2019-01-19 10:56:50 +09:00
|
|
|
{- This file is part of Vervis.
|
|
|
|
-
|
|
|
|
- Written in 2019 by fr33domlover <fr33domlover@riseup.net>.
|
|
|
|
-
|
|
|
|
- ♡ Copying is an act of love. Please copy, reuse and share.
|
|
|
|
-
|
|
|
|
- The author(s) have dedicated all copyright and related and neighboring
|
|
|
|
- rights to this software to the public domain worldwide. This software is
|
|
|
|
- distributed without any warranty.
|
|
|
|
-
|
|
|
|
- You should have received a copy of the CC0 Public Domain Dedication along
|
|
|
|
- with this software. If not, see
|
|
|
|
- <http://creativecommons.org/publicdomain/zero/1.0/>.
|
|
|
|
-}
|
|
|
|
|
|
|
|
module Vervis.Handler.Inbox
|
|
|
|
( getInboxR
|
|
|
|
, postInboxR
|
2019-01-22 00:54:57 +09:00
|
|
|
, getOutboxR
|
|
|
|
, postOutboxR
|
2019-02-07 19:34:33 +09:00
|
|
|
, getActorKey1R
|
|
|
|
, getActorKey2R
|
2019-01-19 10:56:50 +09:00
|
|
|
)
|
|
|
|
where
|
|
|
|
|
|
|
|
import Prelude
|
|
|
|
|
|
|
|
import Control.Applicative ((<|>))
|
|
|
|
import Control.Concurrent.STM.TVar (readTVarIO, modifyTVar')
|
|
|
|
import Control.Exception (displayException)
|
2019-03-10 15:42:03 +09:00
|
|
|
import Control.Monad
|
2019-01-19 10:56:50 +09:00
|
|
|
import Control.Monad.IO.Class (liftIO)
|
|
|
|
import Control.Monad.STM (atomically)
|
2019-03-10 15:42:03 +09:00
|
|
|
import Control.Monad.Trans.Except
|
2019-02-22 08:59:53 +09:00
|
|
|
import Control.Monad.Trans.Maybe
|
2019-01-19 10:56:50 +09:00
|
|
|
import Crypto.Error (CryptoFailable (..))
|
|
|
|
import Crypto.PubKey.Ed25519 (publicKey, signature, verify)
|
2019-01-22 00:54:57 +09:00
|
|
|
import Data.Aeson
|
2019-01-19 10:56:50 +09:00
|
|
|
import Data.Bifunctor (first, second)
|
2019-02-15 08:27:40 +09:00
|
|
|
import Data.Foldable (for_)
|
2019-01-19 10:56:50 +09:00
|
|
|
import Data.HashMap.Strict (HashMap)
|
2019-01-22 00:54:57 +09:00
|
|
|
import Data.List.NonEmpty (NonEmpty (..))
|
2019-02-07 19:34:33 +09:00
|
|
|
import Data.PEM (PEM (..))
|
2019-01-19 10:56:50 +09:00
|
|
|
import Data.Text (Text)
|
2019-01-22 00:54:57 +09:00
|
|
|
import Data.Text.Encoding (encodeUtf8)
|
2019-01-19 10:56:50 +09:00
|
|
|
import Data.Text.Lazy.Encoding (decodeUtf8)
|
|
|
|
import Data.Time.Clock (UTCTime, getCurrentTime)
|
|
|
|
import Data.Time.Interval (TimeInterval, toTimeUnit)
|
|
|
|
import Data.Time.Units (Second)
|
2019-02-15 08:27:40 +09:00
|
|
|
import Database.Persist (Entity (..), getBy, insertBy, insert_)
|
2019-01-19 10:56:50 +09:00
|
|
|
import Network.HTTP.Client (Manager, HttpException, requestFromURI)
|
2019-01-19 11:57:58 +09:00
|
|
|
import Network.HTTP.Simple (httpJSONEither, getResponseBody, setRequestManager, addRequestHeader)
|
2019-01-22 00:54:57 +09:00
|
|
|
import Network.HTTP.Types.Header (hDate, hHost)
|
2019-01-19 10:56:50 +09:00
|
|
|
import Text.Blaze.Html (Html)
|
2019-02-12 20:53:24 +09:00
