NodeBB/src/activitypub/index.js

'use strict';

const nconf = require('nconf');
const winston = require('winston');
const { createHash, createSign, createVerify, getHashes } = require('crypto');

const request = require('../request');
const db = require('../database');
const meta = require('../meta');
const user = require('../user');
const utils = require('../utils');
const ttl = require('../cache/ttl');

const requestCache = ttl({ ttl: 1000 * 60 * 5 }); // 5 minutes
const ActivityPub = module.exports;

ActivityPub._constants = Object.freeze({
	uid: -2,
	publicAddress: 'https://www.w3.org/ns/activitystreams#Public',
	acceptableTypes: [
		'application/activity+json',
		'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
	],
});
ActivityPub._cache = requestCache;

ActivityPub.helpers = require('./helpers');
ActivityPub.inbox = require('./inbox');
ActivityPub.mocks = require('./mocks');
ActivityPub.notes = require('./notes');
ActivityPub.actors = require('./actors');

ActivityPub.resolveId = async (uid, id) => {
	try {
		const query = new URL(id);
		({ id } = await ActivityPub.get('uid', uid, id));
		const response = new URL(id);

		if (query.host !== response.host) {
			winston.warn(`[activitypub/resolveId] id resolution domain mismatch: ${query.href} != ${response.href}`);
			return null;
		}

		return id;
	} catch (e) {
		return null;
	}
};

ActivityPub.resolveInboxes = async (ids) => {
	const inboxes = new Set();

	if (!meta.config.activitypubAllowLoopback) {
		ids = ids.filter((id) => {
			const { hostname } = new URL(id);
			return hostname !== nconf.get('url_parsed').hostname;
		});
	}

	await ActivityPub.actors.assert(ids);
	await Promise.all(ids.map(async (id) => {
		const { inbox, sharedInbox } = await user.getUserFields(id, ['inbox', 'sharedInbox']);
		if (sharedInbox || inbox) {
			inboxes.add(sharedInbox || inbox);
		}
	}));

	return Array.from(inboxes);
};

ActivityPub.getPublicKey = async (type, id) => {
	let publicKey;

	try {
		({ publicKey } = await db.getObject(`${type}:${id}:keys`));
	} catch (e) {
		({ publicKey } = await ActivityPub.helpers.generateKeys(type, id));
	}

	return publicKey;
};

ActivityPub.getPrivateKey = async (type, id) => {
	// Sanity checking
	if (!['cid', 'uid'].includes(type) || !utils.isNumber(id) || parseInt(id, 10) < 0) {
		throw new Error('[[error:invalid-data]]');
	}
	id = parseInt(id, 10);
	let privateKey;

	try {
		({ privateKey } = await db.getObject(`${type}:${id}:keys`));
	} catch (e) {
		({ privateKey } = await ActivityPub.helpers.generateKeys(type, id));
	}

	let keyId;
	if (type === 'uid') {
		keyId = `${nconf.get('url')}${id > 0 ? `/uid/${id}` : '/actor'}#key`;
	} else {
		keyId = `${nconf.get('url')}/category/${id}#key`;
	}

	return { key: privateKey, keyId };
};

ActivityPub.fetchPublicKey = async (uri) => {
	// Used for retrieving the public key from the passed-in keyId uri
	const body = await ActivityPub.get('uid', 0, uri);

	if (!body.hasOwnProperty('publicKey')) {
		throw new Error('[[error:activitypub.pubKey-not-found]]');
	}

	return body.publicKey;
};

ActivityPub.sign = async ({ key, keyId }, url, payload) => {
	// Returns string for use in 'Signature' header
	const { host, pathname } = new URL(url);
	const date = new Date().toUTCString();
	let digest = null;

	let headers = '(request-target) host date';
	let signed_string = `(request-target): ${payload ? 'post' : 'get'} ${pathname}\nhost: ${host}\ndate: ${date}`;

	// Calculate payload hash if payload present
	if (payload) {
		const payloadHash = createHash('sha256');
		payloadHash.update(JSON.stringify(payload));
		digest = `SHA-256=${payloadHash.digest('base64')}`;
		headers += ' digest';
		signed_string += `\ndigest: ${digest}`;
	}

