From ce6cc84a4a9bfe1d47d00201ab31c241878f0ab9 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Mon, 17 Apr 2017 13:44:41 +0200 Subject: [PATCH 01/28] Add basic webfinger. --- config/config.exs | 4 ++ lib/pleroma/web/router.ex | 11 ++++ lib/pleroma/web/web.ex | 13 ++-- lib/pleroma/web/web_finger/web_finger.ex | 38 ++++++++++++ .../web/web_finger/web_finger_controller.ex | 21 +++++++ lib/xml_builder.ex | 42 +++++++++++++ test/web/web_finger/web_finger_test.exs | 11 ++++ test/xml_builder_test.exs | 59 +++++++++++++++++++ 8 files changed, 195 insertions(+), 4 deletions(-) create mode 100644 lib/pleroma/web/web_finger/web_finger.ex create mode 100644 lib/pleroma/web/web_finger/web_finger_controller.ex create mode 100644 lib/xml_builder.ex create mode 100644 test/web/web_finger/web_finger_test.exs create mode 100644 test/xml_builder_test.exs diff --git a/config/config.exs b/config/config.exs index 2b041b10f..18a2490a4 100644 --- a/config/config.exs +++ b/config/config.exs @@ -26,6 +26,10 @@ config :logger, :console, format: "$time $metadata[$level] $message\n", metadata: [:request_id] +config :mime, :types, %{ + "application/xrd+xml" => ["xrd+xml"] +} + # Import environment specific config. This must remain at the bottom # of this file so it overrides the configuration defined above. import_config "#{Mix.env}.exs" diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 0446f622b..99d1f69c2 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -19,6 +19,10 @@ defmodule Pleroma.Web.Router do plug Pleroma.Plugs.AuthenticationPlug, %{fetcher: &Pleroma.Web.Router.user_fetcher/1} end + pipeline :well_known do + plug :accepts, ["xml", "xrd+xml"] + end + scope "/api", Pleroma.Web do pipe_through :api @@ -49,4 +53,11 @@ defmodule Pleroma.Web.Router do post "/statuses/retweet/:id", TwitterAPI.Controller, :retweet post "/qvitter/update_avatar", TwitterAPI.Controller, :update_avatar end + + scope "/.well-known", Pleroma.Web do + pipe_through :well_known + + get "/host-meta", WebFinger.WebFingerController, :host_meta + get "/webfinger", WebFinger.WebFingerController, :webfinger + end end diff --git a/lib/pleroma/web/web.ex b/lib/pleroma/web/web.ex index d03db2231..a81e3e6e1 100644 --- a/lib/pleroma/web/web.ex +++ b/lib/pleroma/web/web.ex @@ -61,12 +61,17 @@ defmodule Pleroma.Web do apply(__MODULE__, which, []) end + def host do + settings = Application.get_env(:pleroma, Pleroma.Web.Endpoint) + settings + |> Keyword.fetch!(:url) + |> Keyword.fetch!(:host) + end + def base_url do settings = Application.get_env(:pleroma, Pleroma.Web.Endpoint) - host = - settings - |> Keyword.fetch!(:url) - |> Keyword.fetch!(:host) + + host = host() protocol = settings |> Keyword.fetch!(:protocol) diff --git a/lib/pleroma/web/web_finger/web_finger.ex b/lib/pleroma/web/web_finger/web_finger.ex new file mode 100644 index 000000000..258ff7671 --- /dev/null +++ b/lib/pleroma/web/web_finger/web_finger.ex @@ -0,0 +1,38 @@ +defmodule Pleroma.Web.WebFinger do + alias Pleroma.XmlBuilder + alias Pleroma.User + + def host_meta() do + base_url = Pleroma.Web.base_url + { + :XRD, %{ xmlns: "http://docs.oasis-open.org/ns/xri/xrd-1.0" }, + { + :Link, %{ rel: "lrdd", type: "application/xrd+xml", template: "#{base_url}/.well-known/webfinger?resource={uri}" } + } + } + |> XmlBuilder.to_doc + end + + def webfinger(resource) do + host = Pleroma.Web.host + regex = ~r/acct:(?\w+)@#{host}/ + case Regex.named_captures(regex, resource) do + %{"username" => username} -> + user = User.get_cached_by_nickname(username) + {:ok, represent_user(user)} + _ -> nil + end + end + + def represent_user(user) do + { + :XRD, %{xmlns: "http://docs.oasis-open.org/ns/xri/xrd-1.0"}, + [ + {:Subject, "acct:#{user.nickname}@#{Pleroma.Web.host}"}, + {:Alias, user.ap_id}, + {:Link, %{rel: "http://schemas.google.com/g/2010#updates-from", type: "application/atom+xml", href: "#{user.ap_id}.atom"}} + ] + } + |> XmlBuilder.to_doc + end +end diff --git a/lib/pleroma/web/web_finger/web_finger_controller.ex b/lib/pleroma/web/web_finger/web_finger_controller.ex new file mode 100644 index 000000000..7c0fd3142 --- /dev/null +++ b/lib/pleroma/web/web_finger/web_finger_controller.ex @@ -0,0 +1,21 @@ +defmodule Pleroma.Web.WebFinger.WebFingerController do + use Pleroma.Web, :controller + + alias Pleroma.Web.WebFinger + + def host_meta(conn, _params) do + xml = WebFinger.host_meta + + conn + |> put_resp_content_type("application/xrd+xml") + |> send_resp(200, xml) + end + + def webfinger(conn, %{"resource" => resource}) do + {:ok, response} = Pleroma.Web.WebFinger.webfinger(resource) + + conn + |> put_resp_content_type("application/xrd+xml") + |> send_resp(200, response) + end +end diff --git a/lib/xml_builder.ex b/lib/xml_builder.ex new file mode 100644 index 000000000..ac1ac8a74 --- /dev/null +++ b/lib/xml_builder.ex @@ -0,0 +1,42 @@ +defmodule Pleroma.XmlBuilder do + def to_xml({tag, attributes, content}) do + open_tag = make_open_tag(tag, attributes) + + content_xml = to_xml(content) + + "<#{open_tag}>#{content_xml}" + end + + def to_xml({tag, %{} = attributes}) do + open_tag = make_open_tag(tag, attributes) + + "<#{open_tag} />" + end + + def to_xml({tag, content}), do: to_xml({tag, %{}, content}) + + def to_xml(content) when is_binary(content) do + to_string(content) + end + + def to_xml(content) when is_list(content) do + for element <- content do + to_xml(element) + end + |> Enum.join + end + + def to_xml(%NaiveDateTime{} = time) do + NaiveDateTime.to_iso8601(time) + end + + def to_doc(content), do: "" <> to_xml(content) + + defp make_open_tag(tag, attributes) do + attributes_string = for {attribute, value} <- attributes do + "#{attribute}=\"#{value}\"" + end |> Enum.join(" ") + + Enum.join([tag, attributes_string], " ") |> String.strip + end +end diff --git a/test/web/web_finger/web_finger_test.exs b/test/web/web_finger/web_finger_test.exs new file mode 100644 index 000000000..8a3007ff9 --- /dev/null +++ b/test/web/web_finger/web_finger_test.exs @@ -0,0 +1,11 @@ +defmodule Pleroma.Web.WebFingerTest do + use Pleroma.DataCase + + describe "host meta" do + test "returns a link to the xml lrdd" do + host_info = Pleroma.Web.WebFinger.host_meta + + assert String.contains?(host_info, Pleroma.Web.base_url) + end + end +end diff --git a/test/xml_builder_test.exs b/test/xml_builder_test.exs new file mode 100644 index 000000000..f502a0f0e --- /dev/null +++ b/test/xml_builder_test.exs @@ -0,0 +1,59 @@ +defmodule Pleroma.XmlBuilderTest do + use Pleroma.DataCase + alias Pleroma.XmlBuilder + + test "Build a basic xml string from a tuple" do + data = { :feed, %{ xmlns: "http://www.w3.org/2005/Atom"}, "Some content" } + + expected_xml = "Some content" + + assert XmlBuilder.to_xml(data) == expected_xml + end + + test "returns a complete document" do + data = { :feed, %{ xmlns: "http://www.w3.org/2005/Atom"}, "Some content" } + + expected_xml = "Some content" + + assert XmlBuilder.to_doc(data) == expected_xml + end + + test "Works without attributes" do + data = { + :feed, + "Some content" + } + + expected_xml = "Some content" + + assert XmlBuilder.to_xml(data) == expected_xml + end + + test "It works with nested tuples" do + data = { + :feed, + [ + {:guy, "brush"}, + {:lament, %{ configuration: "puzzle" }, "pinhead" } + ] + } + + expected_xml = ~s[brushpinhead] + + assert XmlBuilder.to_xml(data) == expected_xml + end + + test "Represents NaiveDateTime as iso8601" do + assert XmlBuilder.to_xml(~N[2000-01-01 13:13:33]) == "2000-01-01T13:13:33" + end + + test "Uses self-closing tags when no content is giving" do + data = { + :link, + %{ rel: "self" } + } + + expected_xml = ~s[] + assert XmlBuilder.to_xml(data) == expected_xml + end +end From 36e883cd4bed9c07df2a1dc1038265e075bea5c6 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Mon, 17 Apr 2017 14:12:36 +0200 Subject: [PATCH 02/28] Add basic Ostatus user representer. --- lib/pleroma/user.ex | 7 +++++++ lib/pleroma/web/ostatus/user_representer.ex | 14 ++++++++++++++ .../representers/user_representer.ex | 6 +----- test/web/ostatus/user_representer_test.exs | 17 +++++++++++++++++ 4 files changed, 39 insertions(+), 5 deletions(-) create mode 100644 lib/pleroma/web/ostatus/user_representer.ex create mode 100644 test/web/ostatus/user_representer_test.exs diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 1ab4e40cb..f8e4d6d0b 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -18,6 +18,13 @@ defmodule Pleroma.User do timestamps() end + def avatar_url(user) do + case user.avatar do + %{"url" => [%{"href" => href} | _]} -> href + _ -> "https://placehold.it/48x48" + end + end + def ap_id(%User{nickname: nickname}) do "#{Pleroma.Web.base_url}/users/#{nickname}" end diff --git a/lib/pleroma/web/ostatus/user_representer.ex b/lib/pleroma/web/ostatus/user_representer.ex new file mode 100644 index 000000000..66fc6e053 --- /dev/null +++ b/lib/pleroma/web/ostatus/user_representer.ex @@ -0,0 +1,14 @@ +defmodule Pleroma.Web.OStatus.UserRepresenter do + alias Pleroma.User + def to_tuple(user, wrapper \\ :author) do + { + wrapper, [ + { :id, user.ap_id }, + { :"activity:object", "http://activitystrea.ms/schema/1.0/person" }, + { :uri, user.ap_id }, + { :name, user.nickname }, + { :link, %{rel: "avatar", href: User.avatar_url(user)}} + ] + } + end +end diff --git a/lib/pleroma/web/twitter_api/representers/user_representer.ex b/lib/pleroma/web/twitter_api/representers/user_representer.ex index 2ee4ee254..7582a0f22 100644 --- a/lib/pleroma/web/twitter_api/representers/user_representer.ex +++ b/lib/pleroma/web/twitter_api/representers/user_representer.ex @@ -4,11 +4,7 @@ defmodule Pleroma.Web.TwitterAPI.Representers.UserRepresenter do alias Pleroma.User def to_map(user, opts) do - image = case user.avatar do - %{"url" => [%{"href" => href} | _]} -> href - _ -> "https://placehold.it/48x48" - end - + image = User.avatar_url(user) following = if opts[:for] do User.following?