|
|
|
import Text.Shakespeare.I18N (RenderMessage)
|
2019-01-19 10:56:50 +09:00
|
|
|
import UnliftIO.Exception (try)
|
2019-01-22 00:54:57 +09:00
|
|
|
import Yesod.Auth (requireAuth)
|
2019-02-12 20:53:24 +09:00
|
|
|
import Yesod.Core (ContentType, defaultLayout, whamlet, toHtml, HandlerSite)
|
2019-02-07 19:34:33 +09:00
|
|
|
import Yesod.Core.Content (TypedContent)
|
2019-01-19 10:56:50 +09:00
|
|
|
import Yesod.Core.Json (requireJsonBody)
|
|
|
|
import Yesod.Core.Handler
|
2019-02-12 20:53:24 +09:00
|
|
|
import Yesod.Form.Fields (Textarea (..), textField, textareaField)
|
|
|
|
import Yesod.Form.Functions
|
|
|
|
import Yesod.Form.Types
|
2019-01-22 00:54:57 +09:00
|
|
|
import Yesod.Persist.Core (runDB, get404)
|
2019-01-19 10:56:50 +09:00
|
|
|
|
|
|
|
import qualified Data.ByteString.Char8 as BC (unpack)
|
|
|
|
import qualified Data.CaseInsensitive as CI (mk)
|
2019-01-22 00:54:57 +09:00
|
|
|
import qualified Data.HashMap.Strict as M (lookup, insert, adjust, fromList)
|
2019-03-05 00:47:22 +09:00
|
|
|
import qualified Data.Text as T (pack, unpack, concat)
|
2019-01-22 00:54:57 +09:00
|
|
|
import qualified Data.Text.Lazy as TL (toStrict)
|
2019-03-14 11:30:36 +09:00
|
|
|
import qualified Data.Vector as V
|
2019-01-19 10:56:50 +09:00
|
|
|
import qualified Network.Wai as W (requestMethod, rawPathInfo, requestHeaders)
|
|
|
|
|
|
|
|
import Network.HTTP.Signature hiding (Algorithm (..))
|
2019-01-19 13:21:56 +09:00
|
|
|
import Yesod.HttpSignature (verifyRequestSignature)
|
2019-01-19 10:56:50 +09:00
|
|
|
|
|
|
|
import qualified Network.HTTP.Signature as S (Algorithm (..))
|
|
|
|
|
2019-02-12 20:53:24 +09:00
|
|
|
import Data.Aeson.Encode.Pretty.ToEncoding
|
2019-03-10 02:12:43 +09:00
|
|
|
import Database.Persist.Local
|
2019-02-08 08:08:28 +09:00
|
|
|
import Network.FedURI
|
2019-01-22 00:54:57 +09:00
|
|
|
import Web.ActivityPub
|
2019-02-12 20:53:24 +09:00
|
|
|
import Yesod.Auth.Unverified
|
2019-01-22 00:54:57 +09:00
|
|
|
|
2019-02-07 19:34:33 +09:00
|
|
|
import Vervis.ActorKey
|
2019-01-22 00:54:57 +09:00
|
|
|
import Vervis.Foundation
|
|
|
|
import Vervis.Model
|
2019-03-10 02:12:43 +09:00
|
|
|
import Vervis.RemoteActorStore
|
2019-01-19 10:56:50 +09:00
|
|
|
import Vervis.Settings (AppSettings (appHttpSigTimeLimit))
|
|
|
|
|
|
|
|
getInboxR :: Handler Html
|
|
|
|
getInboxR = do
|
|
|
|
acts <- liftIO . readTVarIO =<< getsYesod appActivities
|
|
|
|
defaultLayout
|
|
|
|
[whamlet|
|
|
|
|
<p>
|
|
|
|
Welcome to the ActivityPub inbox test page! It's the beginning of
|
|
|
|
federation support in Vervis. Currently POSTing activities
|
|
|
|
doesn't do anything, they're just verified and the results are
|
2019-02-12 20:53:24 +09:00
|
|
|
displayed on this page. To test, go to another Vervis instance's
|
|
|
|
outbox page, submit an activity, and come back here to see
|
|
|
|
results.
