Commit graph

438 commits

Author SHA1 Message Date
bccf1f3a26
fix: ensure viewer has perms even for fetches
before, the first fetch would bypass addressing checks. now we always do
2 trips to db when viewing+fetching remote stuff: 1st to make sure we
  have it, second to make sure we can view it
2024-04-19 05:26:51 +02:00
d7ff6014c4
fix: select_object doesnt return embeddedactivity 2024-04-19 05:05:26 +02:00
4883597ee3
fix: don't rename columns while joining 2024-04-19 05:02:59 +02:00
629990fee8
fix: find objects not activities 2024-04-19 04:57:06 +02:00
ab5d0cb61a
fix: replies only in object view, page uris 2024-04-19 04:42:43 +02:00
67c4051226
feat: add context to outgoing posts 2024-04-19 04:25:17 +02:00
973a3060ac
feat: show replies collection inline with object 2024-04-19 04:04:19 +02:00
13533a58d9
feat: fetch replied posts, increase comment count 2024-04-19 04:03:57 +02:00
39add30876
chore: merge branch 'dev' of alemi.dev into dev 2024-04-19 03:32:56 +02:00
b3460690d9
feat: added /objects/.../replies collections
really not optimized, same with context, but may work?
2024-04-19 03:32:21 +02:00
b51f013138
feat: added context collections and endpoints 2024-04-19 03:29:28 +02:00
dfe116506a
chore: refactor
moved into models converters to ap objects, single conditions are now
direct column checks
2024-04-19 03:28:39 +02:00
fc6aedbca1 fix: track deletions and rejected activities 2024-04-18 14:01:55 +02:00
a4c555d0c5 fix: deliveries will try to resolve actor inbox 2024-04-18 07:02:42 +02:00
2073015b7f
feat: mock oauth login wellknown
looks like we will need oauth soon to be able to use even andstatus
2024-04-18 05:49:17 +02:00
f4252a2fbf
fix: insert addressings after fetching
also refactored fetcher into a trait of context
2024-04-18 05:25:56 +02:00
93b5c0cd4a
fix: only fetch remote objects to avoid recursion 2024-04-18 04:50:06 +02:00
3a79ca05a2
feat: local users can request to fetch remote stuff 2024-04-18 04:48:49 +02:00
b2e6703b0e
feat: also fetch liked posts 2024-04-18 04:38:21 +02:00
5f8d8be05a
fix: show in_reply_to and statuses count 2024-04-18 04:14:16 +02:00
a897edd310
feat: add statuses count and in_reply_to fields
migration + models update
2024-04-18 04:09:13 +02:00
094a8b957c
fix: increase follow counts on Accept
both for inbox and outbox
2024-04-18 03:41:27 +02:00
45a69f0332
feat: show following/followers counts for users 2024-04-18 03:06:56 +02:00
8721a44354
feat: helper methods to handle auth cases 2024-04-18 03:06:40 +02:00
8aa80c7670
fix: faker inserts addressing too 2024-04-17 22:08:41 +02:00
267840a317
fix: not all keys are #main-key 2024-04-16 19:19:49 +02:00
dab4550d08
fix: show outbox for remote users with url trick 2024-04-16 08:04:08 +02:00
3cf401467e
feat: login tells you who you are 2024-04-15 22:29:55 +02:00
d5a83a5c7c
fix: attempt to select only one addressing 2024-04-15 22:10:49 +02:00
ee26596568
feat: allow to resolve local views of remote things
basically any id prefixed with + will be:
 * prefixed with 'https://'
 * have all '@' replaced with '/'
 * not be normalized with local domain patterns
thus allowing to look up kind of any url in our db

this is kinda reinventing the wheel, but i really don't want to have
local-only ids and would much rather have a local-only way to display
them, because at least everyone can understand it and look up anything
remote easily
2024-04-15 21:36:31 +02:00
f1ff946245
fix: also store public addrs for remote activities
oopsss thank you @prefetcher
2024-04-15 21:29:30 +02:00
a5454af7a3
chore: skeleton routes for likes&co and context 2024-04-15 01:56:54 +02:00
586f8d3f97
chore: unused imports 2024-04-14 16:57:36 +02:00
fd98864606
