mirror
/
bridgy-fed
kopia lustrzana https://github.com/snarfed/bridgy-fed
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność
1 819 Commity
47 Gałęzie
0 Tagi
22 MiB
Wykres commitów

220 Commity (6225fa8884e07450f29d54185a8dea399d620734)

Autor SHA1 Wiadomość Data
Ryan Barrett 3d3335e860
AP => webmention repost bug fix, merge follower and wm domains 2023-02-23 07:39:26 -06:00
Ryan Barrett 65bbc6751e
HTTP Signature verification: bug fix, use actual HTTP method 2023-02-16 07:34:12 -08:00
Ryan Barrett 48a7720f88
common.get_object: normalize ids by removing fragments 
this is still underspecified and a bit inconsistent across fediverse implementations:

https://socialhub.activitypub.rocks/t/problems-posting-to-mastodon-inbox/801/11

> The reason might also be that your IDs aren’t permanent, as in, they contain a #fragment. Posts and their corresponding Create activities are supposed to be resolvable — which means one should be able to send a GET request to the ID URL and get the object back. This can’t be done with an URL that contains a fragment as the fragment is not a part of the HTTP exchange, it’s processed on the client.

https://socialhub.activitypub.rocks/t/problems-posting-to-mastodon-inbox/801/23

> I ran into this object id #fragment problem as well. It seems because of some URL normalization, Mastodon will remove the fragment, and drop any additional posts with different fragments (because they become the same url).

https://socialhub.activitypub.rocks/t/s2s-create-activity/1647/5
https://github.com/mastodon/mastodon/issues/13879 (open!)
https://github.com/w3c/activitypub/issues/224

nothing in the http sig spec, example key ids aren't even URLs there:
https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures-16
 2023-02-15 20:00:12 -08:00
Ryan Barrett 63d0e59c2c
AP: verify incoming signatures! 
for #315
 2023-02-15 14:10:25 -08:00
Ryan Barrett e423bde6d0
unify logging for writing datastore entities into post put hook 
and other logging tweaks
 2023-02-14 15:38:42 -08:00
Ryan Barrett 47b83c4e51
common.get_object: update existing object if available 2023-02-14 15:26:25 -08:00
Ryan Barrett f44aa3b39e
common.get_object: fall back to HTTP fetch if stored entity has no as2 
also add more logging
 2023-02-14 15:17:03 -08:00
Ryan Barrett 588598c5ff
switch most uses of common.get_as2 to common.get_object 2023-02-14 14:56:27 -08:00
Ryan Barrett c2e6174330
add common.get_object() 2023-02-14 14:30:00 -08:00
Ryan Barrett c12bb6db6d
serve AS2 /[domain] actors from datastore instead of refetching h-card 
for #392. not pretty, but gets the job done. more code cleanup needed eventually.
 2023-02-14 08:25:41 -08:00
Ryan Barrett 6f91a2538d
AP inbox delivery: drop same-domain targets from Objects 2023-02-13 11:28:02 -08:00
Ryan Barrett f39c532ad3
add User.homepage, is_homepage() 2023-02-12 12:03:27 -08:00
Ryan Barrett b739bd4cee
return 404 on requests for unknown users instead of automatically creating them 2023-02-07 18:28:52 -08:00
Ryan Barrett e1856c21a1
add more logging for when we write Objects 2023-02-07 08:24:36 -08:00
Ryan Barrett cb605e96c6
user page activities: if object is user, render as pretty user link 
for #406
 2023-02-06 21:28:40 -08:00
Ryan Barrett f922ce89bb
user page: activities: render fediverse actor links as @-@ 
for #406
 2023-02-06 21:08:52 -08:00
Ryan Barrett 3623df8e20
bring back default signing user for shared inbox 
for #403, fixes https://console.cloud.google.com/errors/detail/CIfnyvKDx8mDTA;time=P30D?project=bridgy-federated
 2023-02-06 20:08:32 -08:00
Ryan Barrett 4b37674624
always sign requests with current user's key, stop defaulting to snarfed.org 
for #403
 2023-02-06 19:23:25 -08:00
Ryan Barrett 717b068193
signed_post: don't follow redirects 
fixes https://console.cloud.google.com/errors/detail/CLuyuajU2sqLtAE;time=P30D;refresh=true?project=bridgy-federated
 2023-02-06 14:44:17 -08:00
Ryan Barrett 08265123f6
Activity => Object: use 'in progress' status 
#286
 2023-02-04 20:46:28 -08:00
Ryan Barrett 532ccb8ac1
Activity => Object: use StructuredProperty for Object.delivered etc, add protocol 
#286

ndb implements StructuredProperty by hoisting each nested property into a
corresponding property on the parent entity, prefixed by the StructuredProperty's
name, eg delivered.uri, delivered.protocol, etc.

