NodeBB/src/activitypub/helpers.js

'use strict';

const request = require('request-promise-native');
const { generateKeyPairSync } = require('crypto');
const winston = require('winston');
const nconf = require('nconf');
const validator = require('validator');

const db = require('../database');
const ttl = require('../cache/ttl');
const user = require('../user');

const webfingerCache = ttl({ ttl: 1000 * 60 * 60 * 24 }); // 24 hours

const Helpers = module.exports;

Helpers.query = async (id) => {
	const [username, hostname] = id.split('@');
	if (!username || !hostname) {
		return false;
	}

	if (webfingerCache.has(id)) {
		return webfingerCache.get(id);
	}

	// Make a webfinger query to retrieve routing information
	const response = await request(`https://${hostname}/.well-known/webfinger?resource=acct:${id}`, {
		simple: false,
		resolveWithFullResponse: true,
		json: true,
	});

	if (response.statusCode !== 200 || !response.body.hasOwnProperty('links')) {
		return false;
	}

	// Parse links to find actor endpoint
	let actorUri = response.body.links.filter(link => link.type === 'application/activity+json' && link.rel === 'self');
	if (actorUri.length) {
		actorUri = actorUri.pop();
		({ href: actorUri } = actorUri);
	}

	const { publicKey } = response.body;

	webfingerCache.set(id, { username, hostname, actorUri, publicKey });
	return { username, hostname, actorUri, publicKey };
};

Helpers.generateKeys = async (uid) => {
	winston.verbose(`[activitypub] Generating RSA key-pair for uid ${uid}`);
	const {
		publicKey,
		privateKey,
	} = generateKeyPairSync('rsa', {
		modulusLength: 2048,
		publicKeyEncoding: {
			type: 'spki',
			format: 'pem',
		},
		privateKeyEncoding: {
			type: 'pkcs8',
			format: 'pem',
		},
	});

	await db.setObject(`uid:${uid}:keys`, { publicKey, privateKey });
	return { publicKey, privateKey };
};

Helpers.resolveLocalUid = async (input) => {
	let slug;
	const protocols = ['https'];
	if (process.env.CI === 'true') {
		protocols.push('http');
	}
	console.log(input, nconf.get('url'), nconf.get('url_parsed'), protocols, validator.isURL(input, {
		require_protocol: true,
		require_host: true,
		require_tld: false,
		protocols,
		require_valid_protocol: true,
	}), nconf.get('ci'));

	if (validator.isURL(input, {
		require_protocol: true,
		require_host: true,
		require_tld: false,
		protocols,
		require_valid_protocol: true,
	})) {
		const { host, pathname } = new URL(input);

		if (host === nconf.get('url_parsed').host) {
			slug = pathname.replace(nconf.get('relative_path'), '').split('/').filter(Boolean)[1];
		} else {
			throw new Error('[[activitypub:invalid-id]]');
		}
	} else if (input.indexOf('@') !== -1) { // Webfinger
		([slug] = input.replace(/^acct:/, '').split('@'));
	} else {
		throw new Error('[[activitypub:invalid-id]]');
	}

	return await user.getUidByUserslug(slug);
};
feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00			`'use strict';`

			`const request = require('request-promise-native');`
feat: actor cache, method to resolve inboxes, stub code for sending requests. Now base64 encoding digest as expected by Mastodon 2023-06-23 14:59:47 -04:00			`const { generateKeyPairSync } = require('crypto');`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`const winston = require('winston');`
feat: follow/unfollow logic and receipt 2023-06-28 14:59:39 -04:00			`const nconf = require('nconf');`
feat: update activitypub helper resolveLocalUid to accept both webfinger name and full URL as input 2023-12-11 14:35:04 -05:00			`const validator = require('validator');`
feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`const db = require('../database');`
feat: add webfinger ttl cache 2023-06-16 11:26:25 -04:00			`const ttl = require('../cache/ttl');`
feat: follow/unfollow logic and receipt 2023-06-28 14:59:39 -04:00			`const user = require('../user');`
feat: add webfinger ttl cache 2023-06-16 11:26:25 -04:00
			`const webfingerCache = ttl({ ttl: 1000 * 60 * 60 * 24 }); // 24 hours`

feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00			`const Helpers = module.exports;`