|
2019-01-19 10:56:50 +09:00
|
|
|
<p>Last 10 activities posted:
|
|
|
|
<ul>
|
|
|
|
$forall (time, result) <- acts
|
|
|
|
<li>
|
|
|
|
<div>#{show time}
|
|
|
|
$case result
|
|
|
|
$of Left e
|
|
|
|
<div>#{e}
|
|
|
|
$of Right (ct, o)
|
|
|
|
<div><code>#{BC.unpack ct}
|
|
|
|
<div><pre>#{decodeUtf8 o}
|
|
|
|
|]
|
|
|
|
|
|
|
|
postInboxR :: Handler ()
|
|
|
|
postInboxR = do
|
|
|
|
now <- liftIO getCurrentTime
|
|
|
|
r <- runExceptT $ getActivity now
|
|
|
|
let item = (now, second (second encodePretty) r)
|
|
|
|
acts <- getsYesod appActivities
|
|
|
|
liftIO $ atomically $ modifyTVar' acts $ \ vec ->
|
|
|
|
let vec' = item `V.cons` vec
|
|
|
|
in if V.length vec' > 10
|
|
|
|
then V.init vec'
|
|
|
|
else vec'
|
|
|
|
case r of
|
|
|
|
Right _ -> return ()
|
|
|
|
Left _ -> notAuthenticated
|
|
|
|
where
|
|
|
|
liftE = ExceptT . pure
|
2019-03-10 15:42:03 +09:00
|
|
|
getActivity :: UTCTime -> ExceptT String Handler (ContentType, Doc Activity)
|
2019-01-19 10:56:50 +09:00
|
|
|
getActivity now = do
|
|
|
|
contentType <- do
|
|
|
|
ctypes <- lookupHeaders "Content-Type"
|
|
|
|
liftE $ case ctypes of
|
|
|
|
[] -> Left "Content-Type not specified"
|
|
|
|
[x] -> case x of
|
|
|
|
"application/activity+json" -> Right x
|
|
|
|
"application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"" -> Right x
|
|
|
|
_ -> Left "Unknown Content-Type"
|
|
|
|
_ -> Left "More than one Content-Type given"
|
2019-01-19 13:21:56 +09:00
|
|
|
HttpSigVerResult result <- ExceptT . fmap (first displayException) $ verifyRequestSignature now
|
2019-03-22 06:38:59 +09:00
|
|
|
(h, luActor) <- f2l . actorDetailId <$> liftE result
|
2019-03-14 08:37:58 +09:00
|
|
|
d@(Doc h' a) <- requireJsonBody
|
2019-03-10 15:42:03 +09:00
|
|
|
unless (h == h') $
|
|
|
|
throwE "Activity host doesn't match signature key host"
|
2019-03-14 08:37:58 +09:00
|
|
|
unless (activityActor a == luActor) $
|
2019-03-10 15:42:03 +09:00
|
|
|
throwE "Activity's actor != Signature key's actor"
|
|
|
|
return (contentType, d)
|
2019-01-22 00:54:57 +09:00
|
|
|
|
2019-02-12 20:53:24 +09:00
|
|
|
{-
|
2019-01-22 00:54:57 +09:00
|
|
|
jsonField :: (FromJSON a, ToJSON a) => Field Handler a
|
|
|
|
jsonField = checkMMap fromTextarea toTextarea textareaField
|
|
|
|
where
|
|
|
|
toTextarea = Textarea . TL.toStrict . encodePrettyToLazyText
|
|
|
|
fromTextarea = return . first T.pack . eitherDecodeStrict' . encodeUtf8 . unTextarea
|
2019-02-12 20:53:24 +09:00
|
|
|
-}
|
2019-01-22 00:54:57 +09:00
|
|
|
|
2019-02-12 20:53:24 +09:00
|
|
|
fedUriField
|
|
|
|
:: (Monad m, RenderMessage (HandlerSite m) FormMessage) => Field m FedURI
|
|
|
|
fedUriField = Field
|
|
|
|
{ fieldParse = parseHelper $ \ t ->
|
|
|
|
case parseFedURI t of
|
|
|
|
Left e -> Left $ MsgInvalidUrl $ T.pack e <> ": " <> t
|
|
|
|
Right u -> Right u
|
|
|
|
, fieldView = \theId name attrs val isReq ->
|
|
|
|
[whamlet|<input ##{theId} name=#{name} *{attrs} type=url :isReq:required value=#{either id renderFedURI val}>|]
|
|
|
|
, fieldEnctype = UrlEncoded
|
|
|
|
}
|
|
|
|
|
|
|
|
activityForm :: Form (FedURI, Text)
|
|
|
|
activityForm = renderDivs $ (,)
|
|
|
|
<$> areq fedUriField "To" (Just defto)
|
|
|
|
<*> areq textField "Message" (Just defmsg)
|
2019-01-22 00:54:57 +09:00
|
|
|
where
|
2019-03-05 05:12:19 +09:00
|
|
|
defto = FedURI "forge.angeley.es" "/s/fr33" ""
|
2019-02-12 20:53:24 +09:00
|
|
|
defmsg = "Hi! Nice to meet you :)"
|
2019-01-22 00:54:57 +09:00
|
|
|
|
|
|
|
activityWidget :: Widget -> Enctype -> Widget
|
|
|
|
activityWidget widget enctype =
|
|
|
|
[whamlet|
|
2019-02-12 20:53:24 +09:00
|
|
|
<p>
|
|
|
|
This is a federation test page. Provide a recepient actor URI and
|
|
|
|
message text, and a Create activity creating a new Note will be sent
|
|
|
|
to the destination server.
