GNUsocial
/
gnu-social-v2-archive-activitypub-plugin
Archived
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added Activitypub_RSA 

Fixed #35 and related serious issues
We now have proper ActivityPub profiles
This commit is contained in:
Diogo Cordeiro 2018-07-28 02:11:58 +01:00
parent 01c16fcef0
commit 4edd3ef398
44 changed files with 203 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
.gitignore vendored Normal file → Executable file
View File

22
ActivityPubPlugin.php Normal file → Executable file
View File

@ -232,6 +232,7 @@ class ActivityPubPlugin extends Plugin
{ {
$schema = Schema::get(); $schema = Schema::get();
$schema->ensureTable('Activitypub_profile', Activitypub_profile::schemaDef()); $schema->ensureTable('Activitypub_profile', Activitypub_profile::schemaDef());
$schema->ensureTable('Activitypub_rsa', Activitypub_rsa::schemaDef());
$schema->ensureTable('Activitypub_pending_follow_requests', Activitypub_pending_follow_requests::schemaDef()); $schema->ensureTable('Activitypub_pending_follow_requests', Activitypub_pending_follow_requests::schemaDef());
return true; return true;
} }
@ -250,17 +251,18 @@ class ActivityPubPlugin extends Plugin
*/ */
public static function extractWebfingerIds($text, $preMention='@') public static function extractWebfingerIds($text, $preMention='@')
{ {
$wmatches = array(); $wmatches = [];
$result = preg_match_all( $result = preg_match_all(
'/(?<!\S)'.preg_quote($preMention, '/').'('.Nickname::WEBFINGER_FMT.')/', '/(?<!\S)'.preg_quote($preMention, '/').'('.Nickname::WEBFINGER_FMT.')/',
$text, $text,
$wmatches, $wmatches,
PREG_OFFSET_CAPTURE PREG_OFFSET_CAPTURE
); );
if ($result === false) { if ($result === false) {
common_log(LOG_ERR, __METHOD__ . ': Error parsing webfinger IDs from text (preg_last_error=='.preg_last_error().').'); common_log(LOG_ERR, __METHOD__ . ': Error parsing webfinger IDs from text (preg_last_error=='.preg_last_error().').');
} elseif (count($wmatches)) { return [];
common_debug(sprintf('Found %d matches for WebFinger IDs: %s', count($wmatches), _ve($wmatches))); } elseif ($n_matches = count($wmatches)) {
common_debug(sprintf('Found %d matches for WebFinger IDs: %s', $n_matches, _ve($wmatches)));
} }
return $wmatches[1]; return $wmatches[1];
} }
@ -497,7 +499,7 @@ class ActivityPubPlugin extends Plugin
*/ */
public function onStartSubscribe(Profile $profile, Profile $other) public function onStartSubscribe(Profile $profile, Profile $other)
{ {
if (!$profile->isLocal() || $other->isLocal()) { if (!$profile->isLocal() && $other->isLocal()) {
return true; return true;
} }
@ -524,7 +526,7 @@ class ActivityPubPlugin extends Plugin
*/ */
public function onStartUnsubscribe(Profile $profile, Profile $other) public function onStartUnsubscribe(Profile $profile, Profile $other)
{ {
if (!$profile->isLocal() || $other->isLocal()) { if (!$profile->isLocal() && $other->isLocal()) {
return true; return true;
} }
@ -724,6 +726,10 @@ class ActivityPubPlugin extends Plugin
$profile = Profile::getKV($notice->profile_id); $profile = Profile::getKV($notice->profile_id);
if (!$profile->isLocal()) {
return true;
}
$other = array(); $other = array();
try { try {
$other[] = Activitypub_profile::from_profile($notice->getProfile()); $other[] = Activitypub_profile::from_profile($notice->getProfile());