	// Sign string using private key
	let signature = createSign('sha256');
	signature.update(signed_string);
	signature.end();
	signature = signature.sign(key, 'base64');

	// Construct signature header
	return {
		date,
		digest,
		signature: `keyId="${keyId}",headers="${headers}",signature="${signature}",algorithm="hs2019"`,
	};
};

ActivityPub.verify = async (req) => {
	winston.verbose('[activitypub/verify] Starting signature verification...');
	if (!req.headers.hasOwnProperty('signature')) {
		winston.verbose('[activitypub/verify]   Failed, no signature header.');
		return false;
	}

	// Break the signature apart
	let { keyId, headers, signature, algorithm, created, expires } = req.headers.signature.split(',').reduce((memo, cur) => {
		const split = cur.split('="');
		const key = split.shift();
		const value = split.join('="');
		memo[key] = value.slice(0, -1);
		return memo;
	}, {});

	const acceptableHashes = getHashes();
	if (algorithm === 'hs2019' || !acceptableHashes.includes(algorithm)) {
		algorithm = 'sha256';
	}

	// Re-construct signature string
	const signed_string = headers.split(' ').reduce((memo, cur) => {
		switch (cur) {
			case '(request-target)': {
				memo.push(`${cur}: ${String(req.method).toLowerCase()} ${req.baseUrl}${req.path}`);
				break;
			}

			case '(created)': {
				memo.push(`(created): ${created}`);
				break;
			}

			case '(expires)': {
				memo.push(`(expires): ${expires}`);
				break;
			}

			default: {
				memo.push(`${cur}: ${req.headers[cur]}`);
				break;
			}
		}

		return memo;
	}, []).join('\n');

	// Verify the signature string via public key
	try {
		// Retrieve public key from remote instance
		winston.verbose(`[activitypub/verify] Retrieving pubkey for ${keyId}`);
		const { publicKeyPem } = await ActivityPub.fetchPublicKey(keyId);

		const verify = createVerify('sha256');
		verify.update(signed_string);
		verify.end();
		winston.verbose('[activitypub/verify] Attempting signed string verification');
		const verified = verify.verify(publicKeyPem, signature, 'base64');
		return verified;
	} catch (e) {
		winston.verbose('[activitypub/verify]   Failed, key retrieval or verification failure.');
		return false;
	}
};

ActivityPub.get = async (type, id, uri) => {
	const cacheKey = [id, uri].join(';');
	if (requestCache.has(cacheKey)) {
		return requestCache.get(cacheKey);
	}

	const keyData = await ActivityPub.getPrivateKey(type, id);
	const headers = id >= 0 ? await ActivityPub.sign(keyData, uri) : {};
	winston.verbose(`[activitypub/get] ${uri}`);
	try {
		const { response, body } = await request.get(uri, {
			headers: {
				...headers,
				Accept: 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
			},
			timeout: 5000,
		});

		if (!String(response.statusCode).startsWith('2')) {
			winston.error(`[activitypub/get] Received ${response.statusCode} when querying ${uri}`);
			if (body.hasOwnProperty('error')) {
				winston.error(`[activitypub/get] Error received: ${body.error}`);
			}

			throw new Error(`[[error:activitypub.get-failed]]`);
		}

		requestCache.set(cacheKey, body);
		return body;
	} catch (e) {
		// Handle things like non-json body, etc.
		throw new Error(`[[error:activitypub.get-failed]]`);
	}
};

ActivityPub.send = async (type, id, targets, payload) => {
	if (!Array.isArray(targets)) {
		targets = [targets];
	}

	const inboxes = await ActivityPub.resolveInboxes(targets);

	const actor = ActivityPub.helpers.resolveActor(type, id);

	payload = {
		'@context': 'https://www.w3.org/ns/activitystreams',
		actor,
		...payload,
	};

	await Promise.all(inboxes.map(async (uri) => {
		const keyData = await ActivityPub.getPrivateKey(type, id);
		const headers = await ActivityPub.sign(keyData, uri, payload);
		winston.verbose(`[activitypub/send] ${uri}`);
		try {
			const { response, body } = await request.post(uri, {
				headers: {
					...headers,
					'content-type': 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
				},
				body: payload,
			});

