NodeBB/src/activitypub/helpers.js

'use strict';

const { generateKeyPairSync } = require('crypto');
const winston = require('winston');
const nconf = require('nconf');
const validator = require('validator');

const request = require('../request');
const db = require('../database');
const ttl = require('../cache/ttl');
const user = require('../user');

const webfingerCache = ttl({ ttl: 1000 * 60 * 60 * 24 }); // 24 hours

const Helpers = module.exports;

Helpers.isUri = (value) => {
	if (typeof value !== 'string') {
		value = String(value);
	}

	const protocols = ['https'];
	if (process.env.CI === 'true') {
		protocols.push('http');
	}

	return validator.isURL(value, {
		require_protocol: true,
		require_host: true,
		protocols,
		require_valid_protocol: true,
		require_tld: false, // temporary — for localhost
	});
};

Helpers.query = async (id) => {
	const [username, hostname] = id.split('@');
	if (!username || !hostname) {
		return false;
	}

	if (webfingerCache.has(id)) {
		return webfingerCache.get(id);
	}

	// Make a webfinger query to retrieve routing information
	const { response, body } = await request.get(`https://${hostname}/.well-known/webfinger?resource=acct:${id}`);

	if (response.statusCode !== 200 || !body.hasOwnProperty('links')) {
		return false;
	}

	// Parse links to find actor endpoint
	let actorUri = body.links.filter(link => link.type === 'application/activity+json' && link.rel === 'self');
	if (actorUri.length) {
		actorUri = actorUri.pop();
		({ href: actorUri } = actorUri);
	}

	const { publicKey } = body;

	webfingerCache.set(id, { username, hostname, actorUri, publicKey });
	return { username, hostname, actorUri, publicKey };
};

Helpers.generateKeys = async (uid) => {
	winston.verbose(`[activitypub] Generating RSA key-pair for uid ${uid}`);
	const {
		publicKey,
		privateKey,
	} = generateKeyPairSync('rsa', {
		modulusLength: 2048,
		publicKeyEncoding: {
			type: 'spki',
			format: 'pem',
		},
		privateKeyEncoding: {
			type: 'pkcs8',
			format: 'pem',
		},
	});

	await db.setObject(`uid:${uid}:keys`, { publicKey, privateKey });
	return { publicKey, privateKey };
};

Helpers.resolveLocalUid = async (input) => {
	let slug;
	const protocols = ['https'];
	if (process.env.CI === 'true') {
		protocols.push('http');
	}
	if (Helpers.isUri(input)) {
		const { host, pathname } = new URL(input);

		if (host === nconf.get('url_parsed').host) {
			const [type, value] = pathname.replace(nconf.get('relative_path'), '').split('/').filter(Boolean)[1];
			if (type === 'uid') {
				return value;
			}

			slug = value;
		} else {
			throw new Error('[[error:activitypub.invalid-id]]');
		}
	} else if (input.indexOf('@') !== -1) { // Webfinger
		([slug] = input.replace(/^acct:/, '').split('@'));
	} else {
		throw new Error('[[error:activitypub.invalid-id]]');
	}

	return await user.getUidByUserslug(slug);
};
feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00			`'use strict';`

feat: actor cache, method to resolve inboxes, stub code for sending requests. Now base64 encoding digest as expected by Mastodon 2023-06-23 14:59:47 -04:00			`const { generateKeyPairSync } = require('crypto');`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`const winston = require('winston');`
feat: follow/unfollow logic and receipt 2023-06-28 14:59:39 -04:00			`const nconf = require('nconf');`
feat: update activitypub helper resolveLocalUid to accept both webfinger name and full URL as input 2023-12-11 14:35:04 -05:00			`const validator = require('validator');`
feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00
refactor: update ap libs to use core request lib 2023-12-19 14:33:38 -05:00			`const request = require('../request');`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00			`const db = require('../database');`
feat: add webfinger ttl cache 2023-06-16 11:26:25 -04:00			`const ttl = require('../cache/ttl');`
feat: follow/unfollow logic and receipt 2023-06-28 14:59:39 -04:00			`const user = require('../user');`
feat: add webfinger ttl cache 2023-06-16 11:26:25 -04:00
			`const webfingerCache = ttl({ ttl: 1000 * 60 * 60 * 24 }); // 24 hours`

feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00			`const Helpers = module.exports;`

fix: isUri helper so that it passes ci tests 2024-01-05 11:38:26 -05:00			`Helpers.isUri = (value) => {`
			`if (typeof value !== 'string') {`
			`value = String(value);`
			`}`

