vbatts/mastodon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Remove Salmon and PubSubHubbub (#11205)

Browse source 
* Remove Salmon and PubSubHubbub endpoints

* Add error when trying to follow OStatus accounts

* Fix new accounts not being created in ResolveAccountService
This commit is contained in:
Eugen Rochko 2019-07-06 23:26:16 +02:00 committed by GitHub
parent c07cca4727
commit 23aeef52cc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
102 changed files with 70 additions and 3569 deletions
Download patch file Download diff file Expand all files Collapse all files

1
app/controllers/activitypub/inboxes_controller.rb
View file

@ -44,7 +44,6 @@ class ActivityPub::InboxesController < Api::BaseController
ResolveAccountWorker.perform_async(signed_request_account.acct)
end
Pubsubhubbub::UnsubscribeWorker.perform_async(signed_request_account.id) if signed_request_account.subscribed?
DeliveryFailureTracker.track_inverse_success!(signed_request_account)
end

16
app/controllers/admin/accounts_controller.rb
View file

@ -2,8 +2,8 @@
module Admin
class AccountsController < BaseController
before_action :set_account, only: [:show, :subscribe, :unsubscribe, :redownload, :remove_avatar, :remove_header, :enable, :unsilence, :unsuspend, :memorialize, :approve, :reject]
before_action :require_remote_account!, only: [:subscribe, :unsubscribe, :redownload]
before_action :set_account, only: [:show, :redownload, :remove_avatar, :remove_header, :enable, :unsilence, :unsuspend, :memorialize, :approve, :reject]
before_action :require_remote_account!, only: [:redownload]
before_action :require_local_account!, only: [:enable, :memorialize, :approve, :reject]
def index
@ -19,18 +19,6 @@ module Admin
@warnings = @account.targeted_account_warnings.latest.custom
end
def subscribe
authorize @account, :subscribe?
Pubsubhubbub::SubscribeWorker.perform_async(@account.id)
redirect_to admin_account_path(@account.id)
end
def unsubscribe
authorize @account, :unsubscribe?
Pubsubhubbub::UnsubscribeWorker.perform_async(@account.id)
redirect_to admin_account_path(@account.id)
end
def memorialize
authorize @account, :memorialize?
@account.memorialize!

73
app/controllers/api/push_controller.rb
View file

@ -1,73 +0,0 @@
# frozen_string_literal: true
class Api::PushController < Api::BaseController
include SignatureVerification
def update
response, status = process_push_request
render plain: response, status: status
end
private
def process_push_request
case hub_mode
when 'subscribe'
Pubsubhubbub::SubscribeService.new.call(account_from_topic, hub_callback, hub_secret, hub_lease_seconds, verified_domain)
when 'unsubscribe'
Pubsubhubbub::UnsubscribeService.new.call(account_from_topic, hub_callback)
else
["Unknown mode: #{hub_mode}", 422]
end
end
def hub_mode
params['hub.mode']
end
def hub_topic
params['hub.topic']
end
def hub_callback
params['hub.callback']
end
def hub_lease_seconds
params['hub.lease_seconds']
end
def hub_secret
params['hub.secret']
end
def account_from_topic
if hub_topic.present? && local_domain? && account_feed_path?
Account.find_local(hub_topic_params[:username])
end
end
def hub_topic_params
@_hub_topic_params ||= Rails.application.routes.recognize_path(hub_topic_uri.path)
end
def hub_topic_uri
@_hub_topic_uri ||= Addressable::URI.parse(hub_topic).normalize
end
def local_domain?
TagManager.instance.web_domain?(hub_topic_domain)
end
def verified_domain
return signed_request_account.domain if signed_request_account
end
def hub_topic_domain
hub_topic_uri.host + (hub_topic_uri.port ? ":#{hub_topic_uri.port}" : '')
end
def account_feed_path?
hub_topic_params[:controller] == 'accounts' && hub_topic_params[:action] == 'show' && hub_topic_params[:format] == 'atom'
end
end

37
app/controllers/api/salmon_controller.rb
View file

@ -1,37 +0,0 @@
# frozen_string_literal: true
class Api::SalmonController < Api::BaseController
include SignatureVerification
before_action :set_account
respond_to :txt
def update
if verify_payload?
process_salmon
head 202
elsif payload.present?
render plain: signature_verification_failure_reason, status: 401
else
head 400
end
end
private
def set_account
@account = Account.find(params[:id])
end
def payload
@_payload ||= request.body.read
end
def verify_payload?
payload.present? && VerifySalmonService.new.call(payload)
end
def process_salmon
SalmonWorker.perform_async(@account.id, payload.force_encoding('UTF-8'))
end
end

51
app/controllers/api/subscriptions_controller.rb
View file

@ -1,51 +0,0 @@
# frozen_string_literal: true
class Api::SubscriptionsController < Api::BaseController
before_action :set_account
respond_to :txt
def show
if subscription.valid?(params['hub.topic'])
@account.update(subscription_expires_at: future_expires)
render plain: encoded_challenge, status: 200
else
head 404
end
end
def update
if subscription.verify(body, request.headers['HTTP_X_HUB_SIGNATURE'])
ProcessingWorker.perform_async(@account.id, body.force_encoding('UTF-8'))
end
head 200
end
private
def subscription
@_subscription ||= @account.subscription(
api_subscription_url(@account.id)
)
end
def body
@_body ||= request.body.read
end
def encoded_challenge
HTMLEntities.new.encode(params['hub.challenge'])
end
def future_expires
Time.now.utc + lease_seconds_or_default
end
def lease_seconds_or_default
(params['hub.lease_seconds'] || 1.day).to_i.seconds
end
def set_account
@account = Account.find(params[:id])
end
end

31
app/controllers/api/v1/follows_controller.rb
View file

@ -1,31 +0,0 @@
# frozen_string_literal: true
class Api::V1::FollowsController < Api::BaseController
before_action -> { doorkeeper_authorize! :follow, :'write:follows' }
before_action :require_user!
respond_to :json
def create
raise ActiveRecord::RecordNotFound if follow_params[:uri].blank?
@account = FollowService.new.call(current_user.account, target_uri).try(:target_account)
if @account.nil?
username, domain = target_uri.split('@')
@account = Account.find_remote!(username, domain)
end
render json: @account, serializer: REST::AccountSerializer
end
private
def target_uri
follow_params[:uri].strip.gsub(/\A@/, '')
end
def follow_params
params.permit(:uri)
end
end

71
app/lib/ostatus/activity/base.rb
View file

@ -1,71 +0,0 @@
# frozen_string_literal: true
class OStatus::Activity::Base
include Redisable
def initialize(xml, account = nil, **options)
@xml = xml
@account = account
@options = options
end
def status?
[:activity, :note, :comment].include?(type)
end
def verb
raw = @xml.at_xpath('./activity:verb', activity: OStatus::TagManager::AS_XMLNS).content
OStatus::TagManager::VERBS.key(raw)
rescue
:post
end
def type
raw = @xml.at_xpath('./activity:object-type', activity: OStatus::TagManager::AS_XMLNS).content
OStatus::TagManager::TYPES.key(raw)
rescue
:activity
end
def id
@xml.at_xpath('./xmlns:id', xmlns: OStatus::TagManager::XMLNS).content
end
def url
link = @xml.xpath('./xmlns:link[@rel="alternate"]', xmlns: OStatus::TagManager::XMLNS).find { |link_candidate| link_candidate['type'] == 'text/html' }
link.nil? ? nil : link['href']
end
def activitypub_uri
link = @xml.xpath('./xmlns:link[@rel="alternate"]', xmlns: OStatus::TagManager::XMLNS).find { |link_candidate| ['application/activity+json', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'].include?(link_candidate['type']) }
link.nil? ? nil : link['href']
end
def activitypub_uri?
activitypub_uri.present?
end
private
def find_status(uri)
if OStatus::TagManager.instance.local_id?(uri)
local_id = OStatus::TagManager.instance.unique_tag_to_local_id(uri, 'Status')
return Status.find_by(id: local_id)
elsif ActivityPub::TagManager.instance.local_uri?(uri)
local_id = ActivityPub::TagManager.instance.uri_to_local_id(uri)
return Status.find_by(id: local_id)
end
Status.find_by(uri: uri)
end
def find_activitypub_status(uri, href)
tag_matches = /tag:([^,:]+)[^:]*:objectId=([\d]+)/.match(uri)
href_matches = %r{/users/([^/]+)}.match(href)
unless tag_matches.nil? || href_matches.nil?
uri = "https://#{tag_matches[1]}/users/#{href_matches[1]}/statuses/#{tag_matches[2]}"
Status.find_by(uri: uri)
end
end
end

