bridgy-fed/redirect.py

"""Simple conneg endpoint that serves AS2 or redirects to to the original post.

Only for :class:`web.Web` users. Other protocols (including :class:`web.Web`
sometimes) use ``/convert/`` in convert.py instead.

Serves ``/r/https://foo.com/bar`` URL paths, where ``https://foo.com/bar`` is a
original post for a :class:`Web` user. Needed for Mastodon interop, they require
that AS2 object ids and urls are on the same domain that serves them.
Background:

* https://github.com/snarfed/bridgy-fed/issues/16#issuecomment-424799599
* https://github.com/tootsuite/mastodon/pull/6219#issuecomment-429142747

The conneg makes these ``/r/`` URLs searchable in Mastodon:
https://github.com/snarfed/bridgy-fed/issues/352
"""
from datetime import timedelta
import logging
import re
import urllib.parse

from flask import redirect, request
from granary import as1
from oauth_dropins.webutil import flask_util, util
from oauth_dropins.webutil.flask_util import error
from oauth_dropins.webutil.util import json_dumps, json_loads

from activitypub import ActivityPub
from common import (
    as2_request_type,
    CACHE_CONTROL_VARY_ACCEPT,
    CONTENT_TYPE_HTML,
    SUPERDOMAIN,
)
from flask_app import app
import memcache
from protocol import Protocol
from web import Web

logger = logging.getLogger(__name__)

DOMAIN_ALLOWLIST = frozenset((
    'bsky.app',
))


@app.get(r'/r/<path:to>')
@memcache.memoize(expire=timedelta(hours=1), key=lambda to: (to, as2_request_type()))
@flask_util.headers(CACHE_CONTROL_VARY_ACCEPT)
def redir(to):
    """Either redirect to a given URL or convert it to another format.

    E.g. redirects ``/r/https://foo.com/bar?baz`` to
    ``https://foo.com/bar?baz``, or if it's requested with AS2 conneg in the
    ``Accept`` header, fetches and converts and serves it as AS2.
    """
    to = to.strip()
    if request.args:
        to += '?' + urllib.parse.urlencode(request.args)
    # some browsers collapse repeated /s in the path down to a single slash.
    # if that happened to this URL, expand it back to two /s.
    to = re.sub(r'^(https?:/)([^/])', r'\1/\2', to)

    if not util.is_web(to):
        error(f'Expected fully qualified URL; got {to}')

    try:
        to_domain = urllib.parse.urlparse(to).hostname
    except ValueError as e:
        error(f'Invalid URL {to} : {e}')

    if to_domain and to_domain.endswith(SUPERDOMAIN):
        return redirect(to, code=301)

    # check conneg
    as2_request = as2_request_type()

    # check that we've seen this domain before so we're not an open redirect
    domains = set((util.domain_from_link(to, minimize=True),
                   util.domain_from_link(to, minimize=False),
                   to_domain))
    web_user = None
    for domain in domains:
        if domain:
            if domain in DOMAIN_ALLOWLIST:
                break
            if web_user := Web.get_by_id(domain):
                logger.debug(f'Found web user for domain {domain}')
                break
    else:
        if not as2_request:
            return f'No web user found for any of {domains}', 404

    if not as2_request:
        # redirect. include rel-alternate link to make posts discoverable by entering
        # https://fed.brid.gy/r/[URL] in a fediverse instance's search.
        logger.debug(f'redirecting to {to}')
        return f"""\
    <!doctype html>
    <html>
    <head>
    <link href="{request.url}" rel="alternate" type="application/activity+json">
    </head>
    <title>Redirecting...</title>
    <h1>Redirecting...</h1>
    <p>You should be redirected automatically to the target URL: <a href="{to}">{to}</a>. If not, click the link.
    </html>
    """, 301, {'Location': to}

