upub/src/routes/activitypub/inbox.rs

use apb::{server::Inbox, Activity, ActivityType};
use axum::{extract::{Query, State}, http::StatusCode, Json};

use crate::{errors::UpubError, server::{auth::{AuthIdentity, Identity}, Context}, url};

use super::{JsonLD, Pagination};


pub async fn get(
	State(ctx): State<Context>,
) -> crate::Result<JsonLD<serde_json::Value>> {
	crate::server::builders::collection(&url!(ctx, "/inbox"), None)
}

pub async fn page(
	State(ctx): State<Context>,
	AuthIdentity(auth): AuthIdentity,
	Query(page): Query<Pagination>,
) -> crate::Result<JsonLD<serde_json::Value>> {
	crate::server::builders::paginate(
		url!(ctx, "/inbox/page"),
		auth.filter_condition(),
		ctx.db(),
		page
	)
		.await
}

macro_rules! pretty_json {
	($json:ident) => {
		serde_json::to_string_pretty(&$json).expect("failed serializing to string serde_json::Value")
	}
}


pub async fn post(
	State(ctx): State<Context>,
	AuthIdentity(auth): AuthIdentity,
	Json(activity): Json<serde_json::Value>
) -> crate::Result<()> {
	let Identity::Remote(server) = auth else {
		if activity.activity_type() != Some(ActivityType::Delete) { // this is spammy af, ignore them!
			tracing::warn!("refusing unauthorized activity: {}", pretty_json!(activity));
		}
		if matches!(auth, Identity::Anonymous) {
			return Err(UpubError::unauthorized());
		} else {
			return Err(UpubError::forbidden());
		}
	};

	let Some(actor) = activity.actor().id() else {
		return Err(UpubError::bad_request());
	};

	// TODO add whitelist of relays
	if !server.ends_with(&Context::server(&actor)) {
		return Err(UpubError::unauthorized());
	}

	// TODO we could process Links and bare Objects maybe, but probably out of AP spec?
	match activity.activity_type().ok_or_else(UpubError::bad_request)? {
		ActivityType::Activity => {
			tracing::warn!("skipping unprocessable base activity: {}", pretty_json!(activity));
			Err(StatusCode::UNPROCESSABLE_ENTITY.into()) // won't ingest useless stuff
		},

		ActivityType::Create => Ok(ctx.create(server, activity).await?),
		ActivityType::Like => Ok(ctx.like(server, activity).await?),
		ActivityType::Follow => Ok(ctx.follow(server, activity).await?),
		ActivityType::Announce => Ok(ctx.announce(server, activity).await?),
		ActivityType::Accept(_) => Ok(ctx.accept(server, activity).await?),
		ActivityType::Reject(_) => Ok(ctx.reject(server, activity).await?),
		ActivityType::Undo => Ok(ctx.undo(server, activity).await?),
		ActivityType::Delete => Ok(ctx.delete(server, activity).await?),
		ActivityType::Update => Ok(ctx.update(server, activity).await?),

		_x => {
			tracing::info!("received unimplemented activity on inbox: {}", pretty_json!(activity));
			Err(StatusCode::NOT_IMPLEMENTED.into())
		},
	}
}
chore: unused imports 2024-04-14 16:57:36 +02:00			`use apb::{server::Inbox, Activity, ActivityType};`
feat: added all inboxes and outboxes base POST to /outbox still returns NOT IMPLEMENTED tho 2024-04-12 20:01:47 +02:00			`use axum::{extract::{Query, State}, http::StatusCode, Json};`
chore: split inbox/outbox, added forgotten mods 2024-03-24 04:05:09 +01:00
fix: big refactor of timelines querying should not be more reliable, consistent and all around less buggy, but it may actually break some things so let's find out 2024-04-24 02:31:35 +02:00			`use crate::{errors::UpubError, server::{auth::{AuthIdentity, Identity}, Context}, url};`
chore: split inbox/outbox, added forgotten mods 2024-03-24 04:05:09 +01:00
fix: big refactor of timelines querying should not be more reliable, consistent and all around less buggy, but it may actually break some things so let's find out 2024-04-24 02:31:35 +02:00			`use super::{JsonLD, Pagination};`
chore: split inbox/outbox, added forgotten mods 2024-03-24 04:05:09 +01:00

chore: refactor collections with utils, moved stuff 2024-03-28 04:52:17 +01:00			`pub async fn get(`
			`State(ctx): State<Context>,`
fix: big refactor of timelines querying should not be more reliable, consistent and all around less buggy, but it may actually break some things so let's find out 2024-04-24 02:31:35 +02:00			`) -> crate::Result<JsonLD<serde_json::Value>> {`
			`crate::server::builders::collection(&url!(ctx, "/inbox"), None)`
chore: refactor collections with utils, moved stuff 2024-03-28 04:52:17 +01:00			`}`