chore: some work on mastodon statuses route 2024-04-14 16:49:38 +02:00
b1b0aee2f9
feat: process some Undo activities, small refactor 2024-04-14 16:47:36 +02:00
b99ca9fa7e
feat: ignore deletions for GONE users
mastodon is quite spammy omg
2024-04-14 16:05:44 +02:00
19598aaffd
fix: order
was it just me being silly displaying it??? lol
2024-04-14 06:43:21 +02:00
8a14600311
fix: proper addressing creation for likes 2024-04-14 05:53:36 +02:00
b11da7f3c0
fix: oops i mixed up some fields 2024-04-14 03:48:37 +02:00
a735e16f73
fix: image and icon live under url 2024-04-14 03:39:52 +02:00
8b10bde544
feat: more consistent way to view remote users 2024-04-14 02:36:59 +02:00
6613f337ce
feat: cors and tracing layers 2024-04-13 22:31:46 +02:00
4d44688564
feat: dump json to stdout after fetching 2024-04-13 22:17:35 +02:00
c9a20b4e65
feat: node.fetch() is now signed 2024-04-13 22:13:36 +02:00
2e8d4323ee
fix: don't repeat (request-target) 2024-04-13 21:35:53 +02:00
027040604c
feat: improved http signatures code 2024-04-13 21:22:19 +02:00
f29d3baeb9
fix: name is nullable, preferredUsername is not 2024-04-13 16:43:19 +02:00
7f66851136
fix: Path<()>, not Path<>, Path<> 2024-04-13 06:55:16 +02:00
fc488e6b2f
feat: route for viewing specifically remote users
WIP, will probably go away in favor of a uniform route
2024-04-13 06:50:04 +02:00
9c9b5ec380
fix: standard base64 2024-04-13 06:06:05 +02:00
5d3c222774
fix: verify_oneshot, maybe makes a difference? 2024-04-13 06:02:50 +02:00
652af15771
fix: include method in request target 2024-04-13 05:36:29 +02:00
437859008c
feat: reimplemented from scratch http sig verify 2024-04-13 05:26:50 +02:00
6614f63f56
fix: added inbox and outbox to main app actor 2024-04-13 04:42:46 +02:00
72774d01ed
fix: also in case of digest 2024-04-13 04:31:50 +02:00
5f66ca4946
fix: oh my god if it was this ... 2024-04-13 04:31:36 +02:00
80d324ae03
fix: use method, don't hardcode "post" 2024-04-13 04:24:22 +02:00
1caaa08f78
fix: fetcher specifies application/json 2024-04-13 04:21:33 +02:00
2031d8de41
fix: upub error reports status codes as-is 2024-04-13 04:08:45 +02:00
861cd2297b
fix: why is it throwing 500??? 2024-04-13 03:47:04 +02:00
b4e82b551b
fix: going back to manual http signatures
at least those worked, what the fuck is up with this lib technology...
2024-04-13 03:41:36 +02:00
d60d29bf98
fix: continue as anon if can't fetch user 2024-04-13 03:31:37 +02:00
c342b7c936
fix: object view
quite wasteful to do it like this but for some reason previous way
didn't work??
2024-04-13 03:28:52 +02:00
bb16a5b7d2
fix: return response rather than parsing
so that deliveries work
2024-04-13 03:21:25 +02:00
855434ee12
fix: try using again the new lib? 2024-04-13 03:09:47 +02:00
3a48e91655
fix: force overrule signature algorithm
really what?????
2024-04-13 03:03:54 +02:00
70c978caa0
fix: having more fun with http signatures 2024-04-13 02:55:10 +02:00
ff55d2fea4
fix: mastodon compat 2024-04-13 02:35:18 +02:00
46bbeea3ab
feat: verify inbox http signatures 2024-04-13 01:49:23 +02:00
d66f09d130
feat: inbox requests remote server auth 2024-04-13 01:49:04 +02:00
5863bdf04e
feat: signed fetches, improved signatures code
should make sure that it still works
2024-04-13 00:44:53 +02:00
95ab7a50ef
chore: refactored a little 2024-04-12 22:56:29 +02:00
576e809b69
fix: timelines ordering
what??? ASCENDING goes from most recent to least recent?? maybe
ascending oldness??????
2024-04-12 22:41:04 +02:00
d3d5f98dfd
feat: authorized fetch on activities and objects 2024-04-12 22:21:23 +02:00
4e34446894
fix: oops must be generic impl 2024-04-12 21:55:19 +02:00
5de807b3d9
fix: don't clear audiences
still quite jank way to do it but at least should work again?