    # AS2 requested, fetch and convert and serve
    proto = Protocol.for_id(to)
    if not proto:
        return f"Couldn't determine protocol for {to}", 404

    obj = proto.load(to)
    if not obj or obj.deleted:
        return f'Object not found: {to}', 404

    if proto == Web:
        if not web_user:
            return f'Object not found: {to}', 404
    else:
        if obj.type in as1.ACTOR_TYPES:
            user = proto.query(proto.obj_key == obj.key).get()
            if not user or not user.is_enabled(ActivityPub):
                return f'Object not found: {to}', 404

    ret = ActivityPub.convert(obj, from_user=web_user)
    # logger.info(f'Returning: {json_dumps(ret, indent=2)}')
    return ret, {
        'Content-Type': as2_request,
        'Access-Control-Allow-Origin': '*',
    }
handle full conneg Accept header parsing in /r/ handler for #352 2022-12-26 05:09:34 +00:00			`"""Simple conneg endpoint that serves AS2 or redirects to to the original post.`
add /r/ redirect endpoint for #16, #32. cc @swentel. more to come. 2018-10-14 14:42:28 +00:00
docs: fix docstring formatting, other tweaks 2023-10-06 06:32:31 +00:00			Only for :class:`web.Web` users. Other protocols (including :class:`web.Web`
more docstring formatting tweaks 2023-10-06 15:22:50 +00:00			sometimes) use ``/convert/`` in convert.py instead.
noop, minor protocol generalization and cleanup for #512 2023-06-10 22:07:26 +00:00
docs: fix docstring formatting, other tweaks 2023-10-06 06:32:31 +00:00			Serves ``/r/https://foo.com/bar`` URL paths, where ``https://foo.com/bar`` is a
			original post for a :class:`Web` user. Needed for Mastodon interop, they require
			`that AS2 object ids and urls are on the same domain that serves them.`
			`Background:`
add /r/ redirect endpoint for #16, #32. cc @swentel. more to come. 2018-10-14 14:42:28 +00:00
docs: fix docstring formatting, other tweaks 2023-10-06 06:32:31 +00:00			`* https://github.com/snarfed/bridgy-fed/issues/16#issuecomment-424799599`
			`* https://github.com/tootsuite/mastodon/pull/6219#issuecomment-429142747`
handle full conneg Accept header parsing in /r/ handler for #352 2022-12-26 05:09:34 +00:00
docs: fix docstring formatting, other tweaks 2023-10-06 06:32:31 +00:00			The conneg makes these ``/r/`` URLs searchable in Mastodon:
handle full conneg Accept header parsing in /r/ handler for #352 2022-12-26 05:09:34 +00:00			`https://github.com/snarfed/bridgy-fed/issues/352`
add /r/ redirect endpoint for #16, #32. cc @swentel. more to come. 2018-10-14 14:42:28 +00:00			`"""`
cache /convert/ and /r/ endpoints in memcache ...since GAE's edge caching based on Cache-Control doesn't seem to be very effective :/ for #1149 2025-01-29 19:57:21 +00:00			`from datetime import timedelta`
cache lots of GET requests this helps with requests that make external HTTP fetches, eg indieweb home pages/posts and federated profiles/posts, which change rarely. in particular, outbound AP requests that get federated widely (eg Mastodon) result in all of those federated instances making the same bridgy fed requests at the same time, often within just a few seconds. more background: tootsuite/mastodon#4486 2019-04-16 15:02:19 +00:00			`import logging`
redirect: handle single /s that got collapsed by the browser (etc) 2021-06-29 05:52:04 +00:00			`import re`
stop /r/ from being an open redirect by checking that we've seen the domain 2021-03-07 15:36:34 +00:00			`import urllib.parse`
add /r/ redirect endpoint for #16, #32. cc @swentel. more to come. 2018-10-14 14:42:28 +00:00
HTTP caching headers: switch to flask_util.headers for #432, fixes https://console.cloud.google.com/errors/detail/CMK10__x4ZbgbQ;time=P7D;refresh=true?project=bridgy-federated 2024-06-04 21:19:04 +00:00			`from flask import redirect, request`
/r/ : on a *.brid.gy URL, just redirect to it 2025-07-05 02:30:06 +00:00			`from granary import as1`
move Flask utils to oauth_dropins.webutil.flask_util corresponds to snarfed/webutil@5574bb23fa88df899a3d539123797ef1ef0e995d 2021-07-18 04:22:13 +00:00			`from oauth_dropins.webutil import flask_util, util`
move common.error() to webutil.flask_util corresponds to snarfed/webutil@10c088cebd104c6b2e6deecf564fee65f1d489ce 2021-08-06 17:29:25 +00:00			`from oauth_dropins.webutil.flask_util import error`
serve /r/ URLs as AS2 from the datastore, don't fetch and convert on the fly for #392, #378 2023-02-12 02:35:34 +00:00			`from oauth_dropins.webutil.util import json_dumps, json_loads`
add /r/ redirect endpoint for #16, #32. cc @swentel. more to come. 2018-10-14 14:42:28 +00:00
AP users: extract out Protocol.serve() method #512 2023-05-24 04:30:57 +00:00			`from activitypub import ActivityPub`
/r/ : on a *.brid.gy URL, just redirect to it 2025-07-05 02:30:06 +00:00			`from common import (`
			`as2_request_type,`
			`CACHE_CONTROL_VARY_ACCEPT,`
			`CONTENT_TYPE_HTML,`
			`SUPERDOMAIN,`
			`)`
add HTTP caching to /r/ redirect URLs for #432 2024-05-30 22:12:19 +00:00			`from flask_app import app`
cache /convert/ and /r/ endpoints in memcache ...since GAE's edge caching based on Cache-Control doesn't seem to be very effective :/ for #1149 2025-01-29 19:57:21 +00:00			`import memcache`
abstract redirect.py to be multi-protocol ...mostly. creating the underlying user opportunistically is still Web-only. 2024-04-15 01:26:34 +00:00			`from protocol import Protocol`
rename Webmention class => Web, webmention.py => web.py 2023-05-27 00:40:29 +00:00			`from web import Web`
add /r/ redirect endpoint for #16, #32. cc @swentel. more to come. 2018-10-14 14:42:28 +00:00
logging: use separate loggers for each module with their names 2022-02-12 06:38:56 +00:00			`logger = logging.getLogger(__name__)`