0
CONTRIBUTING.md Normal file → Executable file
View File

0
COPYING Normal file → Executable file
View File

0
README.md Normal file → Executable file
View File

0
actions/apactorfollowers.php Normal file → Executable file
View File

0
actions/apactorfollowing.php Normal file → Executable file
View File

0
actions/apactorinbox.php Normal file → Executable file
View File

0
actions/apactorliked.php Normal file → Executable file
View File

0
actions/apactorprofile.php Normal file → Executable file
View File

0
actions/apsharedinbox.php Normal file → Executable file
View File

0
actions/inbox/Accept.php Normal file → Executable file
View File

0
actions/inbox/Announce.php Normal file → Executable file
View File

2
actions/inbox/Create.php Normal file → Executable file
View File

@ -44,7 +44,7 @@ if (!isset($data->object->content)) {
if (!isset($data->object->url)) { if (!isset($data->object->url)) {
ActivityPubReturn::error("Object url was not specified."); ActivityPubReturn::error("Object url was not specified.");
} elseif (!filter_var($data->object->url, FILTER_VALIDATE_URL)) { } elseif (!filter_var($data->object->url, FILTER_VALIDATE_URL)) {
ActivityPubReturn::error("Invalid Object Url."); ActivityPubReturn::error("Invalid Object URL.");
} }
if (!isset($data->object->to)) { if (!isset($data->object->to)) {
ActivityPubReturn::error("Object To was not specified."); ActivityPubReturn::error("Object To was not specified.");

0
actions/inbox/Delete.php Normal file → Executable file
View File

0
actions/inbox/Follow.php Normal file → Executable file
View File

0
actions/inbox/Like.php Normal file → Executable file
View File

0
actions/inbox/Reject.php Normal file → Executable file
View File

0
actions/inbox/Undo.php Normal file → Executable file
View File

0
classes/Activitypub_accept.php Normal file → Executable file
View File

0
classes/Activitypub_announce.php Normal file → Executable file
View File

0
classes/Activitypub_attachment.php Normal file → Executable file
View File

0
classes/Activitypub_create.php Normal file → Executable file
View File

0
classes/Activitypub_delete.php Normal file → Executable file
View File

0
classes/Activitypub_error.php Normal file → Executable file
View File

0
classes/Activitypub_follow.php Normal file → Executable file
View File

0
classes/Activitypub_like.php Normal file → Executable file
View File

0
classes/Activitypub_notice.php Normal file → Executable file
View File

0
classes/Activitypub_pending_follow_requests.php Normal file → Executable file
View File

14
classes/Activitypub_profile.php Normal file → Executable file
View File

@ -42,8 +42,6 @@ class Activitypub_profile extends Profile
{ {
public $__table = 'Activitypub_profile'; public $__table = 'Activitypub_profile';
protected $_profile = null;
/** /**
* Return table definition for Schema setup and DB_DataObject usage. * Return table definition for Schema setup and DB_DataObject usage.
* *
@ -83,6 +81,9 @@ class Activitypub_profile extends Profile
{ {
$uri = ActivityPubPlugin::actor_uri($profile); $uri = ActivityPubPlugin::actor_uri($profile);
$id = $profile->getID(); $id = $profile->getID();
$rsa = new Activitypub_rsa();
$public_key = $rsa->ensure_public_key($profile);
unset($rsa);
$res = [ $res = [
'@context' => [ '@context' => [
"https://www.w3.org/ns/activitystreams", "https://www.w3.org/ns/activitystreams",
@ -112,6 +113,11 @@ class Activitypub_profile extends Profile
'summary' => ($desc = $profile->getDescription()) == null ? "" : $desc, 'summary' => ($desc = $profile->getDescription()) == null ? "" : $desc,
'url' => $profile->getUrl(), 'url' => $profile->getUrl(),
'manuallyApprovesFollowers' => false, 'manuallyApprovesFollowers' => false,
'publicKey' => [
'id' => $uri."#main-key",
'owner' => $uri,
'publicKeyPem' => $public_key
],
'tag' => [], 'tag' => [],
'attachment' => [], 'attachment' => [],
'icon' => [ 'icon' => [
@ -122,7 +128,7 @@ class Activitypub_profile extends Profile
]; ];
if ($profile->isLocal()) { if ($profile->isLocal()) {
$res['endpoints']['sharedInbox'] = common_local_url("apSharedInbox", array("id" => $id)); $res['endpoints']['sharedInbox'] = common_local_url('apSharedInbox');
} else { } else {
$aprofile = new Activitypub_profile(); $aprofile = new Activitypub_profile();
$aprofile = $aprofile->from_profile($profile); $aprofile = $aprofile->from_profile($profile);
@ -133,7 +139,7 @@ class Activitypub_profile extends Profile
} }
/** /**
* Insert the current objects variables into the database * Insert the current object variables into the database
* *
* @author Diogo Cordeiro <diogo@fc.up.pt> * @author Diogo Cordeiro <diogo@fc.up.pt>
* @access public * @access public