(opts[:for], user) else diff --git a/test/web/ostatus/user_representer_test.exs b/test/web/ostatus/user_representer_test.exs new file mode 100644 index 000000000..02a4b5b14 --- /dev/null +++ b/test/web/ostatus/user_representer_test.exs @@ -0,0 +1,17 @@ +defmodule Pleroma.Web.OStatus.UserRepresenterTest do + use Pleroma.DataCase + alias Pleroma.Web.OStatus.UserRepresenter + + import Pleroma.Factory + + test "returns a user with id, uri, name and link" do + user = build(:user) + tuple = UserRepresenter.to_tuple(user) + {:author, author} = tuple + + [:id, :uri, :name, :link] + |> Enum.each(fn (tag) -> + assert Enum.find(author, fn(e) -> tag == elem(e, 0) end) + end) + end +end From d23f3e3cf3c9a0051532493c60dbd9a7557bae81 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Tue, 18 Apr 2017 18:41:51 +0200 Subject: [PATCH 03/28] Add webfinger and basic feed support. --- lib/pleroma/web/ostatus/feed_representer.ex | 26 +++++++++++++ lib/pleroma/web/ostatus/ostatus.ex | 14 +++++++ lib/pleroma/web/ostatus/ostatus_controller.ex | 26 +++++++++++++ lib/pleroma/web/ostatus/user_representer.ex | 21 +++++----- lib/pleroma/web/router.ex | 10 +++++ lib/pleroma/web/web_finger/web_finger.ex | 3 +- test/web/ostatus/feed_representer_test.exs | 39 +++++++++++++++++++ test/web/ostatus/ostatus_controller_test.exs | 15 +++++++ test/web/ostatus/user_representer_test.exs | 23 ++++++++--- 9 files changed, 160 insertions(+), 17 deletions(-) create mode 100644 lib/pleroma/web/ostatus/feed_representer.ex create mode 100644 lib/pleroma/web/ostatus/ostatus.ex create mode 100644 lib/pleroma/web/ostatus/ostatus_controller.ex create mode 100644 test/web/ostatus/feed_representer_test.exs create mode 100644 test/web/ostatus/ostatus_controller_test.exs diff --git a/lib/pleroma/web/ostatus/feed_representer.ex b/lib/pleroma/web/ostatus/feed_representer.ex new file mode 100644 index 000000000..cb76022fe --- /dev/null +++ b/lib/pleroma/web/ostatus/feed_representer.ex @@ -0,0 +1,26 @@ +defmodule Pleroma.Web.OStatus.FeedRepresenter do + alias Pleroma.Web.OStatus + alias Pleroma.Web.OStatus.UserRepresenter + + def to_simple_form(user, activities, users) do + most_recent_update = List.first(activities).updated_at + |> NaiveDateTime.to_iso8601 + + h = fn(str) -> [to_charlist(str)] end + + entries = [] + [{ + :feed, [ + xmlns: 'http://www.w3.org/2005/Atom', + "xmlns:activity": 'http://activitystrea.ms/spec/1.0/' + ], [ + {:id, h.(OStatus.feed_path(user))}, + {:title, ['#{user.nickname}\'s timeline']}, + {:updated, h.(most_recent_update)}, + {:entries, []}, + {:link, [rel: 'hub', href: h.(OStatus.pubsub_path)], []}, + {:author, UserRepresenter.to_simple_form(user)} + ] + }] + end +end diff --git a/lib/pleroma/web/ostatus/ostatus.ex b/lib/pleroma/web/ostatus/ostatus.ex new file mode 100644 index 000000000..9fcbe6cb0 --- /dev/null +++ b/lib/pleroma/web/ostatus/ostatus.ex @@ -0,0 +1,14 @@ +defmodule Pleroma.Web.OStatus do + alias Pleroma.Web + + def feed_path(user) do + "#{user.ap_id}/feed.atom" + end + + def pubsub_path() do + "#{Web.base_url}/push/hub" + end + + def user_path(user) do + end +end diff --git a/lib/pleroma/web/ostatus/ostatus_controller.ex b/lib/pleroma/web/ostatus/ostatus_controller.ex new file mode 100644 index 000000000..ff6d7301a --- /dev/null +++ b/lib/pleroma/web/ostatus/ostatus_controller.ex @@ -0,0 +1,26 @@ +defmodule Pleroma.Web.OStatus.OStatusController do + use Pleroma.Web, :controller + + alias Pleroma.{User, Activity} + alias Pleroma.Web.OStatus.FeedRepresenter + alias Pleroma.Repo + import Ecto.Query + + def feed(conn, %{"nickname" => nickname}) do + user = User.get_cached_by_nickname(nickname) + query = from activity in Activity, + where: fragment("? @> ?", activity.data, ^%{actor: user.ap_id}), + limit: 20, + order_by: [desc: :inserted_at] + + activities = query + |> Repo.all + + response = FeedRepresenter.to_simple_form(user, activities, [user]) + |> :xmerl.export_simple(:xmerl_xml) + + conn + |> put_resp_content_type("application/atom+xml") + |> send_resp(200, response) + end +end diff --git a/lib/pleroma/web/ostatus/user_representer.ex b/lib/pleroma/web/ostatus/user_representer.ex index 66fc6e053..e7ee4cfeb 100644 --- a/lib/pleroma/web/ostatus/user_representer.ex +++ b/lib/pleroma/web/ostatus/user_representer.ex @@ -1,14 +1,15 @@ defmodule Pleroma.Web.OStatus.UserRepresenter do alias Pleroma.User - def to_tuple(user, wrapper \\ :author) do - { - wrapper, [ - { :id, user.ap_id }, - { :"activity:object", "http://activitystrea.ms/schema/1.0/person" }, - { :uri, user.ap_id }, - { :name, user.nickname }, - { :link, %{rel: "avatar", href: User.avatar_url(user)}} - ] - } + def to_simple_form(user) do + ap_id = to_charlist(user.ap_id) + nickname = to_charlist(user.nickname) + avatar_url = to_charlist(User.avatar_url(user)) + [ + { :id, [ap_id] }, + { :"activity:object", ['http://activitystrea.ms/schema/1.0/person'] }, + { :uri, [ap_id] }, + { :name, [nickname] }, + { :link, [rel: 