/r/ redirects: add bsky.app to domain allowlist 2023-09-23 20:50:19 +00:00			`DOMAIN_ALLOWLIST = frozenset((`
			`'bsky.app',`
			`))`
cache lots of GET requests this helps with requests that make external HTTP fetches, eg indieweb home pages/posts and federated profiles/posts, which change rarely. in particular, outbound AP requests that get federated widely (eg Mastodon) result in all of those federated instances making the same bridgy fed requests at the same time, often within just a few seconds. more background: tootsuite/mastodon#4486 2019-04-16 15:02:19 +00:00
/r/: serve Vary: Accept header 2023-12-31 17:20:56 +00:00
flask: port XrdOrJrdHandler, finish porting webfinger 2021-07-11 23:30:14 +00:00			`@app.get(r'/r/<path:to>')`
cache /convert/ and /r/ endpoints in memcache ...since GAE's edge caching based on Cache-Control doesn't seem to be very effective :/ for #1149 2025-01-29 19:57:21 +00:00			`@memcache.memoize(expire=timedelta(hours=1), key=lambda to: (to, as2_request_type()))`
add common.CACHE_CONTROL_VARY_ACCEPT 2025-01-29 05:13:35 +00:00			`@flask_util.headers(CACHE_CONTROL_VARY_ACCEPT)`
Flask routing tweak, don't redirect URLs with empty path elements 2021-08-06 17:28:56 +00:00			`def redir(to):`
AP users: serve AS2 for external URLs #512 2023-05-22 22:27:43 +00:00			`"""Either redirect to a given URL or convert it to another format.`
add /r/ redirect endpoint for #16, #32. cc @swentel. more to come. 2018-10-14 14:42:28 +00:00
docs: fix docstring formatting, other tweaks 2023-10-06 06:32:31 +00:00			E.g. redirects ``/r/https://foo.com/bar?baz`` to
			``https://foo.com/bar?baz``, or if it's requested with AS2 conneg in the
			``Accept`` header, fetches and converts and serves it as AS2.
add /r/ redirect endpoint for #16, #32. cc @swentel. more to come. 2018-10-14 14:42:28 +00:00			`"""`
/r/: strip encoded whitespace fixes https://console.cloud.google.com/errors/detail/CLys08qau6aNYg;locations=global;time=P30D?project=bridgy-federated 2024-09-19 14:13:41 +00:00			`to = to.strip()`
flask: port /r/, start to port common 2021-07-08 04:02:13 +00:00			`if request.args:`
			`to += '?' + urllib.parse.urlencode(request.args)`
			`# some browsers collapse repeated /s in the path down to a single slash.`
			`# if that happened to this URL, expand it back to two /s.`
			`to = re.sub(r'^(https?:/)([^/])', r'\1/\2', to)`