219
app/lib/ostatus/activity/creation.rb
View file

@ -1,219 +0,0 @@
# frozen_string_literal: true
class OStatus::Activity::Creation < OStatus::Activity::Base
def perform
if redis.exists("delete_upon_arrival:#{@account.id}:#{id}")
Rails.logger.debug "Delete for status #{id} was queued, ignoring"
return [nil, false]
end
return [nil, false] if @account.suspended? || invalid_origin?
RedisLock.acquire(lock_options) do |lock|
if lock.acquired?
# Return early if status already exists in db
@status = find_status(id)
return [@status, false] unless @status.nil?
@status = process_status
else
raise Mastodon::RaceConditionError
end
end
[@status, true]
end
def process_status
Rails.logger.debug "Creating remote status #{id}"
cached_reblog = reblog
status = nil
# Skip if the reblogged status is not public
return if cached_reblog && !(cached_reblog.public_visibility? || cached_reblog.unlisted_visibility?)
media_attachments = save_media.take(4)
ApplicationRecord.transaction do
status = Status.create!(
uri: id,
url: url,
account: @account,
reblog: cached_reblog,
text: content,
spoiler_text: content_warning,
created_at: published,
override_timestamps: @options[:override_timestamps],
reply: thread?,
language: content_language,
visibility: visibility_scope,
conversation: find_or_create_conversation,
thread: thread? ? find_status(thread.first) || find_activitypub_status(thread.first, thread.second) : nil,
media_attachment_ids: media_attachments.map(&:id),
sensitive: sensitive?
)
save_mentions(status)
save_hashtags(status)
save_emojis(status)
end
if thread? && status.thread.nil? && Request.valid_url?(thread.second)
Rails.logger.debug "Trying to attach #{status.id} (#{id}) to #{thread.first}"
ThreadResolveWorker.perform_async(status.id, thread.second)
end
Rails.logger.debug "Queuing remote status #{status.id} (#{id}) for distribution"
LinkCrawlWorker.perform_async(status.id) unless status.spoiler_text?
# Only continue if the status is supposed to have arrived in real-time.
# Note that if @options[:override_timestamps] isn't set, the status
# may have a lower snowflake id than other existing statuses, potentially
# "hiding" it from paginated API calls
return status unless @options[:override_timestamps] || status.within_realtime_window?
DistributionWorker.perform_async(status.id)
status
end
def content
@xml.at_xpath('./xmlns:content', xmlns: OStatus::TagManager::XMLNS).content
end
def content_language
@xml.at_xpath('./xmlns:content', xmlns: OStatus::TagManager::XMLNS)['xml:lang']&.presence || 'en'
end
def content_warning
@xml.at_xpath('./xmlns:summary', xmlns: OStatus::TagManager::XMLNS)&.content || ''
end
def visibility_scope
@xml.at_xpath('./mastodon:scope', mastodon: OStatus::TagManager::MTDN_XMLNS)&.content&.to_sym || :public
end
def published
@xml.at_xpath('./xmlns:published', xmlns: OStatus::TagManager::XMLNS).content
end
def thread?
!@xml.at_xpath('./thr:in-reply-to', thr: OStatus::TagManager::THR_XMLNS).nil?
end
def thread
thr = @xml.at_xpath('./thr:in-reply-to', thr: OStatus::TagManager::THR_XMLNS)
[thr['ref'], thr['href']]
end
private
def sensitive?
# OStatus-specific convention (not standard)
@xml.xpath('./xmlns:category', xmlns: OStatus::TagManager::XMLNS).any? { |category| category['term'] == 'nsfw' }
end
def find_or_create_conversation
uri = @xml.at_xpath('./ostatus:conversation', ostatus: OStatus::TagManager::OS_XMLNS)&.attribute('ref')&.content
return if uri.nil?
if OStatus::TagManager.instance.local_id?(uri)
local_id = OStatus::TagManager.instance.unique_tag_to_local_id(uri, 'Conversation')
return Conversation.find_by(id: local_id)
end
Conversation.find_by(uri: uri) || Conversation.create!(uri: uri)
end
def save_mentions(parent)
processed_account_ids = []
@xml.xpath('./xmlns:link[@rel="mentioned"]', xmlns: OStatus::TagManager::XMLNS).each do |link|
next if [OStatus::TagManager::TYPES[:group], OStatus::TagManager::TYPES[:collection]].include? link['ostatus:object-type']
mentioned_account = account_from_href(link['href'])
next if mentioned_account.nil? || processed_account_ids.include?(mentioned_account.id)
mentioned_account.mentions.where(status: parent).first_or_create(status: parent)
# So we can skip duplicate mentions
processed_account_ids << mentioned_account.id
end
end
def save_hashtags(parent)
tags = @xml.xpath('./xmlns:category', xmlns: OStatus::TagManager::XMLNS).map { |category| category['term'] }.select(&:present?)
ProcessHashtagsService.new.call(parent, tags)
end
def save_media
do_not_download = DomainBlock.reject_media?(@account.domain)
media_attachments = []
@xml.xpath('./xmlns:link[@rel="enclosure"]', xmlns: OStatus::TagManager::XMLNS).each do |link|
next unless link['href']
media = MediaAttachment.where(status: nil, remote_url: link['href']).first_or_initialize(account: @account, status: nil, remote_url: link['href'])
parsed_url = Addressable::URI.parse(link['href']).normalize
next if !%w(http https).include?(parsed_url.scheme) || parsed_url.host.empty?
media.save
media_attachments << media
next if do_not_download
begin
media.file_remote_url = link['href']
media.save!
rescue ActiveRecord::RecordInvalid
next
end
end
media_attachments
end
def save_emojis(parent)
do_not_download = DomainBlock.reject_media?(parent.account.domain)
return if do_not_download
@xml.xpath('./xmlns:link[@rel="emoji"]', xmlns: OStatus::TagManager::XMLNS).each do |link|
next unless link['href'] && link['name']
shortcode = link['name'].delete(':')
emoji = CustomEmoji.find_by(shortcode: shortcode, domain: parent.account.domain)
next unless emoji.nil?
emoji = CustomEmoji.new(shortcode: shortcode, domain: parent.account.domain)
emoji.image_remote_url = link['href']
emoji.save
end
end
def account_from_href(href)
url = Addressable::URI.parse(href).normalize
if TagManager.instance.web_domain?(url.host)
Account.find_local(url.path.gsub('/users/', ''))
else
Account.where(uri: href).or(Account.where(url: href)).first || FetchRemoteAccountService.new.call(href)
end
end
def invalid_origin?
return false unless id.start_with?('http') # Legacy IDs cannot be checked
needle = Addressable::URI.parse(id).normalized_host
!(needle.casecmp(@account.domain).zero? ||
needle.casecmp(Addressable::URI.parse(@account.remote_url.presence || @account.uri).normalized_host).zero?)
end
def lock_options
{ redis: Redis.current, key: "create:#{id}" }
end
end

16
app/lib/ostatus/activity/deletion.rb
View file

@ -1,16 +0,0 @@
# frozen_string_literal: true
class OStatus::Activity::Deletion < OStatus::Activity::Base
def perform
Rails.logger.debug "Deleting remote status #{id}"
status = Status.find_by(uri: id, account: @account)
status ||= Status.find_by(uri: activitypub_uri, account: @account) if activitypub_uri?
if status.nil?
redis.setex("delete_upon_arrival:#{@account.id}:#{id}", 6 * 3_600, id)
else
RemoveStatusService.new.call(status)
end
end
end

20
app/lib/ostatus/activity/general.rb
View file

@ -1,20 +0,0 @@
# frozen_string_literal: true
class OStatus::Activity::General < OStatus::Activity::Base
def specialize
special_class&.new(@xml, @account, @options)
end
private
def special_class
case verb
when :post
OStatus::Activity::Post
when :share
OStatus::Activity::Share
when :delete
OStatus::Activity::Deletion
end
end
end

23
app/lib/ostatus/activity/post.rb
View file

@ -1,23 +0,0 @@
# frozen_string_literal: true
class OStatus::Activity::Post < OStatus::Activity::Creation
def perform
status, just_created = super
if just_created
status.mentions.includes(:account).each do |mention|
mentioned_account = mention.account
next unless mentioned_account.local?
NotifyService.new.call(mentioned_account, mention)
end
end
status
end
private
def reblog
nil
end
end

11
app/lib/ostatus/activity/remote.rb
View file

@ -1,11 +0,0 @@
# frozen_string_literal: true
class OStatus::Activity::Remote < OStatus::Activity::Base
def perform
if activitypub_uri?
find_status(activitypub_uri) || FetchRemoteStatusService.new.call(url)
else
find_status(id) || FetchRemoteStatusService.new.call(url)
end
end
end

26
app/lib/ostatus/activity/share.rb
View file

@ -1,26 +0,0 @@
# frozen_string_literal: true
class OStatus::Activity::Share < OStatus::Activity::Creation
def perform
return if reblog.nil?
status, just_created = super
NotifyService.new.call(reblog.account, status) if reblog.account.local? && just_created
status
end
def object
@xml.at_xpath('.//activity:object', activity: OStatus::TagManager::AS_XMLNS)
end
private
def reblog
return @reblog if defined? @reblog
original_status = OStatus::Activity::Remote.new(object).perform
return if original_status.nil?
@reblog = original_status.reblog? ? original_status.reblog : original_status
end
end

2
app/lib/ostatus/atom_serializer.rb
View file

@ -53,8 +53,6 @@ class OStatus::AtomSerializer
append_element(feed, 'link', nil, rel: :alternate, type: 'text/html', href: ::TagManager.instance.url_for(account))
append_element(feed, 'link', nil, rel: :self, type: 'application/atom+xml', href: account_url(account, format: 'atom'))
append_element(feed, 'link', nil, rel: :next, type: 'application/atom+xml', href: account_url(account, format: 'atom', max_id: stream_entries.last.id)) if stream_entries.size == 20
append_element(feed, 'link', nil, rel: :hub, href: api_push_url)
append_element(feed, 'link', nil, rel: :salmon, href: api_salmon_url(account.id))
stream_entries.each do |stream_entry|
feed << entry(stream_entry)

3
app/models/account.rb
View file

@ -164,8 +164,7 @@ class Account < ApplicationRecord
end
def refresh!
return if local?
ResolveAccountService.new.call(acct)
ResolveAccountService.new.call(acct) unless local?
end
def silenced?