0
classes/Activitypub_reject.php Normal file → Executable file
View File

140
classes/Activitypub_rsa.php Executable file
View File

@ -0,0 +1,140 @@
<?php
/**
* GNU social - a federating social network
*
* ActivityPubPlugin implementation for GNU Social
*
* LICENCE: This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @category Plugin
* @package GNUsocial
* @author Diogo Cordeiro <diogo@fc.up.pt>
* @author Daniel Supernault <danielsupernault@gmail.com>
* @copyright 2018 Free Software Foundation http://fsf.org
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link https://www.gnu.org/software/social/
*/
if (!defined('GNUSOCIAL')) {
exit(1);
}
/**
* ActivityPub Keys System
*
* @category Plugin
* @package GNUsocial
* @author Diogo Cordeiro <diogo@fc.up.pt>
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://www.gnu.org/software/social/
*/
class Activitypub_rsa extends Managed_DataObject
{
public $__table = 'Activitypub_rsa';
/**
* Return table definition for Schema setup and DB_DataObject usage.
*
* @author Diogo Cordeiro <diogo@fc.up.pt>
* @return array array of column definitions
*/
public static function schemaDef()
{
return [
'fields' => [
'profile_id' => ['type' => 'integer'],
'private_key' => ['type' => 'varchar', 'length' => 191],
'public_key' => ['type' => 'varchar', 'length' => 191],
'created' => ['type' => 'datetime', 'not null' => true],
'modified' => ['type' => 'datetime', 'not null' => true],
],
'primary key' => ['profile_id'],
'unique keys' => [
'Activitypub_rsa_profile_id_key' => ['profile_id'],
'Activitypub_rsa_private_key_key' => ['private_key'],
'Activitypub_rsa_public_key_key' => ['public_key'],
],
'foreign keys' => [
'Activitypub_profile_profile_id_fkey' => ['profile', ['profile_id' => 'id']],
],
];
}
/**
* Guarantees a Public Key for a given profile.
*
* @author Diogo Cordeiro <diogo@fc.up.pt>
* @param Profile $profile
* @return string The public key
* @throws Exception It should never occur
*/
public function ensure_public_key($profile)
{
$this->profile_id = $profile->getID();
$apRSA = self::getKV('profile_id', $this->profile_id);
if (!$apRSA instanceof Activitypub_rsa) {
// No existing key pair for this profile
if ($profile->isLocal()) {
self::generate_keys($this->private_key, $this->public_key);
$this->store_keys();
} else {
throw new Exception('No Keys for this Profile. That\'s odd.');
}
}
return $apRSA->public_key;
}
/**
* Insert the current object variables into the database.
*
* @author Diogo Cordeiro <diogo@fc.up.pt>
* @access public
* @throws ServerException
*/
public function store_keys()
{
$this->created = $this->modified = common_sql_now();
$ok = $this->insert();
if ($ok === false) {
$profile->query('ROLLBACK');
throw new ServerException('Cannot save ActivityPub RSA.');
}
}
/**
* Generates a pair of RSA keys.
*
* @author PHP Manual Contributed Notes <dirt@awoms.com>
* @param string $private_key in/out
* @param string $public_key in/out
*/
public static function generate_keys(&$private_key, &$public_key)
{
$config = [
'digest_alg' => 'sha512',
'private_key_bits' => 2048,
'private_key_type' => OPENSSL_KEYTYPE_RSA,
];
// Create the private and public key
$res = openssl_pkey_new($config);
// Extract the private key from $res to $private_key
openssl_pkey_export($res, $private_key);
// Extract the public key from $res to $pubKey
$pubKey = openssl_pkey_get_details($res);
$public_key = $pubKey["key"];
unset($pubKey);
}
}

