Added Activitypub_RSA

Fixed #35 and related serious issues
We now have proper ActivityPub profiles
This commit is contained in:
Diogo Cordeiro 2018-07-28 02:11:58 +01:00
parent 01c16fcef0
commit 4edd3ef398
44 changed files with 203 additions and 44 deletions

0
.gitignore vendored Normal file → Executable file
View File

22
ActivityPubPlugin.php Normal file → Executable file
View File

@ -232,6 +232,7 @@ class ActivityPubPlugin extends Plugin
{
$schema = Schema::get();
$schema->ensureTable('Activitypub_profile', Activitypub_profile::schemaDef());
$schema->ensureTable('Activitypub_rsa', Activitypub_rsa::schemaDef());
$schema->ensureTable('Activitypub_pending_follow_requests', Activitypub_pending_follow_requests::schemaDef());
return true;
}
@ -250,17 +251,18 @@ class ActivityPubPlugin extends Plugin
*/
public static function extractWebfingerIds($text, $preMention='@')
{
$wmatches = array();
$wmatches = [];
$result = preg_match_all(
'/(?<!\S)'.preg_quote($preMention, '/').'('.Nickname::WEBFINGER_FMT.')/',
$text,
$wmatches,
PREG_OFFSET_CAPTURE
$text,
$wmatches,
PREG_OFFSET_CAPTURE
);
if ($result === false) {
common_log(LOG_ERR, __METHOD__ . ': Error parsing webfinger IDs from text (preg_last_error=='.preg_last_error().').');
} elseif (count($wmatches)) {
common_debug(sprintf('Found %d matches for WebFinger IDs: %s', count($wmatches), _ve($wmatches)));
return [];
} elseif ($n_matches = count($wmatches)) {
common_debug(sprintf('Found %d matches for WebFinger IDs: %s', $n_matches, _ve($wmatches)));
}
return $wmatches[1];
}
@ -497,7 +499,7 @@ class ActivityPubPlugin extends Plugin
*/
public function onStartSubscribe(Profile $profile, Profile $other)
{
if (!$profile->isLocal() || $other->isLocal()) {
if (!$profile->isLocal() && $other->isLocal()) {
return true;
}
@ -524,7 +526,7 @@ class ActivityPubPlugin extends Plugin
*/
public function onStartUnsubscribe(Profile $profile, Profile $other)
{
if (!$profile->isLocal() || $other->isLocal()) {
if (!$profile->isLocal() && $other->isLocal()) {
return true;
}
@ -724,6 +726,10 @@ class ActivityPubPlugin extends Plugin
$profile = Profile::getKV($notice->profile_id);
if (!$profile->isLocal()) {
return true;
}
$other = array();
try {
$other[] = Activitypub_profile::from_profile($notice->getProfile());

0
CONTRIBUTING.md Normal file → Executable file
View File

0
COPYING Normal file → Executable file
View File

0
README.md Normal file → Executable file
View File

0
actions/apactorfollowers.php Normal file → Executable file
View File

0
actions/apactorfollowing.php Normal file → Executable file
View File

0
actions/apactorinbox.php Normal file → Executable file
View File

0
actions/apactorliked.php Normal file → Executable file
View File

0
actions/apactorprofile.php Normal file → Executable file
View File

0
actions/apsharedinbox.php Normal file → Executable file
View File

0
actions/inbox/Accept.php Normal file → Executable file
View File

0
actions/inbox/Announce.php Normal file → Executable file
View File

2
actions/inbox/Create.php Normal file → Executable file
View File

@ -44,7 +44,7 @@ if (!isset($data->object->content)) {
if (!isset($data->object->url)) {
ActivityPubReturn::error("Object url was not specified.");
} elseif (!filter_var($data->object->url, FILTER_VALIDATE_URL)) {
ActivityPubReturn::error("Invalid Object Url.");
ActivityPubReturn::error("Invalid Object URL.");
}
if (!isset($data->object->to)) {
ActivityPubReturn::error("Object To was not specified.");