1
app/serializers/webfinger_serializer.rb
View file

@ -18,7 +18,6 @@ class WebfingerSerializer < ActiveModel::Serializer
{ rel: 'http://webfinger.net/rel/profile-page', type: 'text/html', href: short_account_url(object) },
{ rel: 'http://schemas.google.com/g/2010#updates-from', type: 'application/atom+xml', href: account_url(object, format: 'atom') },
{ rel: 'self', type: 'application/activity+json', href: account_url(object) },
{ rel: 'salmon', href: api_salmon_url(object.id) },
{ rel: 'magic-public-key', href: "data:application/magic-public-key,#{object.magic_key}" },
{ rel: 'http://ostatus.org/schema/1.0/subscribe', template: "#{authorize_interaction_url}?uri={uri}" },
]

12
app/services/authorize_follow_service.rb
View file

@ -11,25 +11,17 @@ class AuthorizeFollowService < BaseService
follow_request.authorize!
end
create_notification(follow_request) unless source_account.local?
create_notification(follow_request) if !source_account.local? && source_account.activitypub?
follow_request
end
private
def create_notification(follow_request)
if follow_request.account.ostatus?
NotificationWorker.perform_async(build_xml(follow_request), follow_request.target_account_id, follow_request.account_id)
elsif follow_request.account.activitypub?
ActivityPub::DeliveryWorker.perform_async(build_json(follow_request), follow_request.target_account_id, follow_request.account.inbox_url)
end
ActivityPub::DeliveryWorker.perform_async(build_json(follow_request), follow_request.target_account_id, follow_request.account.inbox_url)
end
def build_json(follow_request)
Oj.dump(serialize_payload(follow_request, ActivityPub::AcceptFollowSerializer))
end
def build_xml(follow_request)
OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.authorize_follow_request_salmon(follow_request))
end
end

34
app/services/batched_remove_status_service.rb
View file

@ -1,7 +1,6 @@
# frozen_string_literal: true
class BatchedRemoveStatusService < BaseService
include StreamEntryRenderer
include Redisable
# Delete given statuses and reblogs of them
@ -18,10 +17,7 @@ class BatchedRemoveStatusService < BaseService
@mentions = statuses.each_with_object({}) { |s, h| h[s.id] = s.active_mentions.includes(:account).to_a }
@tags = statuses.each_with_object({}) { |s, h| h[s.id] = s.tags.pluck(:name) }
@stream_entry_batches = []
@salmon_batches = []
@json_payloads = statuses.each_with_object({}) { |s, h| h[s.id] = Oj.dump(event: :delete, payload: s.id.to_s) }
@activity_xml = {}
@json_payloads = statuses.each_with_object({}) { |s, h| h[s.id] = Oj.dump(event: :delete, payload: s.id.to_s) }
# Ensure that rendered XML reflects destroyed state
statuses.each do |status|
@ -39,28 +35,16 @@ class BatchedRemoveStatusService < BaseService
unpush_from_home_timelines(account, account_statuses)
unpush_from_list_timelines(account, account_statuses)
batch_stream_entries(account, account_statuses) if account.local?
end
# Cannot be batched
statuses.each do |status|
unpush_from_public_timelines(status)
batch_salmon_slaps(status) if status.local?
end
Pubsubhubbub::RawDistributionWorker.push_bulk(@stream_entry_batches) { |batch| batch }
NotificationWorker.push_bulk(@salmon_batches) { |batch| batch }
end
private
def batch_stream_entries(account, statuses)
statuses.each do |status|
@stream_entry_batches << [build_xml(status.stream_entry), account.id]
end
end
def unpush_from_home_timelines(account, statuses)
recipients = account.followers_for_local_distribution.to_a
@ -101,20 +85,4 @@ class BatchedRemoveStatusService < BaseService
end
end
end
def batch_salmon_slaps(status)
return if @mentions[status.id].empty?
recipients = @mentions[status.id].map(&:account).reject(&:local?).select(&:ostatus?).uniq(&:domain).map(&:id)
recipients.each do |recipient_id|
@salmon_batches << [build_xml(status.stream_entry), status.account_id, recipient_id]
end
end
def build_xml(stream_entry)
return @activity_xml[stream_entry.id] if @activity_xml.key?(stream_entry.id)
@activity_xml[stream_entry.id] = stream_entry_to_xml(stream_entry)
end
end

1
app/services/block_domain_service.rb
View file

@ -44,7 +44,6 @@ class BlockDomainService < BaseService
def suspend_accounts!
blocked_domain_accounts.without_suspended.reorder(nil).find_each do |account|
UnsubscribeService.new.call(account) if account.subscribed?
SuspendAccountService.new.call(account, suspended_at: @domain_block.created_at)
end
end

12
app/services/block_service.rb
View file

@ -13,25 +13,17 @@ class BlockService < BaseService
block = account.block!(target_account)
BlockWorker.perform_async(account.id, target_account.id)
create_notification(block) unless target_account.local?
create_notification(block) if !target_account.local? && target_account.activitypub?
block
end
private
def create_notification(block)
if block.target_account.ostatus?
NotificationWorker.perform_async(build_xml(block), block.account_id, block.target_account_id)
elsif block.target_account.activitypub?
ActivityPub::DeliveryWorker.perform_async(build_json(block), block.account_id, block.target_account.inbox_url)
end
ActivityPub::DeliveryWorker.perform_async(build_json(block), block.account_id, block.target_account.inbox_url)
end
def build_json(block)
Oj.dump(serialize_payload(block, ActivityPub::BlockSerializer))
end
def build_xml(block)
OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.block_salmon(block))
end
end

23
app/services/concerns/author_extractor.rb
View file

@ -1,23 +0,0 @@
# frozen_string_literal: true
module AuthorExtractor
def author_from_xml(xml, update_profile = true)
return nil if xml.nil?
# Try <email> for acct
acct = xml.at_xpath('./xmlns:author/xmlns:email', xmlns: OStatus::TagManager::XMLNS)&.content
# Try <name> + <uri>
if acct.blank?
username = xml.at_xpath('./xmlns:author/xmlns:name', xmlns: OStatus::TagManager::XMLNS)&.content
uri = xml.at_xpath('./xmlns:author/xmlns:uri', xmlns: OStatus::TagManager::XMLNS)&.content
return nil if username.blank? || uri.blank?
domain = Addressable::URI.parse(uri).normalized_host
acct = "#{username}@#{domain}"
end
ResolveAccountService.new.call(acct, update_profile: update_profile)
end
end

7
app/services/concerns/stream_entry_renderer.rb
View file

@ -1,7 +0,0 @@
# frozen_string_literal: true
module StreamEntryRenderer
def stream_entry_to_xml(stream_entry)
OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.entry(stream_entry, true))
end
end

6
app/services/favourite_service.rb
View file

@ -30,8 +30,6 @@ class FavouriteService < BaseService
if status.account.local?
NotifyService.new.call(status.account, favourite)
elsif status.account.ostatus?
NotificationWorker.perform_async(build_xml(favourite), favourite.account_id, status.account_id)
elsif status.account.activitypub?
ActivityPub::DeliveryWorker.perform_async(build_json(favourite), favourite.account_id, status.account.inbox_url)
end
@ -46,8 +44,4 @@ class FavouriteService < BaseService
def build_json(favourite)
Oj.dump(serialize_payload(favourite, ActivityPub::LikeSerializer))
end
def build_xml(favourite)
OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.favourite_salmon(favourite))
end
end