			`pub async fn page(`
			`State(ctx): State<Context>,`
			`AuthIdentity(auth): AuthIdentity,`
			`Query(page): Query<Pagination>,`
chore: refactored a little 2024-04-12 22:56:29 +02:00			`) -> crate::Result<JsonLD<serde_json::Value>> {`
fix: big refactor of timelines querying should not be more reliable, consistent and all around less buggy, but it may actually break some things so let's find out 2024-04-24 02:31:35 +02:00			`crate::server::builders::paginate(`
			`url!(ctx, "/inbox/page"),`
			`auth.filter_condition(),`
			`ctx.db(),`
			`page`
			`)`
			`.await`
chore: split inbox/outbox, added forgotten mods 2024-03-24 04:05:09 +01:00			`}`
feat: added all inboxes and outboxes base POST to /outbox still returns NOT IMPLEMENTED tho 2024-04-12 20:01:47 +02:00
fix: track deletions and rejected activities 2024-04-18 14:01:55 +02:00			`macro_rules! pretty_json {`
			`($json:ident) => {`
			`serde_json::to_string_pretty(&$json).expect("failed serializing to string serde_json::Value")`
			`}`
			`}`
feat: inbox requests remote server auth 2024-04-13 01:49:04 +02:00

feat: added all inboxes and outboxes base POST to /outbox still returns NOT IMPLEMENTED tho 2024-04-12 20:01:47 +02:00			`pub async fn post(`
			`State(ctx): State<Context>,`
feat: inbox requests remote server auth 2024-04-13 01:49:04 +02:00			`AuthIdentity(auth): AuthIdentity,`
feat: added all inboxes and outboxes base POST to /outbox still returns NOT IMPLEMENTED tho 2024-04-12 20:01:47 +02:00			`Json(activity): Json<serde_json::Value>`
feat: inbox requests remote server auth 2024-04-13 01:49:04 +02:00			`) -> crate::Result<()> {`
feat: implemented authed inbox 2024-04-22 22:52:05 +02:00			`let Identity::Remote(server) = auth else {`
fix: jfc mastodon stop sending me deletions!!!!!!! 2024-04-19 16:15:05 +02:00			`if activity.activity_type() != Some(ActivityType::Delete) { // this is spammy af, ignore them!`
			`tracing::warn!("refusing unauthorized activity: {}", pretty_json!(activity));`
			`}`
feat: implemented authed inbox 2024-04-22 22:52:05 +02:00			`if matches!(auth, Identity::Anonymous) {`
			`return Err(UpubError::unauthorized());`
			`} else {`
			`return Err(UpubError::forbidden());`
fix: track deletions and rejected activities 2024-04-18 14:01:55 +02:00			`}`
feat: implemented authed inbox 2024-04-22 22:52:05 +02:00			`};`

			`let Some(actor) = activity.actor().id() else {`
			`return Err(UpubError::bad_request());`
			`};`

			`// TODO add whitelist of relays`
			`if !server.ends_with(&Context::server(&actor)) {`
			`return Err(UpubError::unauthorized());`
feat: inbox requests remote server auth 2024-04-13 01:49:04 +02:00			`}`
feat: added all inboxes and outboxes base POST to /outbox still returns NOT IMPLEMENTED tho 2024-04-12 20:01:47 +02:00
feat: process some Undo activities, small refactor 2024-04-14 16:47:36 +02:00			`// TODO we could process Links and bare Objects maybe, but probably out of AP spec?`
			`match activity.activity_type().ok_or_else(UpubError::bad_request)? {`
			`ActivityType::Activity => {`
fix: track deletions and rejected activities 2024-04-18 14:01:55 +02:00			`tracing::warn!("skipping unprocessable base activity: {}", pretty_json!(activity));`
feat: added all inboxes and outboxes base POST to /outbox still returns NOT IMPLEMENTED tho 2024-04-12 20:01:47 +02:00			`Err(StatusCode::UNPROCESSABLE_ENTITY.into()) // won't ingest useless stuff`
			`},`

feat: implemented authed inbox 2024-04-22 22:52:05 +02:00			`ActivityType::Create => Ok(ctx.create(server, activity).await?),`
			`ActivityType::Like => Ok(ctx.like(server, activity).await?),`
			`ActivityType::Follow => Ok(ctx.follow(server, activity).await?),`
			`ActivityType::Announce => Ok(ctx.announce(server, activity).await?),`
			`ActivityType::Accept(_) => Ok(ctx.accept(server, activity).await?),`
			`ActivityType::Reject(_) => Ok(ctx.reject(server, activity).await?),`
			`ActivityType::Undo => Ok(ctx.undo(server, activity).await?),`
			`ActivityType::Delete => Ok(ctx.delete(server, activity).await?),`
			`ActivityType::Update => Ok(ctx.update(server, activity).await?),`
feat: process some Undo activities, small refactor 2024-04-14 16:47:36 +02:00
			`_x => {`
fix: track deletions and rejected activities 2024-04-18 14:01:55 +02:00			`tracing::info!("received unimplemented activity on inbox: {}", pretty_json!(activity));`
feat: added all inboxes and outboxes base POST to /outbox still returns NOT IMPLEMENTED tho 2024-04-12 20:01:47 +02:00			`Err(StatusCode::NOT_IMPLEMENTED.into())`
			`},`
			`}`
			`}`