			`const protocols = ['https'];`
			`if (process.env.CI === 'true') {`
			`protocols.push('http');`
			`}`

			`return validator.isURL(value, {`
			`require_protocol: true,`
			`require_host: true,`
			`protocols,`
			`require_valid_protocol: true,`
			`require_tld: false, // temporary — for localhost`
			`});`
			`};`
refactor: validator check to helper method 2024-01-04 16:23:09 -05:00
feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00			`Helpers.query = async (id) => {`
			`const [username, hostname] = id.split('@');`
			`if (!username \|\| !hostname) {`
			`return false;`
			`}`

feat: add webfinger ttl cache 2023-06-16 11:26:25 -04:00			`if (webfingerCache.has(id)) {`
			`return webfingerCache.get(id);`
			`}`

feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00			`// Make a webfinger query to retrieve routing information`
refactor: update ap libs to use core request lib 2023-12-19 14:33:38 -05:00			const { response, body } = await request.get(`https://${hostname}/.well-known/webfinger?resource=acct:${id}`);
feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00
refactor: update ap libs to use core request lib 2023-12-19 14:33:38 -05:00			`if (response.statusCode !== 200 \|\| !body.hasOwnProperty('links')) {`
feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00			`return false;`
			`}`

			`// Parse links to find actor endpoint`
refactor: update ap libs to use core request lib 2023-12-19 14:33:38 -05:00			`let actorUri = body.links.filter(link => link.type === 'application/activity+json' && link.rel === 'self');`
feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00			`if (actorUri.length) {`
			`actorUri = actorUri.pop();`
			`({ href: actorUri } = actorUri);`
			`}`

refactor: update ap libs to use core request lib 2023-12-19 14:33:38 -05:00			`const { publicKey } = body;`
feat: http signatures support, .sign() and .verify() AP helper methods 2023-06-19 17:29:22 -04:00
			`webfingerCache.set(id, { username, hostname, actorUri, publicKey });`
			`return { username, hostname, actorUri, publicKey };`
			`};`

			`Helpers.generateKeys = async (uid) => {`
			winston.verbose(`[activitypub] Generating RSA key-pair for uid ${uid}`);
			`const {`
			`publicKey,`
			`privateKey,`
			`} = generateKeyPairSync('rsa', {`
			`modulusLength: 2048,`
			`publicKeyEncoding: {`
			`type: 'spki',`
			`format: 'pem',`
			`},`
			`privateKeyEncoding: {`
			`type: 'pkcs8',`
			`format: 'pem',`
			`},`
			`});`

			await db.setObject(`uid:${uid}:keys`, { publicKey, privateKey });
			`return { publicKey, privateKey };`
feat: ability to view federated profiles via url manipulation 2023-05-29 17:42:44 -04:00			`};`
feat: follow/unfollow logic and receipt 2023-06-28 14:59:39 -04:00
feat: update activitypub helper resolveLocalUid to accept both webfinger name and full URL as input 2023-12-11 14:35:04 -05:00			`Helpers.resolveLocalUid = async (input) => {`
			`let slug;`
test: allow http proto on ci 2023-12-13 13:38:52 -05:00			`const protocols = ['https'];`
			`if (process.env.CI === 'true') {`
			`protocols.push('http');`
			`}`
refactor: validator check to helper method 2024-01-04 16:23:09 -05:00			`if (Helpers.isUri(input)) {`
feat: update activitypub helper resolveLocalUid to accept both webfinger name and full URL as input 2023-12-11 14:35:04 -05:00			`const { host, pathname } = new URL(input);`

			`if (host === nconf.get('url_parsed').host) {`
fix: move all actor object urls to immutable variants 2024-01-29 16:59:13 -05:00			`const [type, value] = pathname.replace(nconf.get('relative_path'), '').split('/').filter(Boolean)[1];`
			`if (type === 'uid') {`
			`return value;`
			`}`

			`slug = value;`
			`} else {`
			`throw new Error('[[error:activitypub.invalid-id]]');`
feat: update activitypub helper resolveLocalUid to accept both webfinger name and full URL as input 2023-12-11 14:35:04 -05:00			`}`
			`} else if (input.indexOf('@') !== -1) { // Webfinger`
			`([slug] = input.replace(/^acct:/, '').split('@'));`
			`} else {`
fix: ActivityPub.get now throws on failure, handle in getActor 2024-01-08 14:30:09 -05:00			`throw new Error('[[error:activitypub.invalid-id]]');`
feat: follow/unfollow logic and receipt 2023-06-28 14:59:39 -04:00			`}`

			`return await user.getUidByUserslug(slug);`
			`};`