0
actions/inbox/Delete.php Normal file → Executable file
View File

0
actions/inbox/Follow.php Normal file → Executable file
View File

0
actions/inbox/Like.php Normal file → Executable file
View File

0
actions/inbox/Reject.php Normal file → Executable file
View File

0
actions/inbox/Undo.php Normal file → Executable file
View File

0
classes/Activitypub_accept.php Normal file → Executable file
View File

0
classes/Activitypub_announce.php Normal file → Executable file
View File

0
classes/Activitypub_attachment.php Normal file → Executable file
View File

0
classes/Activitypub_create.php Normal file → Executable file
View File

0
classes/Activitypub_delete.php Normal file → Executable file
View File

0
classes/Activitypub_error.php Normal file → Executable file
View File

0
classes/Activitypub_follow.php Normal file → Executable file
View File

0
classes/Activitypub_like.php Normal file → Executable file
View File

0
classes/Activitypub_notice.php Normal file → Executable file
View File

0
classes/Activitypub_pending_follow_requests.php Normal file → Executable file
View File

14
classes/Activitypub_profile.php Normal file → Executable file
View File

@ -42,8 +42,6 @@ class Activitypub_profile extends Profile
{
public $__table = 'Activitypub_profile';
protected $_profile = null;
/**
* Return table definition for Schema setup and DB_DataObject usage.
*
@ -83,6 +81,9 @@ class Activitypub_profile extends Profile
{
$uri = ActivityPubPlugin::actor_uri($profile);
$id = $profile->getID();
$rsa = new Activitypub_rsa();
$public_key = $rsa->ensure_public_key($profile);
unset($rsa);
$res = [
'@context' => [
"https://www.w3.org/ns/activitystreams",
@ -112,6 +113,11 @@ class Activitypub_profile extends Profile
'summary' => ($desc = $profile->getDescription()) == null ? "" : $desc,
'url' => $profile->getUrl(),
'manuallyApprovesFollowers' => false,
'publicKey' => [
'id' => $uri."#main-key",
'owner' => $uri,
'publicKeyPem' => $public_key
],
'tag' => [],
'attachment' => [],
'icon' => [
@ -122,7 +128,7 @@ class Activitypub_profile extends Profile
];
if ($profile->isLocal()) {
$res['endpoints']['sharedInbox'] = common_local_url("apSharedInbox", array("id" => $id));
$res['endpoints']['sharedInbox'] = common_local_url('apSharedInbox');
} else {
$aprofile = new Activitypub_profile();
$aprofile = $aprofile->from_profile($profile);
@ -133,7 +139,7 @@ class Activitypub_profile extends Profile
}
/**
* Insert the current objects variables into the database
* Insert the current object variables into the database
*
* @author Diogo Cordeiro <diogo@fc.up.pt>
* @access public

0
classes/Activitypub_reject.php Normal file → Executable file
View File

140
classes/Activitypub_rsa.php Executable file
View File

@ -0,0 +1,140 @@
<?php
/**
* GNU social - a federating social network
*
* ActivityPubPlugin implementation for GNU Social
*
* LICENCE: This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @category Plugin
* @package GNUsocial
* @author Diogo Cordeiro <diogo@fc.up.pt>
* @author Daniel Supernault <danielsupernault@gmail.com>
* @copyright 2018 Free Software Foundation http://fsf.org
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link https://www.gnu.org/software/social/
*/
if (!defined('GNUSOCIAL')) {
exit(1);
}
/**
* ActivityPub Keys System
*
* @category Plugin
* @package GNUsocial
* @author Diogo Cordeiro <diogo@fc.up.pt>
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://www.gnu.org/software/social/
*/
class Activitypub_rsa extends Managed_DataObject
{
public $__table = 'Activitypub_rsa';
/**
* Return table definition for Schema setup and DB_DataObject usage.
*
* @author Diogo Cordeiro <diogo@fc.up.pt>
* @return array array of column definitions
*/
public static function schemaDef()
{
return [
'fields' => [
'profile_id' => ['type' => 'integer'],
'private_key' => ['type' => 'varchar', 'length' => 191],
'public_key' => ['type' => 'varchar', 'length' => 191],
'created' => ['type' => 'datetime', 'not null' => true],
'modified' => ['type' => 'datetime', 'not null' => true],
],
'primary key' => ['profile_id'],
'unique keys' => [
'Activitypub_rsa_profile_id_key' => ['profile_id'],
'Activitypub_rsa_private_key_key' => ['private_key'],
'Activitypub_rsa_public_key_key' => ['public_key'],
],
'foreign keys' => [
'Activitypub_profile_profile_id_fkey' => ['profile', ['profile_id' => 'id']],
],
];
}
/**
* Guarantees a Public Key for a given profile.
*
* @author Diogo Cordeiro <diogo@fc.up.pt>
* @param Profile $profile
* @return string The public key
* @throws Exception It should never occur
*/
public function ensure_public_key($profile)
{
$this->profile_id = $profile->getID();
$apRSA = self::getKV('profile_id', $this->profile_id);
if (!$apRSA instanceof Activitypub_rsa) {
// No existing key pair for this profile
if ($profile->isLocal()) {
self::generate_keys($this->private_key, $this->public_key);
$this->store_keys();
} else {
throw new Exception('No Keys for this Profile. That\'s odd.');
}
}
return $apRSA->public_key;
}
/**
* Insert the current object variables into the database.
*
* @author Diogo Cordeiro <diogo@fc.up.pt>
* @access public
* @throws ServerException
*/
public function store_keys()
{
$this->created = $this->modified = common_sql_now();
$ok = $this->insert();
if ($ok === false) {
$profile->query('ROLLBACK');
throw new ServerException('Cannot save ActivityPub RSA.');
}
}
/**
* Generates a pair of RSA keys.
*
* @author PHP Manual Contributed Notes <dirt@awoms.com>
* @param string $private_key in/out
* @param string $public_key in/out
*/
public static function generate_keys(&$private_key, &$public_key)
{
$config = [
'digest_alg' => 'sha512',
'private_key_bits' => 2048,
'private_key_type' => OPENSSL_KEYTYPE_RSA,
];
// Create the private and public key
$res = openssl_pkey_new($config);
// Extract the private key from $res to $private_key
openssl_pkey_export($res, $private_key);
// Extract the public key from $res to $pubKey
$pubKey = openssl_pkey_get_details($res);
$public_key = $pubKey["key"];
unset($pubKey);
}
}