2024-04-12 21:42:06 +02:00
ca59c30e70
fix: auth filter conditions any, not all 2024-04-12 21:18:01 +02:00
0fa88e51e6
feat: added all inboxes and outboxes
base POST to /outbox still returns NOT IMPLEMENTED tho
2024-04-12 20:01:47 +02:00
af8d11e75b
feat: inbox/outbox security and obj embedding 2024-04-12 19:36:00 +02:00
0d340185cf
feat: improved addressing select 2024-04-12 19:35:26 +02:00
3a874ed3e7
fix: insert activities, expand addressing
remote activities for Likes and Follows should still be added to our
database so we know where to verify those and we can present them in a
timeline for notifications
2024-04-12 18:40:24 +02:00
9e67eead69
feat: multi-join maybe? fix inbox not embedding obj
got this from https://github.com/SeaQL/sea-orm/discussions/1502, not
sure it's what i need but i'm trying some stuff
2024-04-11 17:00:09 +02:00
d5c5d341e8
fix: ownerships 2024-04-11 16:59:47 +02:00
0261f87306
feat: first mastodon route yay, mastodon default on 2024-04-11 00:52:44 +02:00
86e84d88aa
chore: updated apb things, restructured a bit 2024-04-11 00:29:32 +02:00
4c2eb7b990
chore: better routing structure 2024-04-09 04:35:57 +02:00
bb26ff763d
chore: restructured completely
kinda MVC:
Model -> model
View -> routes
Controller -> server
2024-04-09 01:14:48 +02:00
20ca18f9e3
chore: also modularized APInbox 2024-04-08 02:55:21 +02:00
7ce872cfff
chore: separated outbox business logic in methods
dumped all in server but temporary, now can be properly modularized
also fixed endpoints
2024-04-08 02:30:43 +02:00
24d547e93a
feat: subdivide into features 2024-04-06 18:03:13 +02:00
a624222751
feat: listed half of mastodon's api routes 2024-04-06 17:20:44 +02:00
ca871a867f
docs: some readmes
pretty useless but at least they're there
2024-04-06 17:20:14 +02:00
520c8eff3a
feat: separated apb types into crate, reworked
no more "impl ..." hell, each trait has associated types so that we know
it's a "Self::Link" or a "Self::Actor", but in practice they can both be
a "serde_json::Value" and thus we can change its type. also Node::Array
is now a Vec<T> rather than Vec<Node<T>> because it makes more sense.
Node is Iterable and will yield zero (Empty|Link), one (Object) or many
(Array) Ts
2024-04-06 16:56:13 +02:00
b5867b90ac
feat: accept also bare note to publish 2024-03-28 05:24:38 +01:00
0ec839f42f
fix: followers was wrong because full model 2024-03-28 05:19:13 +01:00
3725097749
fix: followers querying with full id 2024-03-28 05:14:50 +01:00
d7efbf5131
chore: imports cleanup 2024-03-28 05:14:17 +01:00
e68332bc31
chore: refactor collections with utils, moved stuff 2024-03-28 04:52:17 +01:00
68823559c1
feat: process updates for notes and users 2024-03-28 04:47:49 +01:00
5bad5e0405
fix: more lenient nodeinfo 2024-03-28 04:05:47 +01:00
4274367285
feat: immediately wakeup dispatcher when sending 2024-03-27 05:09:20 +01:00
70c1f96959
fix: maybe fix for expanding addressings 2024-03-27 04:46:57 +01:00
746c5e5921
fix: log follow request accept/reject 2024-03-27 04:40:50 +01:00
bd4d123223
fix: less extreme logging for deliveries 2024-03-27 04:38:14 +01:00
742c769014
fix: filter out empty targets 2024-03-27 04:36:46 +01:00
625b8e0e02
fix: when missing embedded object still show url! 2024-03-27 04:28:09 +01:00
fe30ad59d7
feat: normalized pagination 2024-03-27 04:23:42 +01:00
139e973277
fix: don't insert when there's nothing to insert 2024-03-27 04:13:29 +01:00
ac2c86f16e
feat: crude implementation of most inbox flows 2024-03-27 04:00:27 +01:00
db8ecc7c3d
chore: moved around stuff 2024-03-27 04:00:18 +01:00
c3face463e
feat: crude implementation for most outbox methods 2024-03-27 03:24:14 +01:00
f83103ba72
fix: Node::id() returns owned value, imports fix 2024-03-27 03:23:54 +01:00
b37d799f59
fix: oh yes that was it! now digest 2024-03-27 02:11:14 +01:00
21db907e17
fix: omg is it the day of the week? 2024-03-27 02:08:50 +01:00
e75758b320
fix: if this is it............. 2024-03-27 02:07:02 +01:00
44adbeb434
fix: maybe without the day? omg mastodon... 2024-03-27 01:56:44 +01:00
b730598abe
fix: well it's not standard duhh 2024-03-27 01:53:41 +01:00
ad012bd2ee
fix: what the fuck mastodon?
or is it rust's fault?