'avatar', href: avatar_url], []} + ] end end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 99d1f69c2..cc1f0e165 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -54,6 +54,16 @@ defmodule Pleroma.Web.Router do post "/qvitter/update_avatar", TwitterAPI.Controller, :update_avatar end + pipeline :ostatus do + plug :accepts, ["xml", "atom"] + end + + scope "/users", Pleroma.Web do + pipe_through :ostatus + + get "/:nickname/feed", OStatus.OStatusController, :feed + end + scope "/.well-known", Pleroma.Web do pipe_through :well_known diff --git a/lib/pleroma/web/web_finger/web_finger.ex b/lib/pleroma/web/web_finger/web_finger.ex index 258ff7671..eb540e92a 100644 --- a/lib/pleroma/web/web_finger/web_finger.ex +++ b/lib/pleroma/web/web_finger/web_finger.ex @@ -1,6 +1,7 @@ defmodule Pleroma.Web.WebFinger do alias Pleroma.XmlBuilder alias Pleroma.User + alias Pleroma.Web.OStatus def host_meta() do base_url = Pleroma.Web.base_url @@ -30,7 +31,7 @@ defmodule Pleroma.Web.WebFinger do [ {:Subject, "acct:#{user.nickname}@#{Pleroma.Web.host}"}, {:Alias, user.ap_id}, - {:Link, %{rel: "http://schemas.google.com/g/2010#updates-from", type: "application/atom+xml", href: "#{user.ap_id}.atom"}} + {:Link, %{rel: "http://schemas.google.com/g/2010#updates-from", type: "application/atom+xml", href: OStatus.feed_path(user)}} ] } |> XmlBuilder.to_doc diff --git a/test/web/ostatus/feed_representer_test.exs b/test/web/ostatus/feed_representer_test.exs new file mode 100644 index 000000000..e252eca9f --- /dev/null +++ b/test/web/ostatus/feed_representer_test.exs @@ -0,0 +1,39 @@ +defmodule Pleroma.Web.OStatus.FeedRepresenterTest do + use Pleroma.DataCase + import Pleroma.Factory + alias Pleroma.User + alias Pleroma.Web.OStatus.{FeedRepresenter, UserRepresenter} + alias Pleroma.Web.OStatus + + test "returns a feed of the last 20 items of the user" do + note_activity = insert(:note_activity) + user = User.get_cached_by_ap_id(note_activity.data["actor"]) + + tuple = FeedRepresenter.to_simple_form(user, [note_activity], [user]) + + most_recent_update = note_activity.updated_at + |> NaiveDateTime.to_iso8601 + + res = :xmerl.export_simple_content(tuple, :xmerl_xml) |> IO.iodata_to_binary + user_xml = UserRepresenter.to_simple_form(user) + |> :xmerl.export_simple_content(:xmerl_xml) + + expected = """ + + #{OStatus.feed_path(user)} + #{user.nickname}'s timeline + #{most_recent_update} + + + + #{user_xml} + + + """ + assert clean(res) == clean(expected) + end + + defp clean(string) do + String.replace(string, ~r/\s/, "") + end +end diff --git a/test/web/ostatus/ostatus_controller_test.exs b/test/web/ostatus/ostatus_controller_test.exs new file mode 100644 index 000000000..229cd9b1e --- /dev/null +++ b/test/web/ostatus/ostatus_controller_test.exs @@ -0,0 +1,15 @@ +defmodule Pleroma.Web.OStatus.OStatusControllerTest do + use Pleroma.Web.ConnCase + import Pleroma.Factory + alias Pleroma.User + + test "gets a feed", %{conn: conn} do + note_activity = insert(:note_activity) + user = User.get_cached_by_ap_id(note_activity.data["actor"]) + + conn = conn + |> get("/users/#{user.nickname}/feed.atom") + + assert response(conn, 200) + end +end diff --git a/test/web/ostatus/user_representer_test.exs b/test/web/ostatus/user_representer_test.exs index 02a4b5b14..a401a56da 100644 --- a/test/web/ostatus/user_representer_test.exs +++ b/test/web/ostatus/user_representer_test.exs @@ -3,15 +3,26 @@ defmodule Pleroma.Web.OStatus.UserRepresenterTest do alias Pleroma.Web.OStatus.UserRepresenter import Pleroma.Factory + alias Pleroma.User test "returns a user with id, uri, name and link" do user = build(:user) - tuple = UserRepresenter.to_tuple(user) - {:author, author} = tuple + tuple = UserRepresenter.to_simple_form(user) - [:id, :uri, :name, :link] - |> Enum.each(fn (tag) -> - assert Enum.find(author, fn(e) -> tag == elem(e, 0) end) - end) + res = :xmerl.export_simple_content(tuple, :xmerl_xml) |> IO.iodata_to_binary + + expected = """ + #{user.ap_id} + http://activitystrea.ms/schema/1.0/person + #{user.ap_id} + #{user.nickname} + + """ + + assert clean(res) == clean(expected) + end + + defp clean(string) do + String.replace(string, ~r/\s/, "") end end From 9167a2ebe30f3835f2e9139443dc60f8f0c44563 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Wed, 19 Apr 2017 15:25:18 +0200 Subject: [PATCH 04/28] Send frontend through phoenix. --- lib/pleroma/web/endpoint.ex | 3 +++ lib/pleroma/web/router.ex | 10 ++++++++++ 2 files changed, 13 insertions(+) diff --git a/lib/pleroma/web/endpoint.ex b/lib/pleroma/web/endpoint.ex index 6af42a685..45a3a345d 100644 --- a/lib/pleroma/web/endpoint.ex +++ b/lib/pleroma/web/endpoint.ex @@ -9,6 +9,9 @@ defmodule Pleroma.Web.Endpoint do # when deploying your static files in production. plug Plug.Static, at: "/media", from: "uploads", gzip: false + plug Plug.Static, + at: "/", from: :pleroma, + only: ~w(index.html static) # Code reloading can be explicitly enabled under the # :code_reloader configuration of your endpoint. diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index cc1f0e165..05d497aa8 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -70,4 +70,14 @@ defmodule Pleroma.Web.Router do get "/host-meta", WebFinger.WebFingerController, :host_meta get "/webfinger", WebFinger.WebFingerController, :webfinger end + + scope "/", Fallback do + get "/*path", RedirectController, :redirector + end + +end + +defmodule Fallback.RedirectController do + use Pleroma.Web, :controller + def redirector(conn, _params), do: send_file(conn, 200, "priv/static/index.html") end From cc330421fd789f002d14e19692c4fbe75c0df4f2 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Thu, 20 Apr 2017 10:16:06 +0200 Subject: [PATCH 05/28] Better activities in ostatus. --- .../web/ostatus/activity_representer.ex | 20 ++++++++++ lib/pleroma/web/ostatus/feed_representer.ex | 10 +++-- lib/pleroma/web/ostatus/ostatus_controller.ex | 4 ++ lib/pleroma/web/router.ex | 5 ++- .../web/websub/websub_server_subscription.ex | 11 ++++++ ...143_create_webssub_server_subscription.exs | 15 ++++++++ .../web/ostatus/activity_representer_test.exs | 38 +++++++++++++++++++ test/web/ostatus/feed_representer_test.exs | 9 ++++- 8 files changed, 104 insertions(+), 8 deletions(-) create mode 100644 lib/pleroma/web/ostatus/activity_representer.ex create mode 100644 lib/pleroma/web/websub/websub_server_subscription.ex create mode 100644 priv/repo/migrations/20170418200143_create_webssub_server_subscription.exs create mode 100644 test/web/ostatus/activity_representer_test.exs diff --git a/lib/pleroma/web/ostatus/activity_representer.ex b/lib/pleroma/web/ostatus/activity_representer.ex new file mode 100644 index 000000000..558c85df4 --- /dev/null +++ b/lib/pleroma/web/ostatus/activity_representer.ex @@ -0,0 +1,20 @@ +defmodule Pleroma.Web.OStatus.ActivityRepresenter do + def to_simple_form(activity, user) do + h = fn(str) -> [to_charlist(str)] end + + updated_at = activity.updated_at + |> NaiveDateTime.to_iso8601 + inserted_at = activity.inserted_at + |> NaiveDateTime.to_iso8601 + + [ + {:"activity:object-type", ['http://activitystrea.ms/schema/1.0/note']}, + {:"activity:verb", ['http://activitystrea.ms/schema/1.0/post']}, + {:id, h.(activity.data["id"])}, + {:title, ['New note by #{user.nickname}']}, + {:content, [type: 'html'], h.(activity.data["object"]["content"])}, + {:published, h.(inserted_at)}, + {:updated, h.(updated_at)} + ] + end +end diff --git a/lib/pleroma/web/ostatus/feed_representer.ex b/lib/pleroma/web/ostatus/feed_representer.ex index cb76022fe..def684405 100644 --- a/lib/pleroma/web/ostatus/feed_representer.ex +++ b/lib/pleroma/web/ostatus/feed_representer.ex @@ -1,6 +1,6 @@ defmodule Pleroma.Web.OStatus.FeedRepresenter do alias Pleroma.Web.OStatus - alias Pleroma.Web.OStatus.UserRepresenter + alias Pleroma.Web.OStatus.{UserRepresenter, ActivityRepresenter} def to_simple_form(user, activities, users) do most_recent_update = List.first(activities).updated_at @@ -8,7 +8,10 @@ defmodule Pleroma.Web.OStatus.FeedRepresenter do h = fn(str) -> [to_charlist(str)] end - entries = [] + entries = Enum.map(activities, fn(activity) -> + {:entry, ActivityRepresenter.to_simple_form(activity, user)} + end) + [{ :feed, [ xmlns: 'http://www.w3.org/2005/Atom', @@ -17,10 +20,9 @@ defmodule Pleroma.Web.OStatus.FeedRepresenter do {:id, h.(OStatus.feed_path(user))}, {:title, ['#{user.nickname}\'s timeline']}, {:updated, h.(most_recent_update)}, - {:entries, []}, {:link, [rel: 'hub', href: h.(OStatus.pubsub_path)], []}, {:author, UserRepresenter.to_simple_form(user)} - ] + ] ++ entries }] end end diff --git a/lib/pleroma/web/ostatus/ostatus_controller.ex b/lib/pleroma/web/ostatus/ostatus_controller.ex index ff6d7301a..4db4a55e6 100644 --- a/lib/pleroma/web/ostatus/ostatus_controller.ex +++ b/lib/pleroma/web/ostatus/ostatus_controller.ex @@ -23,4 +23,8 @@ defmodule Pleroma.Web.OStatus.OStatusController do |> put_resp_content_type("application/atom+xml") |> send_resp(200, response) end + + def temp(conn, params) do + IO.inspect(params) + end end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index cc1f0e165..e6d000881 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -58,10 +58,11 @@ defmodule Pleroma.Web.Router do plug :accepts, ["xml", "atom"] end - scope "/users", Pleroma.Web do + scope "/", Pleroma.Web do pipe_through :ostatus - get "/:nickname/feed", OStatus.OStatusController, :feed + get "/users/:nickname/feed", OStatus.OStatusController, :feed + post "/push/hub", OStatus.OStatusController, :temp end scope "/.well-known", Pleroma.Web do diff --git a/lib/pleroma/web/websub/websub_server_subscription.ex b/lib/pleroma/web/websub/websub_server_subscription.ex new file mode 100644 index 000000000..2562239ad --- /dev/null +++ b/lib/pleroma/web/websub/websub_server_subscription.ex @@ -0,0 +1,11 @@ +defmodule Pleroma.Web.Websub.WebsubServerSubscription do + use Ecto.Schema + + schema "websub_server_subscriptions" do + field :topic, :string + field :callback, :string + field :secret, :string + field :valid_until, :naive_datetime + field :state, :string + end +end diff --git a/priv/repo/migrations/20170418200143_create_webssub_server_subscription.exs b/priv/repo/migrations/20170418200143_create_webssub_server_subscription.exs new file mode 100644 index 000000000..fe2fa2304 --- /dev/null +++ b/priv/repo/migrations/20170418200143_create_webssub_server_subscription.exs @@ -0,0 +1,15 @@ +defmodule Pleroma.Repo.Migrations.CreateWebsubServerSubscription do + use Ecto.Migration + + def change do + create table(:websub_server_subscriptions) do + add :topic, :string + add :callback, :string + add :secret, :string + add :valid_until, :naive_datetime + add :state, :string + + timestamps() + end + end +end diff --git a/test/web/ostatus/activity_representer_test.exs b/test/web/ostatus/activity_representer_test.exs new file mode 100644 index 000000000..16a9d3b00 --- /dev/null +++ b/test/web/ostatus/activity_representer_test.exs @@ -0,0 +1,38 @@ +defmodule Pleroma.Web.OStatus.ActivityRepresenterTest do + use Pleroma.DataCase + + alias Pleroma.Web.OStatus.ActivityRepresenter + alias Pleroma.User + + import Pleroma.Factory + + test "a note activity" do + note_activity = insert(:note_activity) + updated_at = note_activity.updated_at + |> NaiveDateTime.to_iso8601 + inserted_at = note_activity.inserted_at + |> NaiveDateTime.to_iso8601 + + user = User.get_cached_by_ap_id(note_activity.data["actor"]) + + expected = """ + http://activitystrea.ms/schema/1.0/note + http://activitystrea.ms/schema/1.0/post + #{note_activity.data["id"]} + New note by #{user.nickname} + #{note_activity.data["object"]["content"]} + #{inserted_at} + #{updated_at} + """ + + tuple = ActivityRepresenter.to_simple_form(note_activity, user) + + res = :xmerl.export_simple_content(tuple, :xmerl_xml) |> IO.iodata_to_binary + + assert clean(res) == clean(expected) + end + + defp clean(string) do + String.replace(string, ~r/\s/, "") + end +end diff --git a/test/web/ostatus/feed_representer_test.exs b/test/web/ostatus/feed_representer_test.exs index e252eca9f..dddc63ebf 100644 --- a/test/web/ostatus/feed_representer_test.exs +++ b/test/web/ostatus/feed_representer_test.exs @@ -2,7 +2,7 @@ defmodule Pleroma.Web.OStatus.FeedRepresenterTest do use Pleroma.DataCase import Pleroma.Factory alias Pleroma.User - alias Pleroma.Web.OStatus.{FeedRepresenter, UserRepresenter} + alias Pleroma.Web.OStatus.{FeedRepresenter, UserRepresenter, ActivityRepresenter} alias Pleroma.Web.OStatus test "returns a feed of the last 20 items of the user" do @@ -18,16 +18,21 @@ defmodule Pleroma.Web.OStatus.FeedRepresenterTest do user_xml = UserRepresenter.to_simple_form(user) |> :xmerl.export_simple_content(:xmerl_xml) + entry_xml = ActivityRepresenter.to_simple_form(note_activity, user) + |> :xmerl.export_simple_content(:xmerl_xml) + expected = """ #{OStatus.feed_path(user)} #{user.nickname}'s timeline #{most_recent_update} - #{user_xml} + + #{entry_xml} + """ assert clean(res) == clean(expected) From 1b9cc721a0d49d786b4864c2b8aceaf49b9ff088 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Thu, 20 Apr 2017 17:47:33 +0200 Subject: [PATCH 06/28] Websub controller beginnings. --- lib/pleroma/web/ostatus/feed_representer.ex | 2 +- lib/pleroma/web/ostatus/ostatus.ex | 4 +- lib/pleroma/web/router.ex | 2 +- lib/pleroma/web/websub/websub_controller.ex | 48 +++++++++++++++++++ .../web/websub/websub_server_subscription.ex | 2 + test/web/ostatus/feed_representer_test.exs | 2 +- test/web/websub/websub_controller_test.exs | 30 ++++++++++++ 7 files changed, 85 insertions(+), 5 deletions(-) create mode 100644 lib/pleroma/web/websub/websub_controller.ex create mode 100644 test/web/websub/websub_controller_test.exs diff --git a/lib/pleroma/web/ostatus/feed_representer.ex b/lib/pleroma/web/ostatus/feed_representer.ex index def684405..1576b4710 100644 --- a/lib/pleroma/web/ostatus/feed_representer.ex +++ b/lib/pleroma/web/ostatus/feed_representer.ex @@ -20,7 +20,7 @@ defmodule Pleroma.Web.OStatus.FeedRepresenter do {:id, h.(OStatus.feed_path(user))}, {:title, ['#{user.nickname}\'s timeline']}, {:updated, h.(most_recent_update)}, - {:link, [rel: 'hub', href: h.(OStatus.pubsub_path)], []}, + {:link, [rel: 'hub', href: h.