			if (String(response.statusCode).startsWith('2')) {
				winston.verbose(`[activitypub/send] Successfully sent ${payload.type} to ${uri}`);
			} else {
				winston.warn(`[activitypub/send] Could not send ${payload.type} to ${uri}; error: ${String(body)}`);
			}
		} catch (e) {
			winston.warn(`[activitypub/send] Could not send ${payload.type} to ${uri}; error: ${e.message}`);
		}
	}));
};
feat: activitypub actor endpoint for user accounts 2023-05-17 13:13:30 -04:00			`'use strict';`

feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`const nconf = require('nconf');`
refactor: update ActivityPub.get and all methods calling it to take a uid so that requests can be signed 2024-01-05 22:45:33 -05:00			`const winston = require('winston');`
fix: send hs2019 as algo (to match cavage-12, handle incoming algorithm value 2024-04-11 10:39:51 -04:00			`const { createHash, createSign, createVerify, getHashes } = require('crypto');`
feat: activitypub actor endpoint for user accounts 2023-05-17 13:13:30 -04:00
refactor: update ap libs to use core request lib 2023-12-19 14:33:38 -05:00			`const request = require('../request');`
feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00			`const db = require('../database');`
feat: restrict loopback calls 2024-02-26 16:12:40 -05:00			`const meta = require('../meta');`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`const user = require('../user');`
feat: application actor + public key for uid 0 signs, moved homepage route to after core routes are generated 2024-01-22 16:18:49 -05:00			`const utils = require('../utils');`
feat: actor cache, method to resolve inboxes, stub code for sending requests. Now base64 encoding digest as expected by Mastodon 2023-06-23 14:59:47 -04:00			`const ttl = require('../cache/ttl');`
feat: activitypub actor endpoint for user accounts 2023-05-17 13:13:30 -04:00
feat: add activitypub request cache 2024-01-12 11:27:55 -05:00			`const requestCache = ttl({ ttl: 1000 * 60 * 5 }); // 5 minutes`
feat: activitypub actor endpoint for user accounts 2023-05-17 13:13:30 -04:00			`const ActivityPub = module.exports;`

feat: Create(Note) on new topic or reply This is a naive WIP implementation that federates everything out publicly. It does not take category privileges into account! 2024-01-24 11:44:10 -05:00			`ActivityPub._constants = Object.freeze({`
feat: fine-grained privileges integration for fediverse users and world pseudo-category 2024-02-26 11:39:32 -05:00			`uid: -2,`
feat: Create(Note) on new topic or reply This is a naive WIP implementation that federates everything out publicly. It does not take category privileges into account! 2024-01-24 11:44:10 -05:00			`publicAddress: 'https://www.w3.org/ns/activitystreams#Public',`
fix: support ldjson with ActivityStreams profile in actor queries 2024-04-08 20:06:26 +02:00			`acceptableTypes: [`
			`'application/activity+json',`
			`'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',`
			`],`
feat: Create(Note) on new topic or reply This is a naive WIP implementation that federates everything out publicly. It does not take category privileges into account! 2024-01-24 11:44:10 -05:00			`});`
test: refactor AP tests 2024-02-21 10:26:26 -05:00			`ActivityPub._cache = requestCache;`
feat: Create(Note) on new topic or reply This is a naive WIP implementation that federates everything out publicly. It does not take category privileges into account! 2024-01-24 11:44:10 -05:00
chore: update AP helpers export, 404 logic reversal, no slugify in userslug in mock profile from remote instance 2023-06-02 14:22:43 -04:00			`ActivityPub.helpers = require('./helpers');`
feat: follow/unfollow logic and receipt 2023-06-28 14:59:39 -04:00			`ActivityPub.inbox = require('./inbox');`
refactor: move mockProfile and mockPost to separate mocks.js 2024-01-10 14:19:57 -05:00			`ActivityPub.mocks = require('./mocks');`
chore: move assertNote to separate file in preparation for additional note-based methods 2024-01-11 10:05:02 -05:00			`ActivityPub.notes = require('./notes');`
refactor: replace JIT actor retrieval with actor assertion and storage logic 2024-01-26 15:10:35 -05:00			`ActivityPub.actors = require('./actors');`
chore: update AP helpers export, 404 logic reversal, no slugify in userslug in mock profile from remote instance 2023-06-02 14:22:43 -04:00
refactor: resolveId method, add hostname verification 2024-02-21 10:58:20 -05:00			`ActivityPub.resolveId = async (uid, id) => {`
			`try {`
			`const query = new URL(id);`
			`({ id } = await ActivityPub.get('uid', uid, id));`
			`const response = new URL(id);`