0
classes/Activitypub_tag.php Normal file → Executable file
View File

0
classes/Activitypub_undo.php Normal file → Executable file
View File

0
composer.json Normal file → Executable file
View File

0
composer.lock generated Normal file → Executable file
View File

0
phpunit.xml Normal file → Executable file
View File

0
tests/CreatesApplication.php Normal file → Executable file
View File

0
tests/TestCase.php Normal file → Executable file
View File

0
tests/Unit/ExampleTest.php Normal file → Executable file
View File

0
tests/Unit/ProfileObjectTest.php Normal file → Executable file
View File

0
utils/discoveryhints.php Normal file → Executable file
View File

40
utils/explorer.php Normal file → Executable file
View File

@ -91,7 +91,7 @@ class Activitypub_explorer
private function ensure_proper_remote_uri($url) private function ensure_proper_remote_uri($url)
{ {
$client = new HTTPClient(); $client = new HTTPClient();
$headers = array(); $headers = [];
$headers[] = 'Accept: application/ld+json; profile="https://www.w3.org/ns/activitystreams"'; $headers[] = 'Accept: application/ld+json; profile="https://www.w3.org/ns/activitystreams"';
$headers[] = 'User-Agent: GNUSocialBot v0.1 - https://gnu.io/social'; $headers[] = 'User-Agent: GNUSocialBot v0.1 - https://gnu.io/social';
$response = $client->get($url, $headers); $response = $client->get($url, $headers);
@ -118,35 +118,29 @@ class Activitypub_explorer
private function grab_local_user($uri, $online = false) private function grab_local_user($uri, $online = false)
{ {
// Ensure proper remote URI // Ensure proper remote URI
// If an exceptiong ocurrs here it's better to just leave everything // If an exception occurs here it's better to just leave everything
// break than to continue processing // break than to continue processing
if ($online && $this->ensure_proper_remote_uri($uri)) { if ($online && $this->ensure_proper_remote_uri($uri)) {
$uri = $this->temp_res["id"]; $uri = $this->temp_res["id"];
} }
try {
// Try standard ActivityPub route // Try standard ActivityPub route
// Is this a filthy little mudblood? // Is this a known filthy little mudblood?
$aprofile = Activitypub_profile::getKV("uri", $uri); $aprofile = Activitypub_profile::getKV("uri", $uri);
if ($aprofile instanceof Activitypub_profile) { if ($aprofile instanceof Activitypub_profile) {
$profile = $aprofile->local_profile(); $profile = $aprofile->local_profile();
} else {
// Nope, this potential local user is not a remote user.
// Let's check for pure blood!
$profile = User::getByNickname($this->temp_res["preferredUsername"])->getProfile();
}
// We found something! // We found something!
$this->discovered_actor_profiles[]= $profile; $this->discovered_actor_profiles[]= $profile;
unset($this->temp_res); // IMPORTANT to avoid _dangerous_ noise in the Explorer system unset($this->temp_res); // IMPORTANT to avoid _dangerous_ noise in the Explorer system
return true; return true;
} catch (Exception $e) {
// We can safely ignore every exception here as we are returning false
// when it fails the lookup for existing local representation
} }
// If offline grabbing failed, attempt again with online resources // If offline grabbing failed, attempt again with online resources
if (!$online) { if (!$online) {
$this->grab_local_user($uri, true); return $this->grab_local_user($uri, true);
} }
return false; return false;
} }
@ -202,6 +196,7 @@ class Activitypub_explorer
*/ */
private function store_profile($res) private function store_profile($res)
{ {
// ActivityPub Profile
$aprofile = new Activitypub_profile; $aprofile = new Activitypub_profile;
$aprofile->uri = $res['id']; $aprofile->uri = $res['id'];
$aprofile->nickname = $res['preferredUsername']; $aprofile->nickname = $res['preferredUsername'];
@ -211,8 +206,15 @@ class Activitypub_explorer
$aprofile->sharedInboxuri = isset($res['endpoints']['sharedInbox']) ? $res['endpoints']['sharedInbox'] : $res['inbox']; $aprofile->sharedInboxuri = isset($res['endpoints']['sharedInbox']) ? $res['endpoints']['sharedInbox'] : $res['inbox'];
$aprofile->do_insert(); $aprofile->do_insert();
$profile = $aprofile->local_profile();
return $aprofile->local_profile(); // Public Key
$apRSA = new Activitypub_rsa();
$apRSA->profile_id = $profile->getID();
$apRSA->public_key = $res['publicKey']['publicKeyPem'];
$apRSA->store_keys();
return $profile;
} }
/** /**
@ -225,7 +227,7 @@ class Activitypub_explorer
*/ */
private static function validate_remote_response($res) private static function validate_remote_response($res)
{ {
if (!isset($res['id'], $res['preferredUsername'], $res['name'], $res['summary'], $res['inbox'])) { if (!isset($res['id'], $res['preferredUsername'], $res['name'], $res['summary'], $res['inbox'], $res['publicKey']['publicKeyPem'])) {
return false; return false;
} }