2024-03-27 01:48:55 +01:00
4d06af9c54
fix: ooo is it this one? 2024-03-27 01:44:27 +01:00
f2513f30c8
fix: show me what they say when rejecting sign :( 2024-03-27 00:24:14 +01:00
a2f77fa6fb
fix: apparently i need to put flat links...
what's the point of being ActivityPub if you expect a fixed structure!!!
2024-03-27 00:15:17 +01:00
e9dc33a39d
fix: typo 2024-03-26 23:55:57 +01:00
603724ebcc
feat: improved dispatcher sleep logic 2024-03-26 23:53:44 +01:00
6097493932
chore: faker creates test user, not root 2024-03-26 23:53:30 +01:00
46394af394
fix: include request-target 2024-03-26 23:42:22 +01:00
8437de6c1b
fix: add back algorithm, fix digest fn 2024-03-26 21:48:39 +01:00
e8eff349cf
fix: ops must include digest and compose header 2024-03-26 21:30:41 +01:00
fc4674ecca
fix: maybe if i do it the old way?? 2024-03-26 21:24:10 +01:00
98cb07b547
fix: does 'require_header' change anything? 2024-03-26 21:14:01 +01:00
923d96bd7f
fix: are these the issue? 2024-03-26 21:09:49 +01:00
46b9a339f7
fix: also full AP header 2024-03-26 21:02:07 +01:00
2f5344af37
fix: correct path for signature 2024-03-26 20:22:15 +01:00
a99c21654d
fix: use date format mastodon shows in docs
can't be this, or can it?
2024-03-26 20:17:41 +01:00
8bf41aa28b
fix: use a reasonable crate for http signing
http_signatures is abandoned, http_sig is weird???
2024-03-26 19:27:35 +01:00
d321d0b22a
fix: calculate digest, remove algo field
https://docs.joinmastodon.org/spec/security/#http
2024-03-26 05:25:51 +01:00
4afb0ae946
fix: generate keys on the fly 2024-03-26 04:20:35 +01:00
8ed4251d31
fix: #main-key ... 2024-03-26 04:14:23 +01:00
82f8abd96b
fix: well known without protocol 2024-03-26 03:54:25 +01:00
d918caa815
fix: was getting host wrongly, also log way more 2024-03-26 03:49:09 +01:00
90cae9e5fd
fix: header and LD context... 2024-03-26 03:41:17 +01:00
8ba25d511e
fix: more resilient priv key selection 2024-03-26 03:21:00 +01:00
e6b30975cc
feat: catch dispatcher errors 2024-03-26 03:11:59 +01:00
81b6a7183a
fix: log delivery responses bodies 2024-03-26 03:05:43 +01:00
83b0b35043
fix: check status code when delivering 2024-03-26 02:50:58 +01:00
d5c73e85e8
fix: fetch activity case for non embedded 2024-03-26 02:46:10 +01:00
34a3769fba
fix: acktually algorithm is required by spec 2024-03-26 02:27:40 +01:00
7d1473691e
fix: valid ids for inserted things 2024-03-26 02:24:09 +01:00
a7a6a23560
fix: also insert like relation when posting likes 2024-03-26 02:13:03 +01:00
c6703a0a1e
fix: add published which must be non null 2024-03-26 02:07:46 +01:00
36aec4f447
fix: improvements for debugging 2024-03-26 02:05:20 +01:00
b464aa0e98
fix: register outbox route 2024-03-26 01:31:17 +01:00
f588df751f
fix: don't attempt to deliver to public target 2024-03-26 01:25:15 +01:00
794548d14a
fix: duhhh 2024-03-26 01:19:34 +01:00
0c8afc2780
fix: some logging on fetcher and dispatcher 2024-03-26 01:14:43 +01:00
13f99532fe
fix: put bac protocol in urls 2024-03-26 01:02:48 +01:00
6a050c0bb4
fix: actually fixed it 2024-03-26 00:58:01 +01:00
3a0ca6af86
feat: control how many statuses to insert 2024-03-26 00:53:07 +01:00
71acddb766
feat: crude handling of line and create 2024-03-26 00:50:07 +01:00
d7e846370a
feat: show public key of user 2024-03-26 00:49:56 +01:00
b0d8957f41
feat: Node::get() returns owned object 2024-03-26 00:49:42 +01:00
be75ac33d1
feat: parse some algorithms for digest, all rsa 2024-03-26 00:49:27 +01:00
4a99a3dc40
chore: small improvements and fixed some warns 2024-03-26 00:49:07 +01:00
