diff --git a/src/routes/activitypub/application.rs b/src/routes/activitypub/application.rs index 512cefb8..ab622144 100644 --- a/src/routes/activitypub/application.rs +++ b/src/routes/activitypub/application.rs @@ -1,5 +1,5 @@ use apb::{ActorMut, BaseMut, ObjectMut, PublicKeyMut}; -use axum::{extract::{Query, State}, http::HeaderMap, response::{IntoResponse, Redirect, Response}, Json}; +use axum::{extract::{Query, State}, http::HeaderMap, response::{IntoResponse, Redirect, Response}, Form, Json}; use reqwest::Method; use crate::{errors::UpubError, server::{auth::{AuthIdentity, Identity}, fetcher::Fetcher, Context}, url}; @@ -44,12 +44,12 @@ pub struct FetchPath { id: String, } -pub async fn debug( +pub async fn proxy_get( State(ctx): State, Query(query): Query, AuthIdentity(auth): AuthIdentity, ) -> crate::Result> { - // only local users can request debug fetches + // only local users can request fetches if !ctx.cfg().security.allow_public_debugger && !matches!(auth, Identity::Local(_)) { return Err(UpubError::unauthorized()); } @@ -60,7 +60,31 @@ pub async fn debug( None, &ctx.base(), &ctx.app().private_key, - &format!("{}|devtools", ctx.domain()), + &format!("{}+proxy", ctx.domain()), + ) + .await? + .json::() + .await? + )) +} + +pub async fn proxy_form( + State(ctx): State, + AuthIdentity(auth): AuthIdentity, + Form(query): Form, +) -> crate::Result> { + // only local users can request fetches + if !ctx.cfg().security.allow_public_debugger && !matches!(auth, Identity::Local(_)) { + return Err(UpubError::unauthorized()); + } + Ok(Json( + Context::request( + Method::GET, + &query.id, + None, + &ctx.base(), + &ctx.app().private_key, + &format!("{}+proxy", ctx.domain()), ) .await? .json::() diff --git a/src/routes/activitypub/mod.rs b/src/routes/activitypub/mod.rs index 8b357056..743b84c8 100644 --- a/src/routes/activitypub/mod.rs +++ b/src/routes/activitypub/mod.rs @@ -25,7 +25,8 @@ impl ActivityPubRouter for Router { // core server inbox/outbox, maybe for feeds? TODO do we need these? .route("/", get(ap::application::view)) // fetch route, to debug and retreive remote objects - .route("/dbg", get(ap::application::debug)) + .route("/proxy", get(ap::application::proxy_get)) + .route("/proxy", post(ap::application::proxy_form)) // TODO shared inboxes and instance stream will come later, just use users *boxes for now .route("/inbox", post(ap::inbox::post)) .route("/inbox", get(ap::inbox::get)) diff --git a/src/routes/activitypub/user/mod.rs b/src/routes/activitypub/user/mod.rs index 05508347..5879c815 100644 --- a/src/routes/activitypub/user/mod.rs +++ b/src/routes/activitypub/user/mod.rs @@ -77,6 +77,7 @@ pub async fn view( .set_endpoints(Node::object( serde_json::Value::new_object() .set_shared_inbox(Some(&url!(ctx, "/inbox"))) + .set_proxy_url(Some(&url!(ctx, "/proxy"))) )); if !auth.is(&uid) && !cfg.show_followers_count {