			`Helpers.query = async (id) => {`
			`const [username, hostname] = id.split('@');`
			`if (!username \|\| !hostname) {`
			`return false;`
			`}`

feat: add webfinger ttl cache 2023-06-16 11:26:25 -04:00			`if (webfingerCache.has(id)) {`
			`return webfingerCache.get(id);`
			`}`

feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00			`// Make a webfinger query to retrieve routing information`
			const response = await request(`https://${hostname}/.well-known/webfinger?resource=acct:${id}`, {
			`simple: false,`
			`resolveWithFullResponse: true,`
			`json: true,`
			`});`

			`if (response.statusCode !== 200 \|\| !response.body.hasOwnProperty('links')) {`
			`return false;`
			`}`

			`// Parse links to find actor endpoint`
			`let actorUri = response.body.links.filter(link => link.type === 'application/activity+json' && link.rel === 'self');`
			`if (actorUri.length) {`
			`actorUri = actorUri.pop();`
			`({ href: actorUri } = actorUri);`
			`}`

feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`const { publicKey } = response.body;`

			`webfingerCache.set(id, { username, hostname, actorUri, publicKey });`
			`return { username, hostname, actorUri, publicKey };`
			`};`

			`Helpers.generateKeys = async (uid) => {`
			winston.verbose(`[activitypub] Generating RSA key-pair for uid ${uid}`);
			`const {`
			`publicKey,`
			`privateKey,`
			`} = generateKeyPairSync('rsa', {`
			`modulusLength: 2048,`
			`publicKeyEncoding: {`
			`type: 'spki',`
			`format: 'pem',`
			`},`
			`privateKeyEncoding: {`
			`type: 'pkcs8',`
			`format: 'pem',`
			`},`
			`});`

			await db.setObject(`uid:${uid}:keys`, { publicKey, privateKey });
			`return { publicKey, privateKey };`
feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00			`};`
feat: follow/unfollow logic and receipt 2023-06-28 14:59:39 -04:00
feat: update activitypub helper resolveLocalUid to accept both webfinger name and full URL as input 2023-12-11 14:35:04 -05:00			`Helpers.resolveLocalUid = async (input) => {`
			`let slug;`
test: allow http proto on ci 2023-12-13 13:38:52 -05:00			`const protocols = ['https'];`
			`if (process.env.CI === 'true') {`
			`protocols.push('http');`
			`}`
			`console.log(input, nconf.get('url'), nconf.get('url_parsed'), protocols, validator.isURL(input, {`
			`require_protocol: true,`
			`require_host: true,`
			`require_tld: false,`
			`protocols,`
			`require_valid_protocol: true,`
			`}), nconf.get('ci'));`
feat: update activitypub helper resolveLocalUid to accept both webfinger name and full URL as input 2023-12-11 14:35:04 -05:00
			`if (validator.isURL(input, {`
			`require_protocol: true,`
			`require_host: true,`
			`require_tld: false,`
test: allow http proto on ci 2023-12-13 13:38:52 -05:00			`protocols,`
feat: update activitypub helper resolveLocalUid to accept both webfinger name and full URL as input 2023-12-11 14:35:04 -05:00			`require_valid_protocol: true,`
			`})) {`
			`const { host, pathname } = new URL(input);`

			`if (host === nconf.get('url_parsed').host) {`
test: allow http proto on ci 2023-12-13 13:38:52 -05:00			`slug = pathname.replace(nconf.get('relative_path'), '').split('/').filter(Boolean)[1];`
feat: update activitypub helper resolveLocalUid to accept both webfinger name and full URL as input 2023-12-11 14:35:04 -05:00			`} else {`
			`throw new Error('[[activitypub:invalid-id]]');`
			`}`
			`} else if (input.indexOf('@') !== -1) { // Webfinger`
			`([slug] = input.replace(/^acct:/, '').split('@'));`
			`} else {`
feat: follow/unfollow logic and receipt 2023-06-28 14:59:39 -04:00			`throw new Error('[[activitypub:invalid-id]]');`
			`}`

			`return await user.getUidByUserslug(slug);`
			`};`