(OStatus.pubsub_path(user))], []}, {:author, UserRepresenter.to_simple_form(user)} ] ++ entries }] diff --git a/lib/pleroma/web/ostatus/ostatus.ex b/lib/pleroma/web/ostatus/ostatus.ex index 9fcbe6cb0..d21b9078f 100644 --- a/lib/pleroma/web/ostatus/ostatus.ex +++ b/lib/pleroma/web/ostatus/ostatus.ex @@ -5,8 +5,8 @@ defmodule Pleroma.Web.OStatus do "#{user.ap_id}/feed.atom" end - def pubsub_path() do - "#{Web.base_url}/push/hub" + def pubsub_path(user) do + "#{Web.base_url}/push/hub/#{user.nickname}" end def user_path(user) do diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 0264d8d3f..33e395218 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -62,7 +62,7 @@ defmodule Pleroma.Web.Router do pipe_through :ostatus get "/users/:nickname/feed", OStatus.OStatusController, :feed - post "/push/hub", OStatus.OStatusController, :temp + post "/push/hub/:nickname", Websub.WebsubController, :websub_subscription_request end scope "/.well-known", Pleroma.Web do diff --git a/lib/pleroma/web/websub/websub_controller.ex b/lib/pleroma/web/websub/websub_controller.ex new file mode 100644 index 000000000..09305c337 --- /dev/null +++ b/lib/pleroma/web/websub/websub_controller.ex @@ -0,0 +1,48 @@ +defmodule Pleroma.Web.Websub.WebsubController do + use Pleroma.Web, :controller + alias Pleroma.Web.Websub.WebsubServerSubscription + alias Pleroma.{Repo, User} + alias Pleroma.Web.OStatus + def websub_subscription_request(conn, %{"nickname" => nickname} = params) do + user = User.get_cached_by_nickname(nickname) + + with {:ok, topic} <- valid_topic(params, user), + {:ok, lease_time} <- lease_time(params), + secret <- params["hub.secret"] + do + data = %{ + state: "requested", + topic: topic, + secret: secret + } + + change = Ecto.Changeset.change(%WebsubServerSubscription{}, data) + websub = Repo.insert!(change) + + change = Ecto.Changeset.change(websub, %{valid_until: NaiveDateTime.add(websub.inserted_at, lease_time)}) + websub = Repo.update!(change) + + conn + |> send_resp(202, "Accepted") + else {:error, reason} -> + conn + |> send_resp(500, reason) + end + end + + defp lease_time(%{"hub.lease_seconds" => lease_seconds}) do + {:ok, lease_seconds} + end + + defp lease_time(_) do + {:ok, 60 * 60 * 24 * 3} # three days + end + + defp valid_topic(%{"hub.topic" => topic}, user) do + if topic == OStatus.feed_path(user) do + {:ok, topic} + else + {:error, "Wrong topic requested, expected #{OStatus.feed_path(user)}, got #{topic}"} + end + end +end diff --git a/lib/pleroma/web/websub/websub_server_subscription.ex b/lib/pleroma/web/websub/websub_server_subscription.ex index 2562239ad..a29dd5860 100644 --- a/lib/pleroma/web/websub/websub_server_subscription.ex +++ b/lib/pleroma/web/websub/websub_server_subscription.ex @@ -7,5 +7,7 @@ defmodule Pleroma.Web.Websub.WebsubServerSubscription do field :secret, :string field :valid_until, :naive_datetime field :state, :string + + timestamps() end end diff --git a/test/web/ostatus/feed_representer_test.exs b/test/web/ostatus/feed_representer_test.exs index dddc63ebf..3d8eaac6e 100644 --- a/test/web/ostatus/feed_representer_test.exs +++ b/test/web/ostatus/feed_representer_test.exs @@ -26,7 +26,7 @@ defmodule Pleroma.Web.OStatus.FeedRepresenterTest do #{OStatus.feed_path(user)} #{user.nickname}'s timeline #{most_recent_update} - + #{user_xml} diff --git a/test/web/websub/websub_controller_test.exs b/test/web/websub/websub_controller_test.exs new file mode 100644 index 000000000..4eff598d6 --- /dev/null +++ b/test/web/websub/websub_controller_test.exs @@ -0,0 +1,30 @@ +defmodule Pleroma.Web.Websub.WebsubControllerTest do + use Pleroma.Web.ConnCase + import Pleroma.Factory + alias Pleroma.Repo + alias Pleroma.Web.Websub.WebsubServerSubscription + + test "websub subscription request", %{conn: conn} do + user = insert(:user) + + path = Pleroma.Web.OStatus.pubsub_path(user) + + data = %{ + "hub.callback": "http://example.org/sub", + "hub.mode": "subscription", + "hub.topic": Pleroma.Web.OStatus.feed_path(user), + "hub.secret": "a random secret", + "hub.lease_seconds": 100 + } + + conn = conn + |> post(path, data) + + assert response(conn, 202) == "Accepted" + subscription = Repo.one!(WebsubServerSubscription) + assert subscription.topic == Pleroma.Web.OStatus.feed_path(user) + assert subscription.state == "requested" + assert subscription.secret == "a random secret" + assert subscription.valid_until == NaiveDateTime.add(subscription.inserted_at, 100) + end +end From 424e0e77792361d8f43a085c7cd3b2e9d566a22d Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Fri, 21 Apr 2017 03:59:11 +0200 Subject: [PATCH 07/28] Add Websub verification. --- lib/pleroma/web/websub/websub.ex | 23 +++++++++++++++++ mix.exs | 1 + mix.lock | 1 + test/support/factory.ex | 10 ++++++++ test/web/websub/websub_test.exs | 44 ++++++++++++++++++++++++++++++++ 5 files changed, 79 insertions(+) create mode 100644 lib/pleroma/web/websub/websub.ex create mode 100644 test/web/websub/websub_test.exs diff --git a/lib/pleroma/web/websub/websub.ex b/lib/pleroma/web/websub/websub.ex new file mode 100644 index 000000000..c7752487c --- /dev/null +++ b/lib/pleroma/web/websub/websub.ex @@ -0,0 +1,23 @@ +defmodule Pleroma.Web.Websub do + alias Pleroma.Repo + + def verify(subscription, getter \\ &HTTPoison.get/3 ) do + challenge = Base.encode16(:crypto.strong_rand_bytes(8)) + lease_seconds = NaiveDateTime.diff(subscription.inserted_at, subscription.valid_until) + with {:ok, response} <- getter.