29
utils/postman.php Normal file → Executable file
View File

@ -52,7 +52,7 @@ class Activitypub_postman
* Create a postman to deliver something to someone * Create a postman to deliver something to someone
* *
* @author Diogo Cordeiro <diogo@fc.up.pt> * @author Diogo Cordeiro <diogo@fc.up.pt>
* @param Profile of sender * @param Profile $from Profile of sender
* @param Activitypub_profile $to array of destinataries * @param Activitypub_profile $to array of destinataries
*/ */
public function __construct($from, $to = []) public function __construct($from, $to = [])
@ -73,7 +73,7 @@ class Activitypub_postman
*/ */
public function follow() public function follow()
{ {
$data = Activitypub_follow::follow_to_array($this->actor->getUrl(), $this->to[0]->getUrl()); $data = Activitypub_follow::follow_to_array(ActivityPubPlugin::actor_uri($this->actor), $this->to[0]->getUrl());
$this->client->setBody(json_encode($data)); $this->client->setBody(json_encode($data));
$res = $this->client->post($this->to[0]->get_inbox(), $this->headers); $res = $this->client->post($this->to[0]->get_inbox(), $this->headers);
$res_body = json_decode($res->getBody()); $res_body = json_decode($res->getBody());
@ -102,8 +102,8 @@ class Activitypub_postman
{ {
$data = Activitypub_undo::undo_to_array( $data = Activitypub_undo::undo_to_array(
Activitypub_follow::follow_to_array( Activitypub_follow::follow_to_array(
$this->actor->getUrl(), ActivityPubPlugin::actor_uri($this->actor),
$this->to[0]->getUrl() $this->to[0]->getUrl()
) )
); );
$this->client->setBody(json_encode($data)); $this->client->setBody(json_encode($data));
@ -130,7 +130,7 @@ class Activitypub_postman
public function like($notice) public function like($notice)
{ {
$data = Activitypub_like::like_to_array( $data = Activitypub_like::like_to_array(
$this->actor->getUrl(), ActivityPubPlugin::actor_uri($this->actor),
Activitypub_notice::notice_to_array($notice) Activitypub_notice::notice_to_array($notice)
); );
$this->client->setBody(json_encode($data)); $this->client->setBody(json_encode($data));
@ -149,10 +149,10 @@ class Activitypub_postman
{ {
$data = Activitypub_undo::undo_to_array( $data = Activitypub_undo::undo_to_array(
Activitypub_like::like_to_array( Activitypub_like::like_to_array(
$this->actor->getUrl(), ActivityPubPlugin::actor_uri($this->actor),
Activitypub_notice::notice_to_array($notice) Activitypub_notice::notice_to_array($notice)
) )
); );
$this->client->setBody(json_encode($data)); $this->client->setBody(json_encode($data));
foreach ($this->to_inbox() as $inbox) { foreach ($this->to_inbox() as $inbox) {
$this->client->post($inbox, $this->headers); $this->client->post($inbox, $this->headers);
@ -169,9 +169,9 @@ class Activitypub_postman
{ {
$data = Activitypub_create::create_to_array( $data = Activitypub_create::create_to_array(
$notice->getUri(), $notice->getUri(),
$this->actor->getUrl(), ActivityPubPlugin::actor_uri($this->actor),
Activitypub_notice::notice_to_array($notice) Activitypub_notice::notice_to_array($notice)
); );
if (isset($notice->reply_to)) { if (isset($notice->reply_to)) {
$data["object"]["reply_to"] = $notice->getParent()->getUri(); $data["object"]["reply_to"] = $notice->getParent()->getUri();
} }
@ -190,7 +190,7 @@ class Activitypub_postman
public function announce($notice) public function announce($notice)
{ {
$data = Activitypub_announce::announce_to_array( $data = Activitypub_announce::announce_to_array(
$this->actor->getUrl(), ActivityPubPlugin::actor_uri($this->actor),
Activitypub_notice::notice_to_array($notice) Activitypub_notice::notice_to_array($notice)
); );
$this->client->setBody(json_encode($data)); $this->client->setBody(json_encode($data));
@ -236,7 +236,12 @@ class Activitypub_postman
{ {
$to_inboxes = array(); $to_inboxes = array();
foreach ($this->to as $to_profile) { foreach ($this->to as $to_profile) {
$to_inboxes[] = $to_profile->get_inbox(); $i = $to_profile->get_inbox();
// Prevent delivering to self
if ($i == [common_local_url('apSharedInbox')]) {
continue;
}
$to_inboxes[] = $i;
} }
return array_unique($to_inboxes); return array_unique($to_inboxes);