use util.is_web() more 2022-12-10 17:04:05 +00:00			`if not util.is_web(to):`
move common.error() to webutil.flask_util corresponds to snarfed/webutil@10c088cebd104c6b2e6deecf564fee65f1d489ce 2021-08-06 17:29:25 +00:00			`error(f'Expected fully qualified URL; got {to}')`
flask: port /r/, start to port common 2021-07-08 04:02:13 +00:00
/r/ redirect: handle bad URLs fixes https://console.cloud.google.com/errors/detail/CJ30oPbsoqmI7QE;time=P30D?project=bridgy-federated 2023-10-18 18:02:50 +00:00			`try:`
			`to_domain = urllib.parse.urlparse(to).hostname`
			`except ValueError as e:`
			`error(f'Invalid URL {to} : {e}')`
AP users: serve AS2 for external URLs #512 2023-05-22 22:27:43 +00:00
/r/ bug fix for /r/https:// fixes https://console.cloud.google.com/errors/detail/COrhr_Xw3Yy1lQE;locations=global;time=P30D?project=bridgy-federated&inv=1&invt=Ab2JdQ 2025-07-07 21:10:11 +00:00			`if to_domain and to_domain.endswith(SUPERDOMAIN):`
/r/ : on a *.brid.gy URL, just redirect to it 2025-07-05 02:30:06 +00:00			`return redirect(to, code=301)`

