(`
			`format!("{from}#main-key"), // TODO don't hardcode #main-key`
			`"rsa-sha256".to_string(),`
			`&headers,`
			`);`

			`signer`
			`.build_manually(&method.to_string().to_lowercase(), &path, headers_map)`
			`.sign(key)?;`

			`let res = client`
			`.header("Signature", signer.header())`
			`.send()`
			`.await?;`

			`Ok(res.error_for_status()?)`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00			`}`

fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`async fn fetch_user(&self, id: &str) -> crate::Result<model::user::Model> {`
			`if let Some(x) = model::user::Entity::find_by_id(id).one(self.db()).await? {`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00			`return Ok(x); // already in db, easy`
			`}`
feat: added basic fetcher, get keys at startup 2024-03-25 21:19:02 +01:00
fix: return response rather than parsing so that deliveries work 2024-04-13 03:21:25 +02:00			`let user = Self::request(`
fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`Method::GET, id, None, &format!("https://{}", self.base()), &self.app().private_key, self.base(),`
fix: return response rather than parsing so that deliveries work 2024-04-13 03:21:25 +02:00			`).await?.json::<serde_json::Value>().await?;`
feat: added basic fetcher, get keys at startup 2024-03-25 21:19:02 +01:00			`let user_model = model::user::Model::new(&user)?;`

			`model::user::Entity::insert(user_model.clone().into_active_model())`
fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`.exec(self.db()).await?;`
feat: added basic fetcher, get keys at startup 2024-03-25 21:19:02 +01:00
			`Ok(user_model)`
			`}`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00
fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`async fn fetch_activity(&self, id: &str) -> crate::Result<model::activity::Model> {`
			`if let Some(x) = model::activity::Entity::find_by_id(id).one(self.db()).await? {`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00			`return Ok(x); // already in db, easy`
			`}`

fix: return response rather than parsing so that deliveries work 2024-04-13 03:21:25 +02:00			`let activity = Self::request(`
fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`Method::GET, id, None, &format!("https://{}", self.base()), &self.app().private_key, self.base(),`
fix: return response rather than parsing so that deliveries work 2024-04-13 03:21:25 +02:00			`).await?.json::<serde_json::Value>().await?;`
fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00
			`let addressed = activity.addressed();`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00			`let activity_model = model::activity::Model::new(&activity)?;`

			`model::activity::Entity::insert(activity_model.clone().into_active_model())`
fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`.exec(self.db()).await?;`

			`let expanded_addresses = self.expand_addressing(addressed).await?;`
			`self.address_to(&activity_model.id, activity_model.object.as_deref(), &expanded_addresses).await?;`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00
			`Ok(activity_model)`
			`}`

fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`async fn fetch_object(&self, id: &str) -> crate::Result<model::object::Model> {`
			`if let Some(x) = model::object::Entity::find_by_id(id).one(self.db()).await? {`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00			`return Ok(x); // already in db, easy`
			`}`

fix: return response rather than parsing so that deliveries work 2024-04-13 03:21:25 +02:00			`let object = Self::request(`
fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`Method::GET, id, None, &format!("https://{}", self.base()), &self.app().private_key, self.base(),`
fix: return response rather than parsing so that deliveries work 2024-04-13 03:21:25 +02:00			`).await?.json::<serde_json::Value>().await?;`
fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00
			`let addressed = object.addressed();`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00			`let object_model = model::object::Model::new(&object)?;`

			`model::object::Entity::insert(object_model.clone().into_active_model())`
fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`.exec(self.db()).await?;`

			`let expanded_addresses = self.expand_addressing(addressed).await?;`
			`// TODO we don't know which activity created this!`
			`self.address_to("", Some(&object_model.id), &expanded_addresses).await?;`
feat: signed fetches, improved signatures code should make sure that it still works 2024-04-13 00:44:53 +02:00
			`Ok(object_model)`
			`}`
feat: added basic fetcher, get keys at startup 2024-03-25 21:19:02 +01:00			`}`
feat: node.fetch() is now signed 2024-04-13 22:13:36 +02:00
			`#[axum::async_trait]`
			`pub trait Fetchable : Sync + Send {`
			`async fn fetch(&mut self, ctx: &crate::server::Context) -> crate::Result<&mut Self>;`
			`}`

			`#[axum::async_trait]`
			`impl Fetchable for apb::Node<serde_json::Value> {`
			`async fn fetch(&mut self, ctx: &crate::server::Context) -> crate::Result<&mut Self> {`
			`if let apb::Node::Link(uri) = self {`
			`let from = format!("{}{}", ctx.protocol(), ctx.base()); // TODO helper to avoid this?`
			`let pkey = &ctx.app().private_key;`
fix: insert addressings after fetching also refactored fetcher into a trait of context 2024-04-18 05:25:56 +02:00			`*self = Context::request(Method::GET, uri.href(), None, &from, pkey, ctx.base())`
feat: node.fetch() is now signed 2024-04-13 22:13:36 +02:00			`.await?`
			`.json::<serde_json::Value>()`
			`.await?`
			`.into();`
			`}`

			`Ok(self)`
			`}`
			`}`