28
app/services/fetch_remote_account_service.rb
View file

@ -1,8 +1,6 @@
# frozen_string_literal: true
class FetchRemoteAccountService < BaseService
include AuthorExtractor
def call(url, prefetched_body = nil, protocol = :ostatus)
if prefetched_body.nil?
resource_url, resource_options, protocol = FetchAtomService.new.call(url)
@ -12,34 +10,8 @@ class FetchRemoteAccountService < BaseService
end
case protocol
when :ostatus
process_atom(resource_url, **resource_options)
when :activitypub
ActivityPub::FetchRemoteAccountService.new.call(resource_url, **resource_options)
end
end
private
def process_atom(url, prefetched_body:)
xml = Nokogiri::XML(prefetched_body)
xml.encoding = 'utf-8'
account = author_from_xml(xml.at_xpath('/xmlns:feed', xmlns: OStatus::TagManager::XMLNS), false)
UpdateRemoteProfileService.new.call(xml, account) if account.present? && trusted_domain?(url, account)
account
rescue TypeError
Rails.logger.debug "Unparseable URL given: #{url}"
nil
rescue Nokogiri::XML::XPath::SyntaxError
Rails.logger.debug 'Invalid XML or missing namespace'
nil
end
def trusted_domain?(url, account)
domain = Addressable::URI.parse(url).normalized_host
domain.casecmp(account.domain).zero? || domain.casecmp(Addressable::URI.parse(account.remote_url.presence || account.uri).normalized_host).zero?
end
end

28
app/services/fetch_remote_status_service.rb
View file

@ -1,8 +1,6 @@
# frozen_string_literal: true
class FetchRemoteStatusService < BaseService
include AuthorExtractor
def call(url, prefetched_body = nil, protocol = :ostatus)
if prefetched_body.nil?
resource_url, resource_options, protocol = FetchAtomService.new.call(url)
@ -12,34 +10,8 @@ class FetchRemoteStatusService < BaseService
end
case protocol
when :ostatus
process_atom(resource_url, **resource_options)
when :activitypub
ActivityPub::FetchRemoteStatusService.new.call(resource_url, **resource_options)
end
end
private
def process_atom(url, prefetched_body:)
Rails.logger.debug "Processing Atom for remote status at #{url}"
xml = Nokogiri::XML(prefetched_body)
xml.encoding = 'utf-8'
account = author_from_xml(xml.at_xpath('/xmlns:entry', xmlns: OStatus::TagManager::XMLNS))
domain = Addressable::URI.parse(url).normalized_host
return nil unless !account.nil? && confirmed_domain?(domain, account)
statuses = ProcessFeedService.new.call(prefetched_body, account)
statuses.first
rescue Nokogiri::XML::XPath::SyntaxError
Rails.logger.debug 'Invalid XML or missing namespace'
nil
end
def confirmed_domain?(domain, account)
account.domain.nil? || domain.casecmp(account.domain).zero? || domain.casecmp(Addressable::URI.parse(account.remote_url.presence || account.uri).normalized_host).zero?
end
end

24
app/services/follow_service.rb
View file

@ -13,7 +13,7 @@ class FollowService < BaseService
target_account = ResolveAccountService.new.call(target_account, skip_webfinger: true)
raise ActiveRecord::RecordNotFound if target_account.nil? || target_account.id == source_account.id || target_account.suspended?
raise Mastodon::NotPermittedError if target_account.blocking?(source_account) || source_account.blocking?(target_account) || target_account.moved?
raise Mastodon::NotPermittedError if target_account.blocking?(source_account) || source_account.blocking?(target_account) || target_account.moved? || (!target_account.local? && target_account.ostatus?)
if source_account.following?(target_account)
# We're already following this account, but we'll call follow! again to
@ -32,7 +32,7 @@ class FollowService < BaseService
if target_account.locked? || target_account.activitypub?
request_follow(source_account, target_account, reblogs: reblogs)
else
elsif target_account.local?
direct_follow(source_account, target_account, reblogs: reblogs)
end
end
@ -44,9 +44,6 @@ class FollowService < BaseService
if target_account.local?
LocalNotificationWorker.perform_async(target_account.id, follow_request.id, follow_request.class.name)
elsif target_account.ostatus?
NotificationWorker.perform_async(build_follow_request_xml(follow_request), source_account.id, target_account.id)
AfterRemoteFollowRequestWorker.perform_async(follow_request.id)
elsif target_account.activitypub?
ActivityPub::DeliveryWorker.perform_async(build_json(follow_request), source_account.id, target_account.inbox_url)
end
@ -57,27 +54,12 @@ class FollowService < BaseService
def direct_follow(source_account, target_account, reblogs: true)
follow = source_account.follow!(target_account, reblogs: reblogs)
if target_account.local?
LocalNotificationWorker.perform_async(target_account.id, follow.id, follow.class.name)
else
Pubsubhubbub::SubscribeWorker.perform_async(target_account.id) unless target_account.subscribed?
NotificationWorker.perform_async(build_follow_xml(follow), source_account.id, target_account.id)
AfterRemoteFollowWorker.perform_async(follow.id)
end
LocalNotificationWorker.perform_async(target_account.id, follow.id, follow.class.name)
MergeWorker.perform_async(target_account.id, source_account.id)
follow
end
def build_follow_request_xml(follow_request)
OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.follow_request_salmon(follow_request))
end
def build_follow_xml(follow)
OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.follow_salmon(follow))
end
def build_json(follow_request)
Oj.dump(serialize_payload(follow_request, ActivityPub::FollowSerializer))
end

1
app/services/post_status_service.rb
View file

@ -88,7 +88,6 @@ class PostStatusService < BaseService
def postprocess_status!
LinkCrawlWorker.perform_async(@status.id) unless @status.spoiler_text?
DistributionWorker.perform_async(@status.id)
Pubsubhubbub::DistributionWorker.perform_async(@status.stream_entry.id)
ActivityPub::DistributionWorker.perform_async(@status.id)
PollExpirationNotifyWorker.perform_at(@status.poll.expires_at, @status.poll.id) if @status.poll
end

31
app/services/process_feed_service.rb
View file

@ -1,31 +0,0 @@
# frozen_string_literal: true
class ProcessFeedService < BaseService
def call(body, account, **options)
@options = options
xml = Nokogiri::XML(body)
xml.encoding = 'utf-8'
update_author(body, account)
process_entries(xml, account)
end
private
def update_author(body, account)
RemoteProfileUpdateWorker.perform_async(account.id, body.force_encoding('UTF-8'), true)
end
def process_entries(xml, account)
xml.xpath('//xmlns:entry', xmlns: OStatus::TagManager::XMLNS).reverse_each.map { |entry| process_entry(entry, account) }.compact
end
def process_entry(xml, account)
activity = OStatus::Activity::General.new(xml, account, @options)
activity.specialize&.perform if activity.status?
rescue ActiveRecord::RecordInvalid => e
Rails.logger.debug "Nothing was saved for #{activity.id} because: #{e}"
nil
end
end

151
app/services/process_interaction_service.rb
View file

@ -1,151 +0,0 @@
# frozen_string_literal: true
class ProcessInteractionService < BaseService
include AuthorExtractor
include Authorization
# Record locally the remote interaction with our user
# @param [String] envelope Salmon envelope
# @param [Account] target_account Account the Salmon was addressed to
def call(envelope, target_account)
body = salmon.unpack(envelope)
xml = Nokogiri::XML(body)
xml.encoding = 'utf-8'
account = author_from_xml(xml.at_xpath('/xmlns:entry', xmlns: OStatus::TagManager::XMLNS))
return if account.nil? || account.suspended?
if salmon.verify(envelope, account.keypair)
RemoteProfileUpdateWorker.perform_async(account.id, body.force_encoding('UTF-8'), true)
case verb(xml)
when :follow
follow!(account, target_account) unless target_account.locked? || target_account.blocking?(account) || target_account.domain_blocking?(account.domain)
when :request_friend
follow_request!(account, target_account) unless !target_account.locked? || target_account.blocking?(account) || target_account.domain_blocking?(account.domain)
when :authorize
authorize_follow_request!(account, target_account)
when :reject
reject_follow_request!(account, target_account)
when :unfollow
unfollow!(account, target_account)
when :favorite
favourite!(xml, account)
when :unfavorite
unfavourite!(xml, account)
when :post
add_post!(body, account) if mentions_account?(xml, target_account)
when :share
add_post!(body, account) unless status(xml).nil?
when :delete
delete_post!(xml, account)
when :block
reflect_block!(account, target_account)
when :unblock
reflect_unblock!(account, target_account)
end
end
rescue HTTP::Error, OStatus2::BadSalmonError, Mastodon::NotPermittedError
nil
end
private
def mentions_account?(xml, account)
xml.xpath('/xmlns:entry/xmlns:link[@rel="mentioned"]', xmlns: OStatus::TagManager::XMLNS).each { |mention_link| return true if [OStatus::TagManager.instance.uri_for(account), OStatus::TagManager.instance.url_for(account)].include?(mention_link.attribute('href').value) }
false
end
def verb(xml)
raw = xml.at_xpath('//activity:verb', activity: OStatus::TagManager::AS_XMLNS).content
OStatus::TagManager::VERBS.key(raw)
rescue
:post
end
def follow!(account, target_account)
follow = account.follow!(target_account)
FollowRequest.find_by(account: account, target_account: target_account)&.destroy
NotifyService.new.call(target_account, follow)
end
def follow_request!(account, target_account)
return if account.requested?(target_account)
follow_request = FollowRequest.create!(account: account, target_account: target_account)
NotifyService.new.call(target_account, follow_request)
end
def authorize_follow_request!(account, target_account)
follow_request = FollowRequest.find_by(account: target_account, target_account: account)
follow_request&.authorize!
Pubsubhubbub::SubscribeWorker.perform_async(account.id) unless account.subscribed?
end
def reject_follow_request!(account, target_account)
follow_request = FollowRequest.find_by(account: target_account, target_account: account)
follow_request&.reject!
end
def unfollow!(account, target_account)
account.unfollow!(target_account)
FollowRequest.find_by(account: account, target_account: target_account)&.destroy
end
def reflect_block!(account, target_account)
UnfollowService.new.call(target_account, account) if target_account.following?(account)
account.block!(target_account)
end
def reflect_unblock!(account, target_account)
UnblockService.new.call(account, target_account)
end
def delete_post!(xml, account)
status = Status.find(xml.at_xpath('//xmlns:id', xmlns: OStatus::TagManager::XMLNS).content)
return if status.nil?
authorize_with account, status, :destroy?
RemovalWorker.perform_async(status.id)
end
def favourite!(xml, from_account)
current_status = status(xml)
return if current_status.nil?
favourite = current_status.favourites.where(account: from_account).first_or_create!(account: from_account)
NotifyService.new.call(current_status.account, favourite)
end
def unfavourite!(xml, from_account)
current_status = status(xml)
return if current_status.nil?
favourite = current_status.favourites.where(account: from_account).first
favourite&.destroy
end
def add_post!(body, account)
ProcessingWorker.perform_async(account.id, body.force_encoding('UTF-8'))
end
def status(xml)
uri = activity_id(xml)
return nil unless OStatus::TagManager.instance.local_id?(uri)
Status.find(OStatus::TagManager.instance.unique_tag_to_local_id(uri, 'Status'))
end
def activity_id(xml)
xml.at_xpath('//activity:object', activity: OStatus::TagManager::AS_XMLNS).at_xpath('./xmlns:id', xmlns: OStatus::TagManager::XMLNS).content
end
def salmon
@salmon ||= OStatus2::Salmon.new
end
end