0
classes/Activitypub_tag.php Normal file → Executable file
View File

0
classes/Activitypub_undo.php Normal file → Executable file
View File

0
composer.json Normal file → Executable file
View File

0
composer.lock generated Normal file → Executable file
View File

0
phpunit.xml Normal file → Executable file
View File

0
tests/CreatesApplication.php Normal file → Executable file
View File

0
tests/TestCase.php Normal file → Executable file
View File

0
tests/Unit/ExampleTest.php Normal file → Executable file
View File

0
tests/Unit/ProfileObjectTest.php Normal file → Executable file
View File

0
utils/discoveryhints.php Normal file → Executable file
View File

40
utils/explorer.php Normal file → Executable file
View File

@ -91,7 +91,7 @@ class Activitypub_explorer
private function ensure_proper_remote_uri($url)
{
$client = new HTTPClient();
$headers = array();
$headers = [];
$headers[] = 'Accept: application/ld+json; profile="https://www.w3.org/ns/activitystreams"';
$headers[] = 'User-Agent: GNUSocialBot v0.1 - https://gnu.io/social';
$response = $client->get($url, $headers);
@ -118,35 +118,29 @@ class Activitypub_explorer
private function grab_local_user($uri, $online = false)
{
// Ensure proper remote URI
// If an exceptiong ocurrs here it's better to just leave everything
// If an exception occurs here it's better to just leave everything
// break than to continue processing
if ($online && $this->ensure_proper_remote_uri($uri)) {
$uri = $this->temp_res["id"];
}
try {
// Try standard ActivityPub route
// Is this a filthy little mudblood?
$aprofile = Activitypub_profile::getKV("uri", $uri);
if ($aprofile instanceof Activitypub_profile) {
$profile = $aprofile->local_profile();
} else {
// Nope, this potential local user is not a remote user.
// Let's check for pure blood!
$profile = User::getByNickname($this->temp_res["preferredUsername"])->getProfile();
}
// Try standard ActivityPub route
// Is this a known filthy little mudblood?
$aprofile = Activitypub_profile::getKV("uri", $uri);
if ($aprofile instanceof Activitypub_profile) {
$profile = $aprofile->local_profile();
// We found something!
$this->discovered_actor_profiles[]= $profile;
unset($this->temp_res); // IMPORTANT to avoid _dangerous_ noise in the Explorer system
return true;
} catch (Exception $e) {
// We can safely ignore every exception here as we are returning false
// when it fails the lookup for existing local representation
}
// If offline grabbing failed, attempt again with online resources
if (!$online) {
$this->grab_local_user($uri, true);
return $this->grab_local_user($uri, true);
}
return false;
}
@ -202,6 +196,7 @@ class Activitypub_explorer
*/
private function store_profile($res)
{
// ActivityPub Profile
$aprofile = new Activitypub_profile;
$aprofile->uri = $res['id'];
$aprofile->nickname = $res['preferredUsername'];
@ -211,8 +206,15 @@ class Activitypub_explorer
$aprofile->sharedInboxuri = isset($res['endpoints']['sharedInbox']) ? $res['endpoints']['sharedInbox'] : $res['inbox'];
$aprofile->do_insert();
$profile = $aprofile->local_profile();
return $aprofile->local_profile();
// Public Key
$apRSA = new Activitypub_rsa();
$apRSA->profile_id = $profile->getID();
$apRSA->public_key = $res['publicKey']['publicKeyPem'];
$apRSA->store_keys();
return $profile;
}
/**
@ -225,7 +227,7 @@ class Activitypub_explorer
*/
private static function validate_remote_response($res)
{
if (!isset($res['id'], $res['preferredUsername'], $res['name'], $res['summary'], $res['inbox'])) {
if (!isset($res['id'], $res['preferredUsername'], $res['name'], $res['summary'], $res['inbox'], $res['publicKey']['publicKeyPem'])) {
return false;
}