For repeated StructuredPropertys, the hoisted properties are all repeated on the
parent entity, and reconstructed into StructuredPropertys based on their order.

https://googleapis.dev/python/python-ndb/latest/model.html#google.cloud.ndb.model.StructuredProperty
 2023-02-04 20:46:27 -08:00
Ryan Barrett f9891b6ef7
Activity => Object: add activity label, unify Objects for AP => wm 
#286
 2023-02-04 20:46:27 -08:00
Ryan Barrett 4d2fcdd76f
Activity => Object: fully populate labels, source_protocol webmention 
#286
 2023-02-04 20:46:27 -08:00
Ryan Barrett eafba6d7cd
Activity => Object: populate Object.type 
#286
 2023-02-04 20:46:27 -08:00
Ryan Barrett 060ad96752
Activity => Object: update activitypub.py 
#286
 2023-02-04 20:46:27 -08:00
Ryan Barrett 789da26362
AP: return 501 for Undo not supported, not 400 2023-01-26 12:03:13 -08:00
Ryan Barrett 05c8dc83c4
override link label for home page to be "Web site" 
for #331
 2023-01-25 12:33:53 -08:00
Ryan Barrett eca2f6f1ca
outbound AP: only log pretty-printed AS2 object on first request, not all 2023-01-24 16:49:48 -08:00
Ryan Barrett a2d9dcb4a9
cache more aggressively: bump expiration up to 60s, threshold to 3k 
for #378
 2023-01-24 16:13:22 -08:00
Ryan Barrett bb2d3e03de
noop: convert a few %s'es to f-strings 
thanks flynt! https://github.com/ikamensh/flynt
 2023-01-24 12:17:24 -08:00
Ryan Barrett 46736df21b
common.postprocess_as2 bug fix, handle multiply valued image field 2023-01-23 21:13:05 -08:00
Ryan Barrett 1627ff667a
translate webmention from home page into profile (actor) Update 
for #376, #331
 2023-01-23 16:09:25 -08:00
Ryan Barrett 21c79a304c
when converting h-card to actor, use link text or title for profile links 
for #331
 2023-01-22 07:47:27 -08:00
Ryan Barrett af769de99e
implement rest of followers/following collections 
for #264
 2023-01-20 07:02:55 -08:00
Ryan Barrett 74ebbc428b
add new common.fetch_followers() fn, use in UI, AP collections, and XRPCs 
for #264
 2023-01-19 15:29:52 -08:00
Ryan Barrett c3edf3a68e
make Follower.to_as1() handle both inbound and outbound last_follow 
...and use it in followers and following UI pages
 2023-01-18 22:31:13 -08:00
Ryan Barrett 02aa3e9801
refactoring: move fetch_page from pages to common 2023-01-18 22:19:51 -08:00
Ryan Barrett 84606500fa
refactoring: unify followers and following AP collection endpoints 2023-01-18 20:32:23 -08:00
Ryan Barrett 2c9850c576
HTTP Signatures: add special (request-target) header 
for #40, special synthetic HTTP header for HTTP Signatures, required by Peertube.
https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures-12#section-2.3
 2023-01-17 19:50:40 -08:00
Ryan Barrett e6d4441292
handle redirects of signed requests manually, generate a new HTTP sig each time 
fixes #326
 2023-01-16 13:10:33 -08:00
Ryan Barrett 17c5c83105
common.host_url: use fed.brid.gy when running locally against prod datastore 2023-01-08 12:01:31 -08:00
Ryan Barrett aa0dcbb222
noop: drop content type constants in common, use granary's instead 2023-01-06 21:01:33 -08:00
Ryan Barrett 7ac1006021
background task bug fix: override task runner host 
we were using request.host_url blindly, which was fed.brid.gy for user-facing requests, but bridgy-federated.uc.r.appspot.com for tasks. #335
 2023-01-05 15:05:35 -08:00
Ryan Barrett fe5c3947a8
drop OStatus! it's been unused for years 
fixes #282
 2023-01-04 19:22:11 -08:00
Ryan Barrett 45f4bd71a2
switch common.utcnow to util.now 2023-01-03 15:41:43 -08:00
Ryan Barrett 3fedc05222
add aaronparecki.com to blocklist 
for #348
 2022-12-28 06:39:16 -08:00
Ryan Barrett 5b6b990efb
outbound conneg bug fix 2022-12-27 09:21:18 -08:00
Ryan Barrett 4c383a3037
request caching tweaks, webfinger, use new flask_util.cached headers kwarg 2022-12-26 13:34:50 -08:00
Ryan Barrett 2150693893
handle full conneg Accept header parsing in /r/ handler 
for #352
 2022-12-25 22:01:29 -08:00
Ryan Barrett f0eb705841
log all outgoing AS2 objects 2022-12-14 10:11:19 -08:00
Ryan Barrett d4741310e7
common.postprocess_as2 bug fix for multiply valued AS2 url field 
fixes https://console.cloud.google.com/errors/detail/CMOZzPLojuud_QE;time=P30D?project=bridgy-federated
 2022-12-11 07:28:30 -08:00
Ryan Barrett 8751fea257
harden URL unwrapping a bit, require http(s) URL or domain 
fixes https://console.cloud.google.com/errors/detail/CMKn7tqbq-GIRA;time=P30D?project=bridgy-federated
 2022-12-10 09:09:44 -08:00
Ryan Barrett 222be38a98
user page: redirect www-stripped users to non-www user pages 
for #314
 2022-12-02 11:08:24 -08:00
Ryan Barrett 0363db65fa
handle new multi-valued url field in AS2 objects 
snarfed/granary@79c512402b
 2022-11-30 21:04:41 -08:00
Ryan Barrett 559f02ad1d
AP actor handler: handle bad domain 
https://console.cloud.google.com/errors/detail/CKGv-b6impW3Jg;time=P30D?project=bridgy-federated
 2022-11-28 17:27:55 -08:00
Ryan Barrett 7d902ec616
bug fix for custom username in fediverse address on user page UI 
should come from acct: actor URL, not preferredUsername field, which always has to be user's domain for AP interop.