7
app/services/process_mentions_service.rb
View file

@ -1,7 +1,6 @@
# frozen_string_literal: true
class ProcessMentionsService < BaseService
include StreamEntryRenderer
include Payloadable
# Scan status for mentions and fetch remote mentioned users, create
@ -49,17 +48,11 @@ class ProcessMentionsService < BaseService
if mentioned_account.local?
LocalNotificationWorker.perform_async(mentioned_account.id, mention.id, mention.class.name)
elsif mentioned_account.ostatus? && !@status.stream_entry.hidden?
NotificationWorker.perform_async(ostatus_xml, @status.account_id, mentioned_account.id)
elsif mentioned_account.activitypub?
ActivityPub::DeliveryWorker.perform_async(activitypub_json, mention.status.account_id, mentioned_account.inbox_url)
end
end
def ostatus_xml
@ostatus_xml ||= stream_entry_to_xml(@status.stream_entry)
end
def activitypub_json
return @activitypub_json if defined?(@activitypub_json)
@activitypub_json = Oj.dump(serialize_payload(@status, ActivityPub::ActivitySerializer, signer: @status.account))

53
app/services/pubsubhubbub/subscribe_service.rb
View file

@ -1,53 +0,0 @@
# frozen_string_literal: true
class Pubsubhubbub::SubscribeService < BaseService
URL_PATTERN = /\A#{URI.regexp(%w(http https))}\z/
attr_reader :account, :callback, :secret,
:lease_seconds, :domain
def call(account, callback, secret, lease_seconds, verified_domain = nil)
@account = account
@callback = Addressable::URI.parse(callback).normalize.to_s
@secret = secret
@lease_seconds = lease_seconds
@domain = verified_domain
process_subscribe
end
private
def process_subscribe
if account.nil?
['Invalid topic URL', 422]
elsif !valid_callback?
['Invalid callback URL', 422]
elsif blocked_domain?
['Callback URL not allowed', 403]
else
confirm_subscription
['', 202]
end
end
def confirm_subscription
subscription = locate_subscription
Pubsubhubbub::ConfirmationWorker.perform_async(subscription.id, 'subscribe', secret, lease_seconds)
end
def valid_callback?
callback.present? && callback =~ URL_PATTERN
end
def blocked_domain?
DomainBlock.blocked? Addressable::URI.parse(callback).host
end
def locate_subscription
subscription = Subscription.find_or_initialize_by(account: account, callback_url: callback)
subscription.domain = domain
subscription.save!
subscription
end
end

31
app/services/pubsubhubbub/unsubscribe_service.rb
View file

@ -1,31 +0,0 @@
# frozen_string_literal: true
class Pubsubhubbub::UnsubscribeService < BaseService
attr_reader :account, :callback
def call(account, callback)
@account = account
@callback = Addressable::URI.parse(callback).normalize.to_s
process_unsubscribe
end
private
def process_unsubscribe
if account.nil?
['Invalid topic URL', 422]
else
confirm_unsubscribe unless subscription.nil?
['', 202]
end
end
def confirm_unsubscribe
Pubsubhubbub::ConfirmationWorker.perform_async(subscription.id, 'unsubscribe')
end
def subscription
@_subscription ||= Subscription.find_by(account: account, callback_url: callback)
end
end

4
app/services/reblog_service.rb
View file

@ -2,7 +2,6 @@
class ReblogService < BaseService
include Authorization
include StreamEntryRenderer
include Payloadable
# Reblog a status and notify its remote author
@ -24,7 +23,6 @@ class ReblogService < BaseService
reblog = account.statuses.create!(reblog: reblogged_status, text: '', visibility: visibility)
DistributionWorker.perform_async(reblog.id)
Pubsubhubbub::DistributionWorker.perform_async(reblog.stream_entry.id)
ActivityPub::DistributionWorker.perform_async(reblog.id)
create_notification(reblog)
@ -40,8 +38,6 @@ class ReblogService < BaseService
if reblogged_status.account.local?
LocalNotificationWorker.perform_async(reblogged_status.account_id, reblog.id, reblog.class.name)
elsif reblogged_status.account.ostatus?
NotificationWorker.perform_async(stream_entry_to_xml(reblog.stream_entry), reblog.account_id, reblogged_status.account_id)
elsif reblogged_status.account.activitypub? && !reblogged_status.account.following?(reblog.account)
ActivityPub::DeliveryWorker.perform_async(build_json(reblog), reblog.account_id, reblogged_status.account.inbox_url)
end

12
app/services/reject_follow_service.rb
View file

@ -6,25 +6,17 @@ class RejectFollowService < BaseService
def call(source_account, target_account)
follow_request = FollowRequest.find_by!(account: source_account, target_account: target_account)
follow_request.reject!
create_notification(follow_request) unless source_account.local?
create_notification(follow_request) if !source_account.local? && source_account.activitypub?
follow_request
end
private
def create_notification(follow_request)
if follow_request.account.ostatus?
NotificationWorker.perform_async(build_xml(follow_request), follow_request.target_account_id, follow_request.account_id)
elsif follow_request.account.activitypub?
ActivityPub::DeliveryWorker.perform_async(build_json(follow_request), follow_request.target_account_id, follow_request.account.inbox_url)
end
ActivityPub::DeliveryWorker.perform_async(build_json(follow_request), follow_request.target_account_id, follow_request.account.inbox_url)
end
def build_json(follow_request)
Oj.dump(serialize_payload(follow_request, ActivityPub::RejectFollowSerializer))
end
def build_xml(follow_request)
OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.reject_follow_request_salmon(follow_request))
end
end

13
app/services/remove_status_service.rb
View file

@ -1,7 +1,6 @@
# frozen_string_literal: true
class RemoveStatusService < BaseService
include StreamEntryRenderer
include Redisable
include Payloadable
@ -78,11 +77,6 @@ class RemoveStatusService < BaseService
target_accounts << @status.reblog.account if @status.reblog? && !@status.reblog.account.local?
target_accounts.uniq!(&:id)
# Ostatus
NotificationWorker.push_bulk(target_accounts.select(&:ostatus?).uniq(&:domain)) do |target_account|
[salmon_xml, @account.id, target_account.id]
end
# ActivityPub
ActivityPub::DeliveryWorker.push_bulk(target_accounts.select(&:activitypub?).uniq(&:preferred_inbox_url)) do |target_account|
[signed_activity_json, @account.id, target_account.preferred_inbox_url]
@ -90,9 +84,6 @@ class RemoveStatusService < BaseService
end
def remove_from_remote_followers
# OStatus
Pubsubhubbub::RawDistributionWorker.perform_async(salmon_xml, @account.id)
# ActivityPub
ActivityPub::DeliveryWorker.push_bulk(@account.followers.inboxes) do |inbox_url|
[signed_activity_json, @account.id, inbox_url]
@ -111,10 +102,6 @@ class RemoveStatusService < BaseService
end
end
def salmon_xml
@salmon_xml ||= stream_entry_to_xml(@stream_entry)
end
def signed_activity_json
@signed_activity_json ||= Oj.dump(serialize_payload(@status, @status.reblog? ? ActivityPub::UndoAnnounceSerializer : ActivityPub::DeleteSerializer, signer: @account))
end