			`if (query.host !== response.host) {`
			winston.warn(`[activitypub/resolveId] id resolution domain mismatch: ${query.href} != ${response.href}`);
			`return null;`
			`}`

			`return id;`
			`} catch (e) {`
			`return null;`
			`}`
			`};`

refactor: replace JIT actor retrieval with actor assertion and storage logic 2024-01-26 15:10:35 -05:00			`ActivityPub.resolveInboxes = async (ids) => {`
feat: Create(Note) on new topic or reply This is a naive WIP implementation that federates everything out publicly. It does not take category privileges into account! 2024-01-24 11:44:10 -05:00			`const inboxes = new Set();`

feat: restrict loopback calls 2024-02-26 16:12:40 -05:00			`if (!meta.config.activitypubAllowLoopback) {`
			`ids = ids.filter((id) => {`
			`const { hostname } = new URL(id);`
			`return hostname !== nconf.get('url_parsed').hostname;`
			`});`
			`}`

fix: a bunch of broken things, added test for Create(Note) 2024-01-26 21:39:20 -05:00			`await ActivityPub.actors.assert(ids);`
feat: Create(Note) on new topic or reply This is a naive WIP implementation that federates everything out publicly. It does not take category privileges into account! 2024-01-24 11:44:10 -05:00			`await Promise.all(ids.map(async (id) => {`
refactor: replace JIT actor retrieval with actor assertion and storage logic 2024-01-26 15:10:35 -05:00			`const { inbox, sharedInbox } = await user.getUserFields(id, ['inbox', 'sharedInbox']);`
			`if (sharedInbox \|\| inbox) {`
			`inboxes.add(sharedInbox \|\| inbox);`
feat: Create(Note) on new topic or reply This is a naive WIP implementation that federates everything out publicly. It does not take category privileges into account! 2024-01-24 11:44:10 -05:00			`}`
			`}));`

			`return Array.from(inboxes);`
			`};`
feat: actor cache, method to resolve inboxes, stub code for sending requests. Now base64 encoding digest as expected by Mastodon 2023-06-23 14:59:47 -04:00
refactor: activitypub sending to handle signed requests from categories 2024-02-05 16:57:17 -05:00			`ActivityPub.getPublicKey = async (type, id) => {`
feat: activitypub actor endpoint for user accounts 2023-05-17 13:13:30 -04:00			`let publicKey;`

			`try {`
fix: category following and acceptance logic 2024-02-06 10:40:46 -05:00			({ publicKey } = await db.getObject(`${type}:${id}:keys`));
feat: activitypub actor endpoint for user accounts 2023-05-17 13:13:30 -04:00			`} catch (e) {`
refactor: activitypub sending to handle signed requests from categories 2024-02-05 16:57:17 -05:00			`({ publicKey } = await ActivityPub.helpers.generateKeys(type, id));`
feat: activitypub actor endpoint for user accounts 2023-05-17 13:13:30 -04:00			`}`

			`return publicKey;`
			`};`

refactor: activitypub sending to handle signed requests from categories 2024-02-05 16:57:17 -05:00			`ActivityPub.getPrivateKey = async (type, id) => {`
			`// Sanity checking`
			`if (!['cid', 'uid'].includes(type) \|\| !utils.isNumber(id) \|\| parseInt(id, 10) < 0) {`
			`throw new Error('[[error:invalid-data]]');`
			`}`
			`id = parseInt(id, 10);`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`let privateKey;`

			`try {`
refactor: activitypub sending to handle signed requests from categories 2024-02-05 16:57:17 -05:00			({ privateKey } = await db.getObject(`${type}:${id}:keys`));
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`} catch (e) {`
refactor: activitypub sending to handle signed requests from categories 2024-02-05 16:57:17 -05:00			`({ privateKey } = await ActivityPub.helpers.generateKeys(type, id));`
			`}`

