From 27073138aea8b4282a2a45b7ecf231c40beeb639 Mon Sep 17 00:00:00 2001
From: alemi <me@alemi.dev>
Date: Mon, 20 May 2024 05:18:27 +0200
Subject: [PATCH] feat: proxy url

should be properly activitypub compliant
---
 src/routes/activitypub/application.rs | 32 +++++++++++++++++++++++----
 src/routes/activitypub/mod.rs         |  3 ++-
 src/routes/activitypub/user/mod.rs    |  1 +
 3 files changed, 31 insertions(+), 5 deletions(-)

diff --git a/src/routes/activitypub/application.rs b/src/routes/activitypub/application.rs
index 512cefb..ab62214 100644
--- a/src/routes/activitypub/application.rs
+++ b/src/routes/activitypub/application.rs
@@ -1,5 +1,5 @@
 use apb::{ActorMut, BaseMut, ObjectMut, PublicKeyMut};
-use axum::{extract::{Query, State}, http::HeaderMap, response::{IntoResponse, Redirect, Response}, Json};
+use axum::{extract::{Query, State}, http::HeaderMap, response::{IntoResponse, Redirect, Response}, Form, Json};
 use reqwest::Method;
 
 use crate::{errors::UpubError, server::{auth::{AuthIdentity, Identity}, fetcher::Fetcher, Context}, url};
@@ -44,12 +44,12 @@ pub struct FetchPath {
 	id: String,
 }
 
-pub async fn debug(
+pub async fn proxy_get(
 	State(ctx): State<Context>,
 	Query(query): Query<FetchPath>,
 	AuthIdentity(auth): AuthIdentity,
 ) -> crate::Result<Json<serde_json::Value>> {
-	// only local users can request debug fetches
+	// only local users can request fetches
 	if !ctx.cfg().security.allow_public_debugger && !matches!(auth, Identity::Local(_)) {
 		return Err(UpubError::unauthorized());
 	}
@@ -60,7 +60,31 @@ pub async fn debug(
 			None,
 			&ctx.base(),
 			&ctx.app().private_key,
-			&format!("{}|devtools", ctx.domain()),
+			&format!("{}+proxy", ctx.domain()),
+		)
+			.await?
+			.json::<serde_json::Value>()
+			.await?
+	))
+}
+
+pub async fn proxy_form(
+	State(ctx): State<Context>,
+	AuthIdentity(auth): AuthIdentity,
+	Form(query): Form<FetchPath>,
+) -> crate::Result<Json<serde_json::Value>> {
+	// only local users can request fetches
+	if !ctx.cfg().security.allow_public_debugger && !matches!(auth, Identity::Local(_)) {
+		return Err(UpubError::unauthorized());
+	}
+	Ok(Json(
+		Context::request(
+			Method::GET,
+			&query.id,
+			None,
+			&ctx.base(),
+			&ctx.app().private_key,
+			&format!("{}+proxy", ctx.domain()),
 		)
 			.await?
 			.json::<serde_json::Value>()
diff --git a/src/routes/activitypub/mod.rs b/src/routes/activitypub/mod.rs
index 8b35705..743b84c 100644
--- a/src/routes/activitypub/mod.rs
+++ b/src/routes/activitypub/mod.rs
@@ -25,7 +25,8 @@ impl ActivityPubRouter for Router<crate::server::Context> {
 			// core server inbox/outbox, maybe for feeds? TODO do we need these?
 			.route("/", get(ap::application::view))
 			// fetch route, to debug and retreive remote objects
-			.route("/dbg", get(ap::application::debug))
+			.route("/proxy", get(ap::application::proxy_get))
+			.route("/proxy", post(ap::application::proxy_form))
 			// TODO shared inboxes and instance stream will come later, just use users *boxes for now
 			.route("/inbox", post(ap::inbox::post))
 			.route("/inbox", get(ap::inbox::get))
diff --git a/src/routes/activitypub/user/mod.rs b/src/routes/activitypub/user/mod.rs
index 0550834..5879c81 100644
--- a/src/routes/activitypub/user/mod.rs
+++ b/src/routes/activitypub/user/mod.rs
@@ -77,6 +77,7 @@ pub async fn view(
 				.set_endpoints(Node::object(
 					serde_json::Value::new_object()
 						.set_shared_inbox(Some(&url!(ctx, "/inbox")))
+						.set_proxy_url(Some(&url!(ctx, "/proxy")))
 				));
 
 			if !auth.is(&uid) && !cfg.show_followers_count {