133
app/services/resolve_account_service.rb
View file

@ -1,10 +1,9 @@
# frozen_string_literal: true
class ResolveAccountService < BaseService
include OStatus2::MagicKey
include JsonLdHelper
require_relative '../models/account'
DFRN_NS = 'http://purl.org/macgirvin/dfrn/1.0'
class ResolveAccountService < BaseService
include JsonLdHelper
# Find or create a local account for a remote user.
# When creating, look up the user's webfinger and fetch all
@ -48,18 +47,16 @@ class ResolveAccountService < BaseService
return
end
return if links_missing? || auto_suspend?
return Account.find_local(@username) if TagManager.instance.local_domain?(@domain)
return unless activitypub_ready?
RedisLock.acquire(lock_options) do |lock|
if lock.acquired?
@account = Account.find_remote(@username, @domain)
if activitypub_ready? || @account&.activitypub?
handle_activitypub
else
handle_ostatus
end
next unless @account.nil? || @account.activitypub?
handle_activitypub
else
raise Mastodon::RaceConditionError
end
@ -73,38 +70,12 @@ class ResolveAccountService < BaseService
private
def links_missing?
!(activitypub_ready? || ostatus_ready?)
end
def ostatus_ready?
!(@webfinger.link('http://schemas.google.com/g/2010#updates-from').nil? ||
@webfinger.link('salmon').nil? ||
@webfinger.link('http://webfinger.net/rel/profile-page').nil? ||
@webfinger.link('magic-public-key').nil? ||
canonical_uri.nil? ||
hub_url.nil?)
end
def webfinger_update_due?
@account.nil? || ((!@options[:skip_webfinger] || @account.ostatus?) && @account.possibly_stale?)
end
def activitypub_ready?
!@webfinger.link('self').nil? &&
['application/activity+json', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'].include?(@webfinger.link('self').type) &&
!actor_json.nil? &&
actor_json['inbox'].present?
end
def handle_ostatus
create_account if @account.nil?
update_account
update_account_profile if update_profile?
end
def update_profile?
@options[:update_profile]
!@webfinger.link('self').nil? && ['application/activity+json', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'].include?(@webfinger.link('self').type)
end
def handle_activitypub
@ -115,89 +86,10 @@ class ResolveAccountService < BaseService
nil
end
def create_account
Rails.logger.debug "Creating new remote account for #{@username}@#{@domain}"
@account = Account.new(username: @username, domain: @domain)
@account.suspended_at = domain_block.created_at if auto_suspend?
@account.silenced_at = domain_block.created_at if auto_silence?
@account.private_key = nil
end
def update_account
@account.last_webfingered_at = Time.now.utc
@account.protocol = :ostatus
@account.remote_url = atom_url
@account.salmon_url = salmon_url
@account.url = url
@account.public_key = public_key
@account.uri = canonical_uri
@account.hub_url = hub_url
@account.save!
end
def auto_suspend?
domain_block&.suspend?
end
def auto_silence?
domain_block&.silence?
end
def domain_block
return @domain_block if defined?(@domain_block)
@domain_block = DomainBlock.rule_for(@domain)
end
def atom_url
@atom_url ||= @webfinger.link('http://schemas.google.com/g/2010#updates-from').href
end
def salmon_url
@salmon_url ||= @webfinger.link('salmon').href
end
def actor_url
@actor_url ||= @webfinger.link('self').href
end
def url
@url ||= @webfinger.link('http://webfinger.net/rel/profile-page').href
end
def public_key
@public_key ||= magic_key_to_pem(@webfinger.link('magic-public-key').href)
end
def canonical_uri
return @canonical_uri if defined?(@canonical_uri)
author_uri = atom.at_xpath('/xmlns:feed/xmlns:author/xmlns:uri')
if author_uri.nil?
owner = atom.at_xpath('/xmlns:feed').at_xpath('./dfrn:owner', dfrn: DFRN_NS)
author_uri = owner.at_xpath('./xmlns:uri') unless owner.nil?
end
@canonical_uri = author_uri.nil? ? nil : author_uri.content
end
def hub_url
return @hub_url if defined?(@hub_url)
hubs = atom.xpath('//xmlns:link[@rel="hub"]')
@hub_url = hubs.empty? || hubs.first['href'].nil? ? nil : hubs.first['href']
end
def atom_body
return @atom_body if defined?(@atom_body)
@atom_body = Request.new(:get, atom_url).perform do |response|
raise Mastodon::UnexpectedResponseError, response unless response.code == 200
response.body_with_limit
end
end
def actor_json
return @actor_json if defined?(@actor_json)
@ -205,15 +97,6 @@ class ResolveAccountService < BaseService
@actor_json = supported_context?(json) && equals_or_includes_any?(json['type'], ActivityPub::FetchRemoteAccountService::SUPPORTED_TYPES) ? json : nil
end
def atom
return @atom if defined?(@atom)
@atom = Nokogiri::XML(atom_body)
end
def update_account_profile
RemoteProfileUpdateWorker.perform_async(@account.id, atom_body.force_encoding('UTF-8'), false)
end
def lock_options
{ redis: Redis.current, key: "resolve:#{@username}@#{@domain}" }
end

39
app/services/send_interaction_service.rb
View file

@ -1,39 +0,0 @@
# frozen_string_literal: true
class SendInteractionService < BaseService
# Send an Atom representation of an interaction to a remote Salmon endpoint
# @param [String] Entry XML
# @param [Account] source_account
# @param [Account] target_account
def call(xml, source_account, target_account)
@xml = xml
@source_account = source_account
@target_account = target_account
return if !target_account.ostatus? || block_notification?
build_request.perform do |delivery|
raise Mastodon::UnexpectedResponseError, delivery unless delivery.code > 199 && delivery.code < 300
end
end
private
def build_request
request = Request.new(:post, @target_account.salmon_url, body: envelope)
request.add_headers('Content-Type' => 'application/magic-envelope+xml')
request
end
def envelope
salmon.pack(@xml, @source_account.keypair)
end
def block_notification?
DomainBlock.blocked?(@target_account.domain)
end
def salmon
@salmon ||= OStatus2::Salmon.new
end
end

58
app/services/subscribe_service.rb
View file

@ -1,58 +0,0 @@
# frozen_string_literal: true
class SubscribeService < BaseService
def call(account)
return if account.hub_url.blank?
@account = account
@account.secret = SecureRandom.hex
build_request.perform do |response|
if response_failed_permanently? response
# We're not allowed to subscribe. Fail and move on.
@account.secret = ''
@account.save!
elsif response_successful? response
# The subscription will be confirmed asynchronously.
@account.save!
else
# The response was either a 429 rate limit, or a 5xx error.
# We need to retry at a later time. Fail loudly!
raise Mastodon::UnexpectedResponseError, response
end
end
end
private
def build_request
request = Request.new(:post, @account.hub_url, form: subscription_params)
request.on_behalf_of(some_local_account) if some_local_account
request
end
def subscription_params
{
'hub.topic': @account.remote_url,
'hub.mode': 'subscribe',
'hub.callback': api_subscription_url(@account.id),
'hub.verify': 'async',
'hub.secret': @account.secret,
'hub.lease_seconds': 7.days.seconds,
}
end
def some_local_account
@some_local_account ||= Account.local.without_suspended.first
end
# Any response in the 3xx or 4xx range, except for 429 (rate limit)
def response_failed_permanently?(response)
(response.status.redirect? || response.status.client_error?) && !response.status.too_many_requests?
end
# Any response in the 2xx range
def response_successful?(response)
response.status.success?
end
end

12
app/services/unblock_service.rb
View file

@ -7,25 +7,17 @@ class UnblockService < BaseService
return unless account.blocking?(target_account)
unblock = account.unblock!(target_account)
create_notification(unblock) unless target_account.local?
create_notification(unblock) if !target_account.local? && target_account.activitypub?
unblock
end
private
def create_notification(unblock)
if unblock.target_account.ostatus?
NotificationWorker.perform_async(build_xml(unblock), unblock.account_id, unblock.target_account_id)
elsif unblock.target_account.activitypub?
ActivityPub::DeliveryWorker.perform_async(build_json(unblock), unblock.account_id, unblock.target_account.inbox_url)
end
ActivityPub::DeliveryWorker.perform_async(build_json(unblock), unblock.account_id, unblock.target_account.inbox_url)
end
def build_json(unblock)
Oj.dump(serialize_payload(unblock, ActivityPub::UndoBlockSerializer))
end
def build_xml(block)
OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.unblock_salmon(block))
end
end