6d078f7068
feat: show pub key and created time for app actor 2024-03-26 00:48:37 +01:00
f74aab7852
feat: implemented GET inbox to browse home feed 2024-03-25 21:48:58 +01:00
b0e4940ec8
feat: validate incoming http signatures 2024-03-25 21:19:25 +01:00
e1b93e8a93
feat: added basic fetcher, get keys at startup 2024-03-25 21:19:02 +01:00
88808f020c
feat: storage for application keys 2024-03-25 21:18:27 +01:00
6ea4f06d54
feat: initial work on validating http signatures 2024-03-25 05:12:49 +01:00
d0816a0f6a
fix: from -> actor 2024-03-25 05:12:09 +01:00
6be1a445be
chore: not all pub 2024-03-25 05:08:29 +01:00
5d7ce0e3c4
feat: simple delivery system + http signatures 2024-03-25 05:07:58 +01:00
76c0bd5218
feat: store base domain and protocol separately 2024-03-25 05:02:39 +01:00
de74669bd7
chore: moved version as const 2024-03-25 05:02:20 +01:00
7f69abf6c0
fix: cleanup 2024-03-25 02:27:31 +01:00
6be486ca3d
fix: add also server column for server addressing 2024-03-25 02:26:47 +01:00
acd4fa0bd4
feat: work on authed outbox/inbox 2024-03-25 02:00:57 +01:00
384d5147ed
feat: initial auth extractor 2024-03-25 01:58:30 +01:00
41899556bf
fix: session id is session 2024-03-25 01:58:06 +01:00
fbd175e8f3
chore: oops merge made a mess 2024-03-25 01:57:13 +01:00
a3df3e882e
feat: super barebones auth route 2024-03-24 23:55:48 +01:00
e02a48d9da
fix: wrong id type for addressing model 2024-03-24 05:55:50 +01:00
2958107c49
fix: actually insert addressing on receiving
also some nice utils to handle link vecs
2024-03-24 05:49:36 +01:00
28ba5f1b40
feat: add global inbox get, which respects privacy 2024-03-24 04:58:49 +01:00
2ac7fa0588
chore: split inbox/outbox, added forgotten mods 2024-03-24 04:05:09 +01:00
65032ef606
fix: faker followers/following counts 2024-03-24 04:04:48 +01:00
0d1250fd6f
feat: add addressing table
this should allow to build timelines and check access permissions
quickly. my only concern is keeping thousands, if not even millions, of
rows always with full strings. future optimizations may look into an
intermediary table to map ids to integers and optimize this table's
storage
2024-03-24 04:03:44 +01:00
7251a3e92c
feat: added sessions with credentials 2024-03-24 04:03:22 +01:00
2673860106
chore: better ap user route 2024-03-23 20:24:38 +01:00
34b7db5ce6
feat: default for config 2024-03-23 20:24:29 +01:00
13afd5be87
chore: split server context and router 2024-03-23 20:24:14 +01:00
d36ac82dd9
feat: add followers and followers count to users
redo migrations (: honestly if you're expecting to keep a long-lasting
db at this stage of development i have bad news for you
2024-03-23 16:44:27 +01:00
72c2cd5f81
chore: cleaned up all model modules 2024-03-23 06:32:15 +01:00
1a7a4f6df6
chore: ok clippy 2024-03-23 06:14:34 +01:00
c361528b2f
feat: moved object creation out of entity 2024-03-23 06:10:53 +01:00
05245c2776
fix: faker also insert config and credentials 2024-03-23 06:10:33 +01:00
f48509e2d8
feat: added tables+entities for config, credentials
simple password auth is bad and shall likely go but it's easy for now
and i need a way to login to test user interactions as i make the outbox
working
2024-03-23 05:02:39 +01:00
b90f7307bc
fix: datetime utc, also in likes
redo all migrations ehe
2024-03-23 04:40:39 +01:00
490358e9ed
chore: merged follow___ into one function 2024-03-23 04:40:02 +01:00
a18d0fd3d4
chore: split down ap/user file 2024-03-23 04:31:48 +01:00
84882dd5bd fix: published is optional on activities 2024-03-22 17:59:46 +01:00