			`let keyId;`
			`if (type === 'uid') {`
			keyId = `${nconf.get('url')}${id > 0 ? `/uid/${id}` : '/actor'}#key`;
			`} else {`
			keyId = `${nconf.get('url')}/category/${id}#key`;
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`}`

refactor: activitypub sending to handle signed requests from categories 2024-02-05 16:57:17 -05:00			`return { key: privateKey, keyId };`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`};`

			`ActivityPub.fetchPublicKey = async (uri) => {`
			`// Used for retrieving the public key from the passed-in keyId uri`
feat: sign public key requests Lack of this signature resulted in ironically failing the verification of signed requests from Mastodon instanced configured to require signed get... 2024-04-09 19:27:35 +02:00			`const body = await ActivityPub.get('uid', 0, uri);`
feat: activitypub actor endpoint for user accounts 2023-05-17 13:13:30 -04:00
feat: sign public key requests Lack of this signature resulted in ironically failing the verification of signed requests from Mastodon instanced configured to require signed get... 2024-04-09 19:27:35 +02:00			`if (!body.hasOwnProperty('publicKey')) {`
fix: handle case where pubKey cannot be found 2024-01-18 15:21:46 -05:00			`throw new Error('[[error:activitypub.pubKey-not-found]]');`
			`}`

refactor: update ap libs to use core request lib 2023-12-19 14:33:38 -05:00			`return body.publicKey;`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`};`

refactor: activitypub sending to handle signed requests from categories 2024-02-05 16:57:17 -05:00			`ActivityPub.sign = async ({ key, keyId }, url, payload) => {`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`// Returns string for use in 'Signature' header`
			`const { host, pathname } = new URL(url);`
			`const date = new Date().toUTCString();`
			`let digest = null;`

			`let headers = '(request-target) host date';`
			let signed_string = `(request-target): ${payload ? 'post' : 'get'} ${pathname}\nhost: ${host}\ndate: ${date}`;

			`// Calculate payload hash if payload present`
			`if (payload) {`
			`const payloadHash = createHash('sha256');`
			`payloadHash.update(JSON.stringify(payload));`
fix: uppercase digest algorithm name for compatibility reasons Mastodon works with either, but Mbin actually requires uppercased name 2024-04-06 02:06:41 +02:00			digest = `SHA-256=${payloadHash.digest('base64')}`;
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`headers += ' digest';`
			signed_string += `\ndigest: ${digest}`;
			`}`

			`// Sign string using private key`
			`let signature = createSign('sha256');`
fix: accidental double-hash in sign/verify 2023-12-22 12:58:46 -05:00			`signature.update(signed_string);`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`signature.end();`
fix: accidental double-hash in sign/verify 2023-12-22 12:58:46 -05:00			`signature = signature.sign(key, 'base64');`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00
			`// Construct signature header`
			`return {`
			`date,`
			`digest,`
fix: send hs2019 as algo (to match cavage-12, handle incoming algorithm value 2024-04-11 10:39:51 -04:00			signature: `keyId="${keyId}",headers="${headers}",signature="${signature}",algorithm="hs2019"`,
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`};`
			`};`

			`ActivityPub.verify = async (req) => {`
fix: additional verbose logging for signature verification 2024-04-09 11:29:57 -04:00			`winston.verbose('[activitypub/verify] Starting signature verification...');`
fix: automatically reject unsigned POSTs to inbox 2024-01-19 11:43:21 -05:00			`if (!req.headers.hasOwnProperty('signature')) {`
fix: additional verbose logging for signature verification 2024-04-09 11:29:57 -04:00			`winston.verbose('[activitypub/verify] Failed, no signature header.');`
fix: automatically reject unsigned POSTs to inbox 2024-01-19 11:43:21 -05:00			`return false;`
			`}`

feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`// Break the signature apart`
fix: handle (created) and (expires) in http signatures 2024-04-11 15:20:59 -04:00			`let { keyId, headers, signature, algorithm, created, expires } = req.headers.signature.split(',').reduce((memo, cur) => {`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`const split = cur.split('="');`
			`const key = split.shift();`
			`const value = split.join('="');`
			`memo[key] = value.slice(0, -1);`
			`return memo;`
			`}, {});`

fix: send hs2019 as algo (to match cavage-12, handle incoming algorithm value 2024-04-11 10:39:51 -04:00			`const acceptableHashes = getHashes();`
			`if (algorithm === 'hs2019' \|\| !acceptableHashes.includes(algorithm)) {`
			`algorithm = 'sha256';`
			`}`

feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`// Re-construct signature string`
			`const signed_string = headers.split(' ').reduce((memo, cur) => {`
fix: handle (created) and (expires) in http signatures 2024-04-11 15:20:59 -04:00			`switch (cur) {`
			`case '(request-target)': {`
			memo.push(`${cur}: ${String(req.method).toLowerCase()} ${req.baseUrl}${req.path}`);
			`break;`
			`}`

			`case '(created)': {`
			memo.push(`(created): ${created}`);
			`break;`
			`}`

			`case '(expires)': {`
			memo.push(`(expires): ${expires}`);
			`break;`
			`}`

			`default: {`
			memo.push(`${cur}: ${req.headers[cur]}`);
			`break;`
			`}`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`}`

			`return memo;`
			`}, []).join('\n');`

			`// Verify the signature string via public key`
			`try {`
fix: handle case where pubKey cannot be found 2024-01-18 15:21:46 -05:00			`// Retrieve public key from remote instance`
fix: additional verbose logging for signature verification 2024-04-09 11:29:57 -04:00			winston.verbose(`[activitypub/verify] Retrieving pubkey for ${keyId}`);
fix: handle case where pubKey cannot be found 2024-01-18 15:21:46 -05:00			`const { publicKeyPem } = await ActivityPub.fetchPublicKey(keyId);`

feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`const verify = createVerify('sha256');`
fix: accidental double-hash in sign/verify 2023-12-22 12:58:46 -05:00			`verify.update(signed_string);`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`verify.end();`
fix: additional verbose logging for signature verification 2024-04-09 11:29:57 -04:00			`winston.verbose('[activitypub/verify] Attempting signed string verification');`
fix: accidental double-hash in sign/verify 2023-12-22 12:58:46 -05:00			`const verified = verify.verify(publicKeyPem, signature, 'base64');`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`return verified;`
			`} catch (e) {`
fix: additional verbose logging for signature verification 2024-04-09 11:29:57 -04:00			`winston.verbose('[activitypub/verify] Failed, key retrieval or verification failure.');`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`return false;`
			`}`
			`};`

refactor: activitypub sending to handle signed requests from categories 2024-02-05 16:57:17 -05:00			`ActivityPub.get = async (type, id, uri) => {`
			`const cacheKey = [id, uri].join(';');`
feat: add activitypub request cache 2024-01-12 11:27:55 -05:00			`if (requestCache.has(cacheKey)) {`
			`return requestCache.get(cacheKey);`
			`}`

refactor: activitypub sending to handle signed requests from categories 2024-02-05 16:57:17 -05:00			`const keyData = await ActivityPub.getPrivateKey(type, id);`
			`const headers = id >= 0 ? await ActivityPub.sign(keyData, uri) : {};`
feat: flesh out more topic info, fix navigator 2024-01-13 22:27:02 -05:00			winston.verbose(`[activitypub/get] ${uri}`);
feat: fine-grained privileges integration for fediverse users and world pseudo-category 2024-02-26 11:39:32 -05:00			`try {`
			`const { response, body } = await request.get(uri, {`
			`headers: {`
			`...headers,`
			`Accept: 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',`
			`},`
fix: add timeout on activitypub.get, tweak upgrade script 2024-04-04 12:22:13 -04:00			`timeout: 5000,`
feat: fine-grained privileges integration for fediverse users and world pseudo-category 2024-02-26 11:39:32 -05:00			`});`