13
app/services/unfavourite_service.rb
View file

@ -6,7 +6,7 @@ class UnfavouriteService < BaseService
def call(account, status)
favourite = Favourite.find_by!(account: account, status: status)
favourite.destroy!
create_notification(favourite) unless status.local?
create_notification(favourite) if !status.account.local? && status.account.activitypub?
favourite
end
@ -14,19 +14,10 @@ class UnfavouriteService < BaseService
def create_notification(favourite)
status = favourite.status
if status.account.ostatus?
NotificationWorker.perform_async(build_xml(favourite), favourite.account_id, status.account_id)
elsif status.account.activitypub?
ActivityPub::DeliveryWorker.perform_async(build_json(favourite), favourite.account_id, status.account.inbox_url)
end
ActivityPub::DeliveryWorker.perform_async(build_json(favourite), favourite.account_id, status.account.inbox_url)
end
def build_json(favourite)
Oj.dump(serialize_payload(favourite, ActivityPub::UndoLikeSerializer))
end
def build_xml(favourite)
OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.unfavourite_salmon(favourite))
end
end

16
app/services/unfollow_service.rb
View file

@ -21,8 +21,8 @@ class UnfollowService < BaseService
return unless follow
follow.destroy!
create_notification(follow) unless @target_account.local?
create_reject_notification(follow) if @target_account.local? && !@source_account.local?
create_notification(follow) if !@target_account.local? && @target_account.activitypub?
create_reject_notification(follow) if @target_account.local? && !@source_account.local? && @source_account.activitypub?
UnmergeWorker.perform_async(@target_account.id, @source_account.id)
follow
end
@ -38,16 +38,10 @@ class UnfollowService < BaseService
end
def create_notification(follow)
if follow.target_account.ostatus?
NotificationWorker.perform_async(build_xml(follow), follow.account_id, follow.target_account_id)
elsif follow.target_account.activitypub?
ActivityPub::DeliveryWorker.perform_async(build_json(follow), follow.account_id, follow.target_account.inbox_url)
end
ActivityPub::DeliveryWorker.perform_async(build_json(follow), follow.account_id, follow.target_account.inbox_url)
end
def create_reject_notification(follow)
# Rejecting an already-existing follow request
return unless follow.account.activitypub?
ActivityPub::DeliveryWorker.perform_async(build_reject_json(follow), follow.target_account_id, follow.account.inbox_url)
end
@ -58,8 +52,4 @@ class UnfollowService < BaseService
def build_reject_json(follow)
Oj.dump(serialize_payload(follow, ActivityPub::RejectFollowSerializer))
end
def build_xml(follow)
OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.unfollow_salmon(follow))
end
end

36
app/services/unsubscribe_service.rb
View file

@ -1,36 +0,0 @@
# frozen_string_literal: true
class UnsubscribeService < BaseService
def call(account)
return if account.hub_url.blank?
@account = account
begin
build_request.perform do |response|
Rails.logger.debug "PuSH unsubscribe for #{@account.acct} failed: #{response.status}" unless response.status.success?
end
rescue HTTP::Error, OpenSSL::SSL::SSLError => e
Rails.logger.debug "PuSH unsubscribe for #{@account.acct} failed: #{e}"
end
@account.secret = ''
@account.subscription_expires_at = nil
@account.save!
end
private
def build_request
Request.new(:post, @account.hub_url, form: subscription_params)
end
def subscription_params
{
'hub.topic': @account.remote_url,
'hub.mode': 'unsubscribe',
'hub.callback': api_subscription_url(@account.id),
'hub.verify': 'async',
}
end
end

66
app/services/update_remote_profile_service.rb
View file

@ -1,66 +0,0 @@
# frozen_string_literal: true
class UpdateRemoteProfileService < BaseService
attr_reader :account, :remote_profile
def call(body, account, resubscribe = false)
@account = account
@remote_profile = RemoteProfile.new(body)
return if remote_profile.root.nil?
update_account unless remote_profile.author.nil?
old_hub_url = account.hub_url
account.hub_url = remote_profile.hub_link if remote_profile.hub_link.present? && remote_profile.hub_link != old_hub_url
account.save_with_optional_media!
Pubsubhubbub::SubscribeWorker.perform_async(account.id) if resubscribe && account.hub_url != old_hub_url
end
private
def update_account
account.display_name = remote_profile.display_name || ''
account.note = remote_profile.note || ''
account.locked = remote_profile.locked?
if !account.suspended? && !DomainBlock.reject_media?(account.domain)
if remote_profile.avatar.present?
account.avatar_remote_url = remote_profile.avatar
else
account.avatar_remote_url = ''
account.avatar.destroy
end
if remote_profile.header.present?
account.header_remote_url = remote_profile.header
else
account.header_remote_url = ''
account.header.destroy
end
save_emojis if remote_profile.emojis.present?
end
end
def save_emojis
do_not_download = DomainBlock.reject_media?(account.domain)
return if do_not_download
remote_profile.emojis.each do |link|
next unless link['href'] && link['name']
shortcode = link['name'].delete(':')
emoji = CustomEmoji.find_by(shortcode: shortcode, domain: account.domain)
next unless emoji.nil?
emoji = CustomEmoji.new(shortcode: shortcode, domain: account.domain)
emoji.image_remote_url = link['href']
emoji.save
end
end
end

26
app/services/verify_salmon_service.rb
View file

@ -1,26 +0,0 @@
# frozen_string_literal: true
class VerifySalmonService < BaseService
include AuthorExtractor
def call(payload)
body = salmon.unpack(payload)
xml = Nokogiri::XML(body)
xml.encoding = 'utf-8'
account = author_from_xml(xml.at_xpath('/xmlns:entry', xmlns: OStatus::TagManager::XMLNS))
if account.nil?
false
else
salmon.verify(payload, account.keypair)
end
end
private
def salmon
@salmon ||= OStatus2::Salmon.new
end
end

1
app/views/accounts/show.html.haml
View file

@ -7,7 +7,6 @@
- if @account.user&.setting_noindex
%meta{ name: 'robots', content: 'noindex' }/
%link{ rel: 'salmon', href: api_salmon_url(@account.id) }/
%link{ rel: 'alternate', type: 'application/atom+xml', href: account_url(@account, format: 'atom') }/
%link{ rel: 'alternate', type: 'application/rss+xml', href: account_url(@account, format: 'rss') }/
%link{ rel: 'alternate', type: 'application/activity+json', href: ActivityPub::TagManager.instance.uri_for(@account) }/

18
app/views/admin/subscriptions/_subscription.html.haml
View file

@ -1,18 +0,0 @@
%tr
%td
%samp= subscription.account.acct
%td
%samp= subscription.callback_url
%td
- if subscription.confirmed?
%i.fa.fa-check
%td{ style: "color: #{subscription.expired? ? 'red' : 'inherit'};" }
%time.time-ago{ datetime: subscription.expires_at.iso8601, title: l(subscription.expires_at) }
= precede subscription.expired? ? '-' : '' do
= time_ago_in_words(subscription.expires_at)
%td
- if subscription.last_successful_delivery_at?
%time.formatted{ datetime: subscription.last_successful_delivery_at.iso8601, title: l(subscription.last_successful_delivery_at) }
= l subscription.last_successful_delivery_at
- else
%i.fa.fa-times

16
app/views/admin/subscriptions/index.html.haml
View file

@ -1,16 +0,0 @@
- content_for :page_title do
= t('admin.subscriptions.title')
.table-wrapper
%table.table
%thead
%tr
%th= t('admin.subscriptions.topic')
%th= t('admin.subscriptions.callback_url')
%th= t('admin.subscriptions.confirmed')
%th= t('admin.subscriptions.expires_in')
%th= t('admin.subscriptions.last_delivery')
%tbody
= render @subscriptions
= paginate @subscriptions

5
app/views/well_known/webfinger/show.xml.ruby
View file

@ -25,11 +25,6 @@ doc << Ox::Element.new('XRD').tap do |xrd|
link['href'] = account_url(@account)
end
xrd << Ox::Element.new('Link').tap do |link|
link['rel'] = 'salmon'
link['href'] = api_salmon_url(@account.id)
end
xrd << Ox::Element.new('Link').tap do |link|
link['rel'] = 'magic-public-key'
link['href'] = "data:application/magic-public-key,#{@account.magic_key}"

24
app/workers/after_remote_follow_request_worker.rb
View file

@ -5,27 +5,5 @@ class AfterRemoteFollowRequestWorker
sidekiq_options queue: 'pull', retry: 5
attr_reader :follow_request
def perform(follow_request_id)
@follow_request = FollowRequest.find(follow_request_id)
process_follow_service if processing_required?
rescue ActiveRecord::RecordNotFound
true
end
private
def process_follow_service
follow_request.destroy
FollowService.new.call(follow_request.account, updated_account.acct)
end
def processing_required?
!updated_account.nil? && !updated_account.locked?
end
def updated_account
@_updated_account ||= FetchRemoteAccountService.new.call(follow_request.target_account.remote_url)
end
def perform(follow_request_id); end
end