AP users: serve AS2 for external URLs #512 2023-05-22 22:27:43 +00:00			`# check conneg`
AP actor endpoint: check conneg, redirect to profile if not an AS2 request hopefully fixes #1009 2024-11-01 01:09:30 +00:00			`as2_request = as2_request_type()`
AP users: serve AS2 for external URLs #512 2023-05-22 22:27:43 +00:00
flask: port /r/, start to port common 2021-07-08 04:02:13 +00:00			`# check that we've seen this domain before so we're not an open redirect`
don't strip www, m, and mobile subdomains from user domains fixes #267 2022-11-08 00:26:33 +00:00			`domains = set((util.domain_from_link(to, minimize=True),`
			`util.domain_from_link(to, minimize=False),`
AP users: serve AS2 for external URLs #512 2023-05-22 22:27:43 +00:00			`to_domain))`
abstract redirect.py to be multi-protocol ...mostly. creating the underlying user opportunistically is still Web-only. 2024-04-15 01:26:34 +00:00			`web_user = None`
flask: port /r/, start to port common 2021-07-08 04:02:13 +00:00			`for domain in domains:`
AP: always generate an actor for every outbound activity for #279 2022-11-16 05:37:39 +00:00			`if domain:`
/r/ redirects: add bsky.app to domain allowlist 2023-09-23 20:50:19 +00:00			`if domain in DOMAIN_ALLOWLIST:`
			`break`
abstract redirect.py to be multi-protocol ...mostly. creating the underlying user opportunistically is still Web-only. 2024-04-15 01:26:34 +00:00			`if web_user := Web.get_by_id(domain):`
/r/: prune down logging for #1149 2024-12-03 19:37:11 +00:00			`logger.debug(f'Found web user for domain {domain}')`
AP: always generate an actor for every outbound activity for #279 2022-11-16 05:37:39 +00:00			`break`
flask: port /r/, start to port common 2021-07-08 04:02:13 +00:00			`else:`
AP actor endpoint: check conneg, redirect to profile if not an AS2 request hopefully fixes #1009 2024-11-01 01:09:30 +00:00			`if not as2_request:`
HTTP caching headers: switch to flask_util.headers for #432, fixes https://console.cloud.google.com/errors/detail/CMK10__x4ZbgbQ;time=P7D;refresh=true?project=bridgy-federated 2024-06-04 21:19:04 +00:00			`return f'No web user found for any of {domains}', 404`
flask: port /r/, start to port common 2021-07-08 04:02:13 +00:00
AP actor endpoint: check conneg, redirect to profile if not an AS2 request hopefully fixes #1009 2024-11-01 01:09:30 +00:00			`if not as2_request:`
abstract redirect.py to be multi-protocol ...mostly. creating the underlying user opportunistically is still Web-only. 2024-04-15 01:26:34 +00:00			`# redirect. include rel-alternate link to make posts discoverable by entering`
			`# https://fed.brid.gy/r/[URL] in a fediverse instance's search.`
/r/: prune down logging for #1149 2024-12-03 19:37:11 +00:00			`logger.debug(f'redirecting to {to}')`
abstract redirect.py to be multi-protocol ...mostly. creating the underlying user opportunistically is still Web-only. 2024-04-15 01:26:34 +00:00			`return f"""\`
			`<!doctype html>`
			`<html>`
			`<head>`
			`<link href="{request.url}" rel="alternate" type="application/activity+json">`
			`</head>`
			`<title>Redirecting...</title>`
			`<h1>Redirecting...</h1>`
			`<p>You should be redirected automatically to the target URL: <a href="{to}">{to}</a>. If not, click the link.`
			`</html>`
HTTP caching headers: switch to flask_util.headers for #432, fixes https://console.cloud.google.com/errors/detail/CMK10__x4ZbgbQ;time=P7D;refresh=true?project=bridgy-federated 2024-06-04 21:19:04 +00:00			`""", 301, {'Location': to}`
abstract redirect.py to be multi-protocol ...mostly. creating the underlying user opportunistically is still Web-only. 2024-04-15 01:26:34 +00:00
			`# AS2 requested, fetch and convert and serve`
			`proto = Protocol.for_id(to)`
			`if not proto:`
HTTP caching headers: switch to flask_util.headers for #432, fixes https://console.cloud.google.com/errors/detail/CMK10__x4ZbgbQ;time=P7D;refresh=true?project=bridgy-federated 2024-06-04 21:19:04 +00:00			`return f"Couldn't determine protocol for {to}", 404`
abstract redirect.py to be multi-protocol ...mostly. creating the underlying user opportunistically is still Web-only. 2024-04-15 01:26:34 +00:00
			`obj = proto.load(to)`
			`if not obj or obj.deleted:`
HTTP caching headers: switch to flask_util.headers for #432, fixes https://console.cloud.google.com/errors/detail/CMK10__x4ZbgbQ;time=P7D;refresh=true?project=bridgy-federated 2024-06-04 21:19:04 +00:00			`return f'Object not found: {to}', 404`
abstract redirect.py to be multi-protocol ...mostly. creating the underlying user opportunistically is still Web-only. 2024-04-15 01:26:34 +00:00
/r/: don't serve actors unless they're enabled for AP for #1654 2025-05-15 21:59:17 +00:00			`if proto == Web:`
			`if not web_user:`
			`return f'Object not found: {to}', 404`
			`else:`
			`if obj.type in as1.ACTOR_TYPES:`
			`user = proto.query(proto.obj_key == obj.key).get()`
			`if not user or not user.is_enabled(ActivityPub):`
			`return f'Object not found: {to}', 404`
AP users: /r/: switch external user to indirect user for #512 2023-06-05 03:58:21 +00:00
abstract redirect.py to be multi-protocol ...mostly. creating the underlying user opportunistically is still Web-only. 2024-04-15 01:26:34 +00:00			`ret = ActivityPub.convert(obj, from_user=web_user)`
switch from flask_util.cached to HTTP caching, suppress some verbose logging 2024-05-30 21:55:35 +00:00			`# logger.info(f'Returning: {json_dumps(ret, indent=2)}')`
abstract redirect.py to be multi-protocol ...mostly. creating the underlying user opportunistically is still Web-only. 2024-04-15 01:26:34 +00:00			`return ret, {`
AP actor endpoint: check conneg, redirect to profile if not an AS2 request hopefully fixes #1009 2024-11-01 01:09:30 +00:00			`'Content-Type': as2_request,`
abstract redirect.py to be multi-protocol ...mostly. creating the underlying user opportunistically is still Web-only. 2024-04-15 01:26:34 +00:00			`'Access-Control-Allow-Origin': '*',`
			`}`
/r/: return 404 for opted out users' URLs 2024-01-28 16:54:35 +00:00