|
2019-01-22 00:54:57 +09:00
|
|
|
<form method=POST action=@{OutboxR} enctype=#{enctype}>
|
|
|
|
^{widget}
|
|
|
|
<input type=submit>
|
|
|
|
|]
|
|
|
|
|
|
|
|
getOutboxR :: Handler Html
|
|
|
|
getOutboxR = do
|
|
|
|
((_result, widget), enctype) <- runFormPost activityForm
|
|
|
|
defaultLayout $ activityWidget widget enctype
|
|
|
|
|
2019-02-12 20:53:24 +09:00
|
|
|
route2uri' :: (Route App -> Text) -> Route App -> FedURI
|
|
|
|
route2uri' renderUrl r =
|
|
|
|
case parseFedURI $ renderUrl r of
|
|
|
|
Left e -> error e
|
|
|
|
Right u -> u
|
|
|
|
|
2019-01-22 00:54:57 +09:00
|
|
|
postOutboxR :: Handler Html
|
|
|
|
postOutboxR = do
|
|
|
|
((result, widget), enctype) <- runFormPost activityForm
|
|
|
|
defaultLayout $ activityWidget widget enctype
|
|
|
|
case result of
|
|
|
|
FormMissing -> setMessage "Field(s) missing"
|
|
|
|
FormFailure _l -> setMessage "Invalid input, see below"
|
2019-02-12 20:53:24 +09:00
|
|
|
FormSuccess (to, msg) -> do
|
|
|
|
shr <- do
|
|
|
|
Entity _pid person <- requireVerifiedAuth
|
|
|
|
sharer <- runDB $ get404 $ personIdent person
|
|
|
|
return $ sharerIdent sharer
|
2019-01-22 00:54:57 +09:00
|
|
|
renderUrl <- getUrlRender
|
2019-02-12 20:53:24 +09:00
|
|
|
let route2uri = route2uri' renderUrl
|
2019-03-10 15:42:03 +09:00
|
|
|
(h, actor) = f2l $ route2uri $ SharerR shr
|
2019-02-15 07:13:58 +09:00
|
|
|
actorID = renderUrl $ SharerR shr
|
2019-03-10 15:42:03 +09:00
|
|
|
appendPath u t = u { luriPath = luriPath u <> t }
|
2019-03-14 08:37:58 +09:00
|
|
|
activity = Activity
|
|
|
|
{ activityId = appendPath actor "/fake-activity"
|
|
|
|
, activityActor = actor
|
2019-03-14 11:30:36 +09:00
|
|
|
, activityAudience = Audience
|
|
|
|
{ audienceTo = V.singleton to
|
|
|
|
, audienceBto = V.empty
|
|
|
|
, audienceCc = V.empty
|
|
|
|
, audienceBcc = V.empty
|
|
|
|
, audienceGeneral = V.empty
|
|
|
|
}
|
2019-03-14 08:37:58 +09:00
|
|
|
, activitySpecific = CreateActivity Create
|
2019-03-14 11:30:36 +09:00
|
|
|
{ createObject = Note
|
2019-03-14 08:37:58 +09:00
|
|
|
{ noteId = appendPath actor "/fake-note"
|
|
|
|
, noteReplyTo = Nothing
|
|
|
|
, noteContent = msg
|
|
|
|
}
|
2019-02-12 20:53:24 +09:00
|
|
|
}
|
|
|
|
}
|
2019-01-22 00:54:57 +09:00
|
|
|
manager <- getsYesod appHttpManager
|
2019-02-22 08:59:53 +09:00
|
|
|
let (host, lto) = f2l to
|
|
|
|
minbox <- fetchInboxURI manager host lto
|
2019-02-15 08:27:40 +09:00
|
|
|
for_ minbox $ \ inbox -> do
|
|
|
|
(akey1, akey2, new1) <- liftIO . readTVarIO =<< getsYesod appActorKeys
|
|
|
|
let (keyID, akey) =
|
|
|
|
if new1
|
|
|
|
then (renderUrl ActorKey1R, akey1)
|
|
|
|
else (renderUrl ActorKey2R, akey2)
|
|
|
|
sign b = (KeyId $ encodeUtf8 keyID, actorKeySign akey b)
|
2019-03-10 15:42:03 +09:00
|
|
|
eres' <- httpPostAP manager (l2f host inbox) (hRequestTarget :| [hHost, hDate, hActivityPubActor]) sign actorID $ Doc h activity
|
2019-02-15 08:27:40 +09:00
|
|
|
case eres' of
|
|
|
|
Left e -> setMessage $ toHtml $ "Failed to POST to recipient's inbox: " <> T.pack (displayException e)
|
|
|
|
Right _ -> setMessage "Activity posted! You can go to the target server's /inbox to see the result."