in the process, refactored common.get_username() into User.username().

for #281
 2022-11-26 16:05:02 -08:00
Ryan Barrett 2fdc6f29a9
sign HTTP GET requests for AS2 objects 
to support Mastodon's AUTHORIZED_FETCH aka secure mode: https://docs.joinmastodon.org/admin/config/#authorized_fetch

fixes #291
 2022-11-24 09:41:14 -08:00
Ryan Barrett 660682c93e
fix preferredUsername regression, it needs to be domain for Webfinger 
originally added in 65f3ef3cc7. fixes #302. props to @fancypantalons for debugging!
 2022-11-22 14:47:15 -08:00
Ryan Barrett 65f3ef3cc7
show fediverse address on user page UI, including custom username 
for #281
 2022-11-20 11:46:05 -08:00
Ryan Barrett b854981497
UI edits: enter web site page, /docs, flashed messages, copy Bridgy's CSS 2022-11-18 22:30:07 -08:00
Ryan Barrett 2d07ac358d
move activitypub.actor() to common so I can reuse it 2022-11-18 18:49:34 -08:00
Ryan Barrett 8fd49dc882
drop non-public Create activities 
fixes #289
 2022-11-16 16:37:50 -08:00
Ryan Barrett 2bb76a90e7
store Activity entities for AP activities delivered to followers 
for #265
 2022-11-16 15:54:02 -08:00
Ryan Barrett 50956c02b0
noop, rename Domain => User 2022-11-15 22:00:28 -08:00
Ryan Barrett 46f039af63
AP: always generate an actor for every outbound activity 
for #279
 2022-11-15 21:43:24 -08:00
Ryan Barrett e3f1431018
noop identifier renames, key => domain or entity 2022-11-15 19:12:20 -08:00
Ryan Barrett fd5c88c713
add domain blocklist, right now primarily for Twitter 2022-11-14 22:31:45 -08:00
Ryan Barrett 7966650178
AP: put Public in to instead of cc to make Mastodon posts public, not unlisted 
fixes #277
 2022-11-13 21:46:26 -08:00
Ryan Barrett 4f3dc03a3e
rename MagicKey => Domain, Response => Activity 
the Python classes, but not (yet) the kinds in the datastore. maybe eventually.
 2022-11-12 15:27:59 -08:00
Ryan Barrett b24a22e817
add /responses/[DOMAIN] user pages and Response.domain property 2022-11-08 06:56:19 -08:00
Ryan Barrett 8e60346dc4
don't strip www, m, and mobile subdomains from user domains 
fixes #267
 2022-11-07 16:28:46 -08:00
Ryan Barrett 001cd1fe11
tried switching HTTP Sig keyId to actor URL for aaronpk, but Mastodon wouldn't verify 
https://chat.indieweb.org/dev/2022-11-05#t1667687865621700
 2022-11-05 15:39:05 -07:00
Ryan Barrett 2e0f6ee0be
update to handle singly valued AS2 icon and image fields 
snarfed/granary@cfc5a1f743
 2022-11-05 14:57:50 -07:00
Ryan Barrett 1d36d31064
set User-Agent header globally 2022-03-24 11:18:33 -07:00
Ryan Barrett 96dba41c9b
logging: use separate loggers for each module with their names 2022-02-11 22:38:56 -08:00
Ryan Barrett 4eaf70aa51
add 'ignored' status for AP requests where the target has no webmention endpoint 2022-01-11 22:40:44 -08:00
Ryan Barrett 2f28be09be