			`if (!String(response.statusCode).startsWith('2')) {`
			winston.error(`[activitypub/get] Received ${response.statusCode} when querying ${uri}`);
			`if (body.hasOwnProperty('error')) {`
			winston.error(`[activitypub/get] Error received: ${body.error}`);
			`}`

			throw new Error(`[[error:activitypub.get-failed]]`);
refactor: update ActivityPub.get and all methods calling it to take a uid so that requests can be signed 2024-01-05 22:45:33 -05:00			`}`
fix: ActivityPub.get now throws on failure, handle in getActor 2024-01-08 14:30:09 -05:00
feat: fine-grained privileges integration for fediverse users and world pseudo-category 2024-02-26 11:39:32 -05:00			`requestCache.set(cacheKey, body);`
			`return body;`
			`} catch (e) {`
			`// Handle things like non-json body, etc.`
fix: ActivityPub.get now throws on failure, handle in getActor 2024-01-08 14:30:09 -05:00			throw new Error(`[[error:activitypub.get-failed]]`);
refactor: update ActivityPub.get and all methods calling it to take a uid so that requests can be signed 2024-01-05 22:45:33 -05:00			`}`
feat: expose following/follower counts in actor response 2024-01-05 11:39:17 -05:00			`};`

refactor: activitypub sending to handle signed requests from categories 2024-02-05 16:57:17 -05:00			`ActivityPub.send = async (type, id, targets, payload) => {`
feat: actor cache, method to resolve inboxes, stub code for sending requests. Now base64 encoding digest as expected by Mastodon 2023-06-23 14:59:47 -04:00			`if (!Array.isArray(targets)) {`
			`targets = [targets];`
			`}`

fix: a bunch of broken things, added test for Create(Note) 2024-01-26 21:39:20 -05:00			`const inboxes = await ActivityPub.resolveInboxes(targets);`
feat: actor cache, method to resolve inboxes, stub code for sending requests. Now base64 encoding digest as expected by Mastodon 2023-06-23 14:59:47 -04:00
refactor: use a helper to resolve actor URI 2024-04-09 23:58:25 +02:00			`const actor = ActivityPub.helpers.resolveActor(type, id);`
fix: category following and acceptance logic 2024-02-06 10:40:46 -05:00
feat: actor cache, method to resolve inboxes, stub code for sending requests. Now base64 encoding digest as expected by Mastodon 2023-06-23 14:59:47 -04:00			`payload = {`
feat: accept and undo support 2023-12-13 13:15:03 -05:00			`'@context': 'https://www.w3.org/ns/activitystreams',`
fix: category following and acceptance logic 2024-02-06 10:40:46 -05:00			`actor,`
feat: actor cache, method to resolve inboxes, stub code for sending requests. Now base64 encoding digest as expected by Mastodon 2023-06-23 14:59:47 -04:00			`...payload,`
			`};`

			`await Promise.all(inboxes.map(async (uri) => {`
refactor: activitypub sending to handle signed requests from categories 2024-02-05 16:57:17 -05:00			`const keyData = await ActivityPub.getPrivateKey(type, id);`
			`const headers = await ActivityPub.sign(keyData, uri, payload);`
			winston.verbose(`[activitypub/send] ${uri}`);
fix: only log warning on ap.send failure 2024-02-09 11:24:03 -05:00			`try {`
			`const { response, body } = await request.post(uri, {`
			`headers: {`
			`...headers,`
			`'content-type': 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',`
			`},`
			`body: payload,`
			`});`

			`if (String(response.statusCode).startsWith('2')) {`
			winston.verbose(`[activitypub/send] Successfully sent ${payload.type} to ${uri}`);
			`} else {`
fix: stringify error body in ap.send 2024-02-09 11:37:22 -05:00			winston.warn(`[activitypub/send] Could not send ${payload.type} to ${uri}; error: ${String(body)}`);
fix: only log warning on ap.send failure 2024-02-09 11:24:03 -05:00			`}`
			`} catch (e) {`
			winston.warn(`[activitypub/send] Could not send ${payload.type} to ${uri}; error: ${e.message}`);
fix: missing req.body when parsing ActivityPub requests 2023-06-26 16:15:25 -04:00			`}`
feat: actor cache, method to resolve inboxes, stub code for sending requests. Now base64 encoding digest as expected by Mastodon 2023-06-23 14:59:47 -04:00			`}));`
			`};`