Ryan Barrett
ffd8810b44
start to separate logic from protocols with new Protocol/ActivityPub classes
...
for #388
2023-03-10 07:36:50 -08:00
dependabot[bot]
c2833e59d1
build(deps): bump tweepy from 4.12.1 to 4.13.0
...
Bumps [tweepy](https://github.com/tweepy/tweepy ) from 4.12.1 to 4.13.0.
- [Release notes](https://github.com/tweepy/tweepy/releases )
- [Changelog](https://github.com/tweepy/tweepy/blob/master/docs/changelog.md )
- [Commits](https://github.com/tweepy/tweepy/compare/v4.12.1...v4.13.0 )
---
updated-dependencies:
- dependency-name: tweepy
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-10 05:01:01 -08:00
dependabot[bot]
c579e58fb8
build(deps): bump charset-normalizer from 3.0.1 to 3.1.0
...
Bumps [charset-normalizer](https://github.com/Ousret/charset_normalizer ) from 3.0.1 to 3.1.0.
- [Release notes](https://github.com/Ousret/charset_normalizer/releases )
- [Changelog](https://github.com/Ousret/charset_normalizer/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Ousret/charset_normalizer/compare/3.0.1...3.1.0 )
---
updated-dependencies:
- dependency-name: charset-normalizer
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-06 05:00:27 -08:00
Ryan Barrett
1d22ab0e94
delete add_webmention and the /wm/ handler, it was never used
2023-03-05 07:58:03 -08:00
Ryan Barrett
41f26e2be3
update tests for snarfed/granary@15a6d88f76
2023-03-05 07:57:19 -08:00
Ryan Barrett
7759ebcdae
add datastore index needed for bc15902bed
2023-03-04 12:50:42 -08:00
Ryan Barrett
bc15902bed
bug fix, don't deliver activities to users if their Follower is inactive
2023-03-04 12:12:45 -08:00
Ryan Barrett
fa2a9a1afe
activitypub: store Create inner objects in their own Objects
2023-03-03 15:12:51 -08:00
Ryan Barrett
fa03958d89
/render: serve 410 for deleted objects, delete activities
2023-03-03 13:06:07 -08:00
Ryan Barrett
9a6dfb9b37
/render: redirect create, update, delete to inner object if available
2023-03-03 12:49:27 -08:00
Ryan Barrett
56dacb1258
more bug fixes for user page with Object with bare string id object
...
fixes https://console.cloud.google.com/errors/detail/CPORrJ7MxPCtZg;time=P30D?project=bridgy-federated
2023-03-03 10:30:41 -08:00
Ryan Barrett
126a766d40
bug fix for user page with Object with bare string id object
...
fixes https://console.cloud.google.com/errors/detail/COvA0I_cuN-o9gE;time=P30D?project=bridgy-federated
2023-03-03 10:07:54 -08:00
Ryan Barrett
2dfddec2ef
convert activitypub.py logic to use all AS1
2023-03-03 09:28:40 -08:00
dependabot[bot]
1ab7aab13d
build(deps): bump google-cloud-tasks from 2.12.1 to 2.13.0
...
Bumps [google-cloud-tasks](https://github.com/googleapis/python-tasks ) from 2.12.1 to 2.13.0.
- [Release notes](https://github.com/googleapis/python-tasks/releases )
- [Changelog](https://github.com/googleapis/python-tasks/blob/main/CHANGELOG.md )
- [Commits](https://github.com/googleapis/python-tasks/compare/v2.12.1...v2.13.0 )
---
updated-dependencies:
- dependency-name: google-cloud-tasks
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-01 07:00:16 -06:00
Ryan Barrett
85b8d86b17
common.get_as2: handle empty and non/bad JSON responses
...
fixes https://console.cloud.google.com/errors/detail/CKH_9oGur7T1ag;time=P30D?project=bridgy-federated
2023-02-28 16:21:33 -08:00
Ryan Barrett
335a46444d
circle: switch back to installing gcloud CLI via apt
...
mostly reverts 9d735399cb
2023-02-27 14:27:35 -06:00
dependabot[bot]
47f4e723e2
build(deps): bump wrapt from 1.14.1 to 1.15.0
...
Bumps [wrapt](https://github.com/GrahamDumpleton/wrapt ) from 1.14.1 to 1.15.0.
- [Release notes](https://github.com/GrahamDumpleton/wrapt/releases )
- [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst )
- [Commits](https://github.com/GrahamDumpleton/wrapt/compare/1.14.1...1.15.0 )
---
updated-dependencies:
- dependency-name: wrapt
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-27 04:59:52 -08:00
dependabot[bot]
c38de255a4
build(deps): bump praw from 7.6.1 to 7.7.0
...