convert %-formatted strings with args in logging.* calls to f-strings 2021-12-27 22:45:57 -08:00
Ryan Barrett fdd42ad1d4
override preferredUsername to always be the user's domain 
...since Mastodon looks up [preferredUsername]@fed.brid.gy. see #77
 2021-10-22 21:17:45 -07:00
Ryan Barrett e4d285523f
activitypub: handle connection failures better in webmention discovery 
fixes https://console.cloud.google.com/errors/CPj1-sSij7DcXQ
 2021-09-01 08:19:38 -07:00
Ryan Barrett cdb9a519e6
common.get_as2 bug fix: don't clobber werkzeug's HTTPException.response 
store requests.Response in separate requests_response attr
 2021-08-18 08:53:00 -07:00
Ryan Barrett cf12817212
Flask port: error handling bug fixes, other misc tweaks 2021-08-16 11:47:31 -07:00
Ryan Barrett 32d9e2bf6c
move common.error() to webutil.flask_util 
corresponds to snarfed/webutil@10c088cebd
 2021-08-06 11:01:58 -07:00
Ryan Barrett 2e3360a54b
move Flask utils to oauth_dropins.webutil.flask_util 
corresponds to snarfed/webutil@5574bb23fa
 2021-07-17 21:22:13 -07:00
Ryan Barrett 56cc66d530
flask: add common.RegexConverter 
based on https://github.com/rhyselsmore/flask-reggie
 2021-07-12 13:49:48 -07:00
Ryan Barrett 80a0969575
flask: add modern headers 
from webutil.handlers.ModernHandler
 2021-07-11 17:55:59 -07:00
Ryan Barrett 4a55739b91
flask: port /.well-known/host-meta*, other misc tweaks 
all tests pass!
 2021-07-11 16:50:44 -07:00
Ryan Barrett 371a92a5db
flask: port XrdOrJrdHandler, finish porting webfinger 2021-07-11 16:30:14 -07:00
Ryan Barrett 4fffc073d2
flask: port webmention, add exception handler 2021-07-11 08:48:28 -07:00
Ryan Barrett c17cb3394b
flask: fix test_common, drop unused common.canonicalize_domain decorator 2021-07-10 08:53:37 -07:00
Ryan Barrett b8be570d66
flask: port activitypub 2021-07-10 08:07:40 -07:00
Ryan Barrett f26aed5cbb
flask: port salmon 2021-07-08 22:50:33 -07:00
Ryan Barrett 5b8699bec1
flask: port /r/, start to port common 2021-07-07 21:02:13 -07:00
Ryan Barrett 0b7388fed3
flask: move app to app.py, get templates working, port /responses 2021-07-07 08:07:20 -07:00
Ryan Barrett fa2a970b2c
flask: render: add caching, get_required_param, update tests 2021-07-06 13:45:56 -07:00
Ryan Barrett d4a94ff75a
migrate from webmention-tools to webutil.webmention 2021-04-25 11:40:19 -07:00
Ryan Barrett db732650a4
add https://w3id.org/security/v1 to actors' @context for HTTP sigs 
fixes #76
 2021-03-22 23:55:14 -07:00
Ryan Barrett f74a6d33fa
add synthetic id to outgoing AS2 activities 
for #12
 2021-03-10 20:37:28 -08:00
Ryan Barrett c12b675a7a
webfinger: handle acct:[domain]@fed.brid.gy requests 
fixes #73
 2020-12-30 10:26:48 -08:00
Ryan Barrett bddab29420
demote logging.error since it creates an error in StackDriver Error Reporting 2020-05-19 08:08:12 -07:00
Ryan Barrett 46067640b6
remove errant debug logging 2020-03-05 10:15:54 -08:00