29
utils/postman.php Normal file → Executable file
View File

@ -52,7 +52,7 @@ class Activitypub_postman
* Create a postman to deliver something to someone
*
* @author Diogo Cordeiro <diogo@fc.up.pt>
* @param Profile of sender
* @param Profile $from Profile of sender
* @param Activitypub_profile $to array of destinataries
*/
public function __construct($from, $to = [])
@ -73,7 +73,7 @@ class Activitypub_postman
*/
public function follow()
{
$data = Activitypub_follow::follow_to_array($this->actor->getUrl(), $this->to[0]->getUrl());
$data = Activitypub_follow::follow_to_array(ActivityPubPlugin::actor_uri($this->actor), $this->to[0]->getUrl());
$this->client->setBody(json_encode($data));
$res = $this->client->post($this->to[0]->get_inbox(), $this->headers);
$res_body = json_decode($res->getBody());
@ -102,8 +102,8 @@ class Activitypub_postman
{
$data = Activitypub_undo::undo_to_array(
Activitypub_follow::follow_to_array(
$this->actor->getUrl(),
$this->to[0]->getUrl()
ActivityPubPlugin::actor_uri($this->actor),
$this->to[0]->getUrl()
)
);
$this->client->setBody(json_encode($data));
@ -130,7 +130,7 @@ class Activitypub_postman
public function like($notice)
{
$data = Activitypub_like::like_to_array(
$this->actor->getUrl(),
ActivityPubPlugin::actor_uri($this->actor),
Activitypub_notice::notice_to_array($notice)
);
$this->client->setBody(json_encode($data));
@ -149,10 +149,10 @@ class Activitypub_postman
{
$data = Activitypub_undo::undo_to_array(
Activitypub_like::like_to_array(
$this->actor->getUrl(),
ActivityPubPlugin::actor_uri($this->actor),
Activitypub_notice::notice_to_array($notice)
)
);
);
$this->client->setBody(json_encode($data));
foreach ($this->to_inbox() as $inbox) {
$this->client->post($inbox, $this->headers);
@ -169,9 +169,9 @@ class Activitypub_postman
{
$data = Activitypub_create::create_to_array(
$notice->getUri(),
$this->actor->getUrl(),
Activitypub_notice::notice_to_array($notice)
);
ActivityPubPlugin::actor_uri($this->actor),
Activitypub_notice::notice_to_array($notice)
);
if (isset($notice->reply_to)) {
$data["object"]["reply_to"] = $notice->getParent()->getUri();
}
@ -190,7 +190,7 @@ class Activitypub_postman
public function announce($notice)
{
$data = Activitypub_announce::announce_to_array(
$this->actor->getUrl(),
ActivityPubPlugin::actor_uri($this->actor),
Activitypub_notice::notice_to_array($notice)
);
$this->client->setBody(json_encode($data));
@ -236,7 +236,12 @@ class Activitypub_postman
{
$to_inboxes = array();
foreach ($this->to as $to_profile) {
$to_inboxes[] = $to_profile->get_inbox();
$i = $to_profile->get_inbox();
// Prevent delivering to self
if ($i == [common_local_url('apSharedInbox')]) {
continue;
}
$to_inboxes[] = $i;
}
return array_unique($to_inboxes);