Bumps [praw](https://github.com/praw-dev/praw ) from 7.6.1 to 7.7.0.
- [Release notes](https://github.com/praw-dev/praw/releases )
- [Changelog](https://github.com/praw-dev/praw/blob/master/CHANGES.rst )
- [Commits](https://github.com/praw-dev/praw/compare/v7.6.1...v7.7.0 )
---
updated-dependencies:
- dependency-name: praw
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-27 04:59:26 -08:00
Ryan Barrett
9d735399cb
circle config: switch to installing gcloud from static archive
...
temporarily, while GCP's apt repo's PGP key is 500ing
https://packages.cloud.google.com/apt/doc/apt-key.gpg
https://issuetracker.google.com/issues/160194366
https://app.circleci.com/pipelines/github/snarfed/bridgy-fed/837/workflows/47e2aeb4-bf9f-4260-83ea-92310120c5e8/jobs/1099
2023-02-26 21:52:38 -06:00
Ryan Barrett
0235d31a1c
noop: activitypub.py: extract sig verif out into a new verify_signature() fn
2023-02-26 20:41:57 -06:00
Ryan Barrett
116cd55ddb
finally start actually requiring HTTP Signatures
...
fixes #315
2023-02-26 07:34:15 -06:00
Ryan Barrett
150f2ec5fe
webmention.py: noop refactoring, drop self.source_domain
2023-02-25 21:41:57 -06:00
Ryan Barrett
aa483ded0b
Object.type and object_ids fixes to handle missing as1
...
fixes https://console.cloud.google.com/errors/detail/CJ-U7Zq_s4bxgwE;time=P30D?project=bridgy-federated
2023-02-24 21:59:12 -06:00
Ryan Barrett
42c648284d
noop TODO comment
2023-02-24 11:51:24 -06:00
Ryan Barrett
7bb9785327
fix log message for Object.as2 vs mf2 vs bluesky
2023-02-24 11:48:48 -06:00
Ryan Barrett
76927ee487
Object.as1: temporarily demote assert to warning log
2023-02-24 10:02:06 -06:00
Ryan Barrett
5463a74e7e
switch Object.as1 to custom ComputedJsonProperty
2023-02-24 08:25:18 -06:00
Ryan Barrett
fd27dabe61
switch JSON properties to custom JSONProperty that works in web console UI
...
https://github.com/googleapis/python-ndb/issues/874#issuecomment-1442753255
2023-02-24 07:25:29 -06:00
Ryan Barrett
91a60c7e67
switch Object.as1 to be a ComputedProperty
2023-02-23 21:17:26 -06:00
Ryan Barrett
1f3bd41dc5
common.redirect_unwrap: stop following redirects when unwrapping actor URLs
2023-02-23 08:35:06 -06:00
Ryan Barrett
74b3b3b689
refactoring, move Object creation out of common.send_webmentions
...
ugh this was painful
2023-02-23 07:44:54 -06:00
Ryan Barrett
6500f71d3f
switch bluesky XRPCs to serve from datastore
...
fixes #421
2023-02-23 07:39:50 -06:00
Ryan Barrett
3d3335e860
AP => webmention repost bug fix, merge follower and wm domains
2023-02-23 07:39:26 -06:00
dependabot[bot]
c2fc13a10c
build(deps): bump grpcio from 1.51.1 to 1.51.3
...
Bumps [grpcio](https://github.com/grpc/grpc ) from 1.51.1 to 1.51.3.
- [Release notes](https://github.com/grpc/grpc/releases )
- [Changelog](https://github.com/grpc/grpc/blob/master/doc/grpc_release_schedule.md )
- [Commits](https://github.com/grpc/grpc/compare/v1.51.1...v1.51.3 )
---
updated-dependencies:
- dependency-name: grpcio
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-22 04:16:36 -08:00
Ryan Barrett
4982906ed8
AP => webmention, reposts: handle loading original federated posts
...
bug fix for 72eb26e248
2023-02-21 21:57:38 -06:00
Ryan Barrett
72eb26e248
AP => webmention, bug fix for sending webmentions for reposts
...
thanks to @tantek for reporting!