|
2019-01-22 00:54:57 +09:00
|
|
|
defaultLayout $ activityWidget widget enctype
|
2019-02-15 08:27:40 +09:00
|
|
|
where
|
2019-02-22 08:59:53 +09:00
|
|
|
fetchInboxURI :: Manager -> Text -> LocalURI -> Handler (Maybe LocalURI)
|
|
|
|
fetchInboxURI manager h lto = do
|
2019-03-10 02:12:43 +09:00
|
|
|
mrs <- runDB $ do
|
|
|
|
mi <- getBy $ UniqueInstance h
|
|
|
|
case mi of
|
|
|
|
Nothing -> return $ Left Nothing
|
|
|
|
Just (Entity iid _) ->
|
|
|
|
maybe (Left $ Just iid) Right <$>
|
|
|
|
getBy (UniqueRemoteSharer iid lto)
|
2019-02-15 08:27:40 +09:00
|
|
|
case mrs of
|
2019-03-10 02:12:43 +09:00
|
|
|
Left miid -> do
|
2019-02-22 08:59:53 +09:00
|
|
|
eres <- fetchAPID manager actorId h lto
|
2019-02-15 08:27:40 +09:00
|
|
|
case eres of
|
2019-02-22 08:59:53 +09:00
|
|
|
Left s -> do
|
2019-03-05 00:47:22 +09:00
|
|
|
setMessage $ toHtml $ T.concat
|
|
|
|
[ "Tried to fetch recipient actor <"
|
|
|
|
, renderFedURI $ l2f h lto
|
|
|
|
, "> and got an error: "
|
|
|
|
, T.pack s
|
|
|
|
]
|
2019-02-15 08:27:40 +09:00
|
|
|
return Nothing
|
2019-03-10 02:12:43 +09:00
|
|
|
Right actor -> withHostLock h $ do
|
2019-02-22 08:59:53 +09:00
|
|
|
let inbox = actorInbox actor
|
|
|
|
runDB $ do
|
2019-03-10 02:12:43 +09:00
|
|
|
(iid, inew) <-
|
|
|
|
case miid of
|
|
|
|
Just iid -> return (iid, False)
|
|
|
|
Nothing -> idAndNew <$> insertBy (Instance h)
|
|
|
|
let rs = RemoteSharer lto iid inbox
|
|
|
|
if inew
|
|
|
|
then insert_ rs
|
|
|
|
else insertUnique_ rs
|
2019-02-22 08:59:53 +09:00
|
|
|
return $ Just inbox
|
2019-03-10 02:12:43 +09:00
|
|
|
Right (Entity _rsid rs) -> return $ Just $ remoteSharerInbox rs
|
2019-02-07 19:34:33 +09:00
|
|
|
|
|
|
|
getActorKey :: ((ActorKey, ActorKey, Bool) -> ActorKey) -> Route App -> Handler TypedContent
|
2019-03-20 21:01:10 +09:00
|
|
|
getActorKey choose route = selectRep $ provideAP $ do
|
2019-02-07 19:34:33 +09:00
|
|
|
actorKey <-
|
|
|
|
liftIO . fmap (actorKeyPublicBin . choose) . readTVarIO =<<
|
|
|
|
getsYesod appActorKeys
|
2019-02-12 20:53:24 +09:00
|
|
|
route2uri <- route2uri' <$> getUrlRender
|
2019-02-22 08:59:53 +09:00
|
|
|
let (host, id_) = f2l $ route2uri route
|
2019-03-20 21:01:10 +09:00
|
|
|
return $ Doc host PublicKey
|
|
|
|
{ publicKeyId = id_
|
|
|
|
, publicKeyExpires = Nothing
|
|
|
|
, publicKeyOwner = OwnerInstance
|
|
|
|
, publicKeyMaterial = actorKey
|
|
|
|
--, publicKeyAlgo = Just AlgorithmEd25519
|
|
|
|
}
|
2019-02-07 19:34:33 +09:00
|
|
|
|
|
|
|
getActorKey1R :: Handler TypedContent
|
|
|
|
getActorKey1R = getActorKey (\ (k1, _, _) -> k1) ActorKey1R
|
|
|
|
|
|
|
|
getActorKey2R :: Handler TypedContent
|
2019-03-06 10:49:55 +09:00
|
|
|
getActorKey2R = getActorKey (\ (_, k2, _) -> k2) ActorKey2R
|