24
app/workers/after_remote_follow_worker.rb
View file

@ -5,27 +5,5 @@ class AfterRemoteFollowWorker
sidekiq_options queue: 'pull', retry: 5
attr_reader :follow
def perform(follow_id)
@follow = Follow.find(follow_id)
process_follow_service if processing_required?
rescue ActiveRecord::RecordNotFound
true
end
private
def process_follow_service
follow.destroy
FollowService.new.call(follow.account, updated_account.acct)
end
def updated_account
@_updated_account ||= FetchRemoteAccountService.new.call(follow.target_account.remote_url)
end
def processing_required?
!updated_account.nil? && updated_account.locked?
end
def perform(follow_id); end
end

4
app/workers/notification_worker.rb
View file

@ -5,7 +5,5 @@ class NotificationWorker
sidekiq_options queue: 'push', retry: 5
def perform(xml, source_account_id, target_account_id)
SendInteractionService.new.call(xml, Account.find(source_account_id), Account.find(target_account_id))
end
def perform(xml, source_account_id, target_account_id); end
end

4
app/workers/processing_worker.rb
View file

@ -5,7 +5,5 @@ class ProcessingWorker
sidekiq_options backtrace: true
def perform(account_id, body)
ProcessFeedService.new.call(body, Account.find(account_id), override_timestamps: true)
end
def perform(account_id, body); end
end

75
app/workers/pubsubhubbub/confirmation_worker.rb
View file

@ -2,81 +2,8 @@
class Pubsubhubbub::ConfirmationWorker
include Sidekiq::Worker
include RoutingHelper
sidekiq_options queue: 'push', retry: false
attr_reader :subscription, :mode, :secret, :lease_seconds
def perform(subscription_id, mode, secret = nil, lease_seconds = nil)
@subscription = Subscription.find(subscription_id)
@mode = mode
@secret = secret
@lease_seconds = lease_seconds
process_confirmation
end
private
def process_confirmation
prepare_subscription
callback_get_with_params
logger.debug "Confirming PuSH subscription for #{subscription.callback_url} with challenge #{challenge}: #{@callback_response_body}"
update_subscription
end
def update_subscription
if successful_subscribe?
subscription.save!
elsif successful_unsubscribe?
subscription.destroy!
end
end
def successful_subscribe?
subscribing? && response_matches_challenge?
end
def successful_unsubscribe?
(unsubscribing? && response_matches_challenge?) || !subscription.confirmed?
end
def response_matches_challenge?
@callback_response_body == challenge
end
def subscribing?
mode == 'subscribe'
end
def unsubscribing?
mode == 'unsubscribe'
end
def callback_get_with_params
Request.new(:get, subscription.callback_url, params: callback_params).perform do |response|
@callback_response_body = response.body_with_limit
end
end
def callback_params
{
'hub.topic': account_url(subscription.account, format: :atom),
'hub.mode': mode,
'hub.challenge': challenge,
'hub.lease_seconds': subscription.lease_seconds,
}
end
def prepare_subscription
subscription.secret = secret
subscription.lease_seconds = lease_seconds
subscription.confirmed = true
end
def challenge
@_challenge ||= SecureRandom.hex
end
def perform(subscription_id, mode, secret = nil, lease_seconds = nil); end
end

74
app/workers/pubsubhubbub/delivery_worker.rb
View file

@ -2,80 +2,8 @@
class Pubsubhubbub::DeliveryWorker
include Sidekiq::Worker
include RoutingHelper
sidekiq_options queue: 'push', retry: 3, dead: false
sidekiq_retry_in do |count|
5 * (count + 1)
end
attr_reader :subscription, :payload
def perform(subscription_id, payload)
@subscription = Subscription.find(subscription_id)
@payload = payload
process_delivery unless blocked_domain?
rescue => e
raise e.class, "Delivery failed for #{subscription&.callback_url}: #{e.message}", e.backtrace[0]
end
private
def process_delivery
callback_post_payload do |payload_delivery|
raise Mastodon::UnexpectedResponseError, payload_delivery unless response_successful? payload_delivery
end
subscription.touch(:last_successful_delivery_at)
end
def callback_post_payload(&block)
request = Request.new(:post, subscription.callback_url, body: payload)
request.add_headers(headers)
request.perform(&block)
end
def blocked_domain?
DomainBlock.blocked?(host)
end
def host
Addressable::URI.parse(subscription.callback_url).normalized_host
end
def headers
{
'Content-Type' => 'application/atom+xml',
'Link' => link_header,
}.merge(signature_headers.to_h)
end
def link_header
LinkHeader.new([hub_link_header, self_link_header]).to_s
end
def hub_link_header
[api_push_url, [%w(rel hub)]]
end
def self_link_header
[account_url(subscription.account, format: :atom), [%w(rel self)]]
end
def signature_headers
{ 'X-Hub-Signature' => payload_signature } if subscription.secret?
end
def payload_signature
"sha1=#{hmac_payload_digest}"
end
def hmac_payload_digest
OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha1'), subscription.secret, payload)
end
def response_successful?(payload_delivery)
payload_delivery.code > 199 && payload_delivery.code < 300
end
def perform(subscription_id, payload); end
end

25
app/workers/pubsubhubbub/distribution_worker.rb
View file

@ -5,28 +5,5 @@ class Pubsubhubbub::DistributionWorker
sidekiq_options queue: 'push'
def perform(stream_entry_ids)
stream_entries = StreamEntry.where(id: stream_entry_ids).includes(:status).reject { |e| e.status.nil? || e.status.hidden? }
return if stream_entries.empty?
@account = stream_entries.first.account
@subscriptions = active_subscriptions.to_a
distribute_public!(stream_entries)
end
private
def distribute_public!(stream_entries)
@payload = OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.feed(@account, stream_entries))
Pubsubhubbub::DeliveryWorker.push_bulk(@subscriptions) do |subscription_id|
[subscription_id, @payload]
end
end
def active_subscriptions
Subscription.where(account: @account).active.pluck(:id)
end
def perform(stream_entry_ids); end
end

15
app/workers/pubsubhubbub/raw_distribution_worker.rb
View file

@ -5,18 +5,5 @@ class Pubsubhubbub::RawDistributionWorker
sidekiq_options queue: 'push'
def perform(xml, source_account_id)
@account = Account.find(source_account_id)
@subscriptions = active_subscriptions.to_a
Pubsubhubbub::DeliveryWorker.push_bulk(@subscriptions) do |subscription|
[subscription.id, xml]
end
end
private
def active_subscriptions
Subscription.where(account: @account).active.select('id, callback_url, domain')
end
def perform(xml, source_account_id); end
end

27
app/workers/pubsubhubbub/subscribe_worker.rb
View file

@ -5,30 +5,5 @@ class Pubsubhubbub::SubscribeWorker
sidekiq_options queue: 'push', retry: 10, unique: :until_executed, dead: false
sidekiq_retry_in do |count|
case count
when 0
30.minutes.seconds
when 1
2.hours.seconds
when 2
12.hours.seconds
else
24.hours.seconds * (count - 2)
end
end
sidekiq_retries_exhausted do |msg, _e|
account = Account.find(msg['args'].first)
Sidekiq.logger.error "PuSH subscription attempts for #{account.acct} exhausted. Unsubscribing"
::UnsubscribeService.new.call(account)
end
def perform(account_id)
account = Account.find(account_id)
logger.debug "PuSH re-subscribing to #{account.acct}"
::SubscribeService.new.call(account)
rescue => e
raise e.class, "Subscribe failed for #{account&.acct}: #{e.message}", e.backtrace[0]
end
def perform(account_id); end
end

8
app/workers/pubsubhubbub/unsubscribe_worker.rb
View file

@ -5,11 +5,5 @@ class Pubsubhubbub::UnsubscribeWorker
sidekiq_options queue: 'push', retry: false, unique: :until_executed, dead: false
def perform(account_id)
account = Account.find(account_id)
logger.debug "PuSH unsubscribing from #{account.acct}"
::UnsubscribeService.new.call(account)
rescue ActiveRecord::RecordNotFound
true
end
def perform(account_id); end
end

6
app/workers/remote_profile_update_worker.rb
View file

@ -5,9 +5,5 @@ class RemoteProfileUpdateWorker
sidekiq_options queue: 'pull'
def perform(account_id, body, resubscribe)
UpdateRemoteProfileService.new.call(body, Account.find(account_id), resubscribe)
rescue ActiveRecord::RecordNotFound
true
end
def perform(account_id, body, resubscribe); end
end

6
app/workers/salmon_worker.rb
View file

@ -5,9 +5,5 @@ class SalmonWorker
sidekiq_options backtrace: true
def perform(account_id, body)
ProcessInteractionService.new.call(body, Account.find(account_id))
rescue Nokogiri::XML::XPath::SyntaxError, ActiveRecord::RecordNotFound
true
end
def perform(account_id, body); end
end

10
app/workers/scheduler/subscriptions_scheduler.rb
View file

@ -5,13 +5,5 @@ class Scheduler::SubscriptionsScheduler
sidekiq_options unique: :until_executed, retry: 0
def perform
Pubsubhubbub::SubscribeWorker.push_bulk(expiring_accounts.pluck(:id))
end
private
def expiring_accounts
Account.expiring(1.day.from_now).partitioned
end
def perform; end
end