2023-02-21 21:19:56 -06:00
Ryan Barrett
88db2afce3
follow/unfollow UI: store IndieAuth in session cookie
...
fixes #416
2023-02-17 16:12:25 -08:00
Ryan Barrett
e31be9b955
webfinger: minor noop simplification
2023-02-16 20:29:41 -08:00
Ryan Barrett
d1691b65c5
Object post put hook: don't add fragment ids to the common.get_object cache
2023-02-16 12:21:27 -08:00
Ryan Barrett
c540a8bee8
add test that Object put hook clears common.get_object cache
2023-02-16 08:21:56 -08:00
Ryan Barrett
65bbc6751e
HTTP Signature verification: bug fix, use actual HTTP method
2023-02-16 07:34:12 -08:00
dependabot[bot]
8f03c0aad3
build(deps): bump flask from 2.2.2 to 2.2.3
...
Bumps [flask](https://github.com/pallets/flask ) from 2.2.2 to 2.2.3.
- [Release notes](https://github.com/pallets/flask/releases )
- [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst )
- [Commits](https://github.com/pallets/flask/compare/2.2.2...2.2.3 )
---
updated-dependencies:
- dependency-name: flask
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-16 05:00:34 -08:00
Ryan Barrett
d505b3859a
HTTP Signature verification: fetch and use keyId from signature
...
#315
2023-02-15 20:10:17 -08:00
Ryan Barrett
48a7720f88
common.get_object: normalize ids by removing fragments
...
this is still underspecified and a bit inconsistent across fediverse implementations:
https://socialhub.activitypub.rocks/t/problems-posting-to-mastodon-inbox/801/11
> The reason might also be that your IDs aren’t permanent, as in, they contain a #fragment. Posts and their corresponding Create activities are supposed to be resolvable — which means one should be able to send a GET request to the ID URL and get the object back. This can’t be done with an URL that contains a fragment as the fragment is not a part of the HTTP exchange, it’s processed on the client.
https://socialhub.activitypub.rocks/t/problems-posting-to-mastodon-inbox/801/23
> I ran into this object id #fragment problem as well. It seems because of some URL normalization, Mastodon will remove the fragment, and drop any additional posts with different fragments (because they become the same url).
https://socialhub.activitypub.rocks/t/s2s-create-activity/1647/5
https://github.com/mastodon/mastodon/issues/13879 (open!)
https://github.com/w3c/activitypub/issues/224
nothing in the http sig spec, example key ids aren't even URLs there:
https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures-16
2023-02-15 20:00:12 -08:00
Ryan Barrett
e1560587bf
AP: rearrange HTTP Signature logging
...
#315
2023-02-15 15:48:12 -08:00
Ryan Barrett
a7e96f585c
HTTP sig verification test: switch from assertLogs to mock
...
assertLogs was great, but didn't work when logging was disabled, eg by oauth_dropins.webutil.tests.__init__.py for python -m unittest discover.
I tried hard to override that and make it work, example code below, but couldn't get it to work. assertLogs() evidently needs a real handler, eg not NullHandler, but the default stderr stream handler that basicConfig() adds obviously emits to stderr.
print('@', logging.getLogger().hasHandlers())
logging_handlers = list(logging.getLogger().handlers)
logging.getLogger().handlers = []
logging_suppressed = logging.getLogger().isEnabledFor(logging.INFO)
logging.disable(logging.NOTSET)
handler = logging.NullHandler()
logging.getLogger().addHandler(handler)
activitypub.logger.disable(logging.NOTSET)
logging.getLogger().handlers = logging_handlers
logging.getLogger().removeHandler(handler)
if not logging_suppressed:
logging.disable(logging.CRITICAL + 1)
2023-02-15 14:10:25 -08:00
Ryan Barrett
e5d3f94b3e
AP signature verification: just log for now, don't fail
...
for #315
2023-02-15 14:10:25 -08:00
Ryan Barrett
63d0e59c2c
AP: verify incoming signatures!
...
for #315
2023-02-15 14:10:25 -08:00
dependabot[bot]
ebcc3a0584
build(deps): bump werkzeug from 2.2.2 to 2.2.3
...
Bumps [werkzeug](https://github.com/pallets/werkzeug ) from 2.2.2 to 2.2.3.
- [Release notes](https://github.com/pallets/werkzeug/releases )
- [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst )
- [Commits](https://github.com/pallets/werkzeug/compare/2.2.2...2.2.3 )
---
updated-dependencies:
- dependency-name: werkzeug
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-15 05:00:50 -08:00
dependabot[bot]
482c9b2966
build(deps): bump soupsieve from 2.3.2.post1 to 2.4
...
Bumps [soupsieve](https://github.com/facelessuser/soupsieve ) from 2.3.2.post1 to 2.4.
- [Release notes](https://github.com/facelessuser/soupsieve/releases )
- [Commits](https://github.com/facelessuser/soupsieve/compare/2.3.2.post1...2.4 )
---
updated-dependencies:
- dependency-name: soupsieve
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-15 05:00:28 -08:00