(subscription.callback, [], [params: %{ + "hub.challenge": challenge, + "hub.lease_seconds": lease_seconds, + "hub.topic": subscription.topic, + "hub.mode": "subscribe" + }]), + ^challenge <- response.body + do + changeset = Ecto.Changeset.change(subscription, %{state: "active"}) + Repo.update(changeset) + else _e -> + changeset = Ecto.Changeset.change(subscription, %{state: "rejected"}) + {:ok, subscription } = Repo.update(changeset) + {:error, subscription} + end + end +end diff --git a/mix.exs b/mix.exs index f6831550b..0e54f0246 100644 --- a/mix.exs +++ b/mix.exs @@ -39,6 +39,7 @@ defmodule Pleroma.Mixfile do {:html_sanitize_ex, "~> 1.0.0"}, {:calendar, "~> 0.16.1"}, {:cachex, "~> 2.1"}, + {:httpoison, "~> 0.11.1"}, {:ex_machina, "~> 2.0", only: :test}, {:mix_test_watch, "~> 0.2", only: :dev}] end diff --git a/mix.lock b/mix.lock index a44ffa8d0..225a62f7a 100644 --- a/mix.lock +++ b/mix.lock @@ -18,6 +18,7 @@ "gettext": {:hex, :gettext, "0.13.1", "5e0daf4e7636d771c4c71ad5f3f53ba09a9ae5c250e1ab9c42ba9edccc476263", [:mix], []}, "hackney": {:hex, :hackney, "1.7.1", "e238c52c5df3c3b16ce613d3a51c7220a784d734879b1e231c9babd433ac1cb4", [:rebar3], [{:certifi, "1.0.0", [hex: :certifi, optional: false]}, {:idna, "4.0.0", [hex: :idna, optional: false]}, {:metrics, "1.0.1", [hex: :metrics, optional: false]}, {:mimerl, "1.0.2", [hex: :mimerl, optional: false]}, {:ssl_verify_fun, "1.1.1", [hex: :ssl_verify_fun, optional: false]}]}, "html_sanitize_ex": {:hex, :html_sanitize_ex, "1.0.1", "2572e7122c78ab7e57b613e7c7f5e42bf9b3c25e430e32f23f1413d86db8a0af", [:mix], [{:mochiweb, "~> 2.12.2", [hex: :mochiweb, optional: false]}]}, + "httpoison": {:hex, :httpoison, "0.11.1", "d06c571274c0e77b6cc50e548db3fd7779f611fbed6681fd60a331f66c143a0b", [:mix], [{:hackney, "~> 1.7.0", [hex: :hackney, optional: false]}]}, "idna": {:hex, :idna, "4.0.0", "10aaa9f79d0b12cf0def53038547855b91144f1bfcc0ec73494f38bb7b9c4961", [:rebar3], []}, "metrics": {:hex, :metrics, "1.0.1", "25f094dea2cda98213cecc3aeff09e940299d950904393b2a29d191c346a8486", [:rebar3], []}, "mime": {:hex, :mime, "1.1.0", "01c1d6f4083d8aa5c7b8c246ade95139620ef8effb009edde934e0ec3b28090a", [:mix], []}, diff --git a/test/support/factory.ex b/test/support/factory.ex index 3fc9cf710..401fdfda3 100644 --- a/test/support/factory.ex +++ b/test/support/factory.ex @@ -64,4 +64,14 @@ defmodule Pleroma.Factory do data: data } end + + def websub_subscription_factory do + %Pleroma.Web.Websub.WebsubServerSubscription{ + topic: "http://example.org", + callback: "http://example/org/callback", + secret: "here's a secret", + valid_until: NaiveDateTime.add(NaiveDateTime.utc_now, 100), + state: "requested" + } + end end diff --git a/test/web/websub/websub_test.exs b/test/web/websub/websub_test.exs new file mode 100644 index 000000000..93a44fe46 --- /dev/null +++ b/test/web/websub/websub_test.exs @@ -0,0 +1,44 @@ +defmodule Pleroma.Web.WebsubTest do + use Pleroma.DataCase + alias Pleroma.Web.Websub + import Pleroma.Factory + + test "a verification of a request that is accepted" do + sub = insert(:websub_subscription) + topic = sub.topic + + getter = fn (_path, _headers, options) -> + %{ + "hub.challenge": challenge, + "hub.lease_seconds": seconds, + "hub.topic": ^topic, + "hub.mode": "subscribe" + } = Keyword.get(options, :params) + + assert is_number(seconds) + + {:ok, %HTTPoison.Response{ + status_code: 200, + body: challenge + }} + end + + {:ok, sub} = Websub.verify(sub, getter) + assert sub.state == "active" + end + + test "a verification of a request that doesn't return 200" do + sub = insert(:websub_subscription) + topic = sub.topic + + getter = fn (_path, _headers, _options) -> + {:ok, %HTTPoison.Response{ + status_code: 500, + body: "" + }} + end + + {:error, sub} = Websub.verify(sub, getter) + assert sub.state == "rejected" + end +end From f51a672ac43696424034107c4f397e2b6b01d623 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Fri, 21 Apr 2017 04:22:02 +0200 Subject: [PATCH 08/28] Return object id in Ostatus create activties. --- lib/pleroma/web/ostatus/activity_representer.ex | 4 ++-- test/web/ostatus/activity_representer_test.exs | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/pleroma/web/ostatus/activity_representer.ex b/lib/pleroma/web/ostatus/activity_representer.ex index 558c85df4..6f101109c 100644 --- a/lib/pleroma/web/ostatus/activity_representer.ex +++ b/lib/pleroma/web/ostatus/activity_representer.ex @@ -1,5 +1,5 @@ defmodule Pleroma.Web.OStatus.ActivityRepresenter do - def to_simple_form(activity, user) do + def to_simple_form(%{data: %{"object" => %{"type" => "Note"}}} = activity, user) do h = fn(str) -> [to_charlist(str)] end updated_at = activity.updated_at @@ -10,7 +10,7 @@ defmodule Pleroma.Web.OStatus.ActivityRepresenter do [ {:"activity:object-type", ['http://activitystrea.ms/schema/1.0/note']}, {:"activity:verb", ['http://activitystrea.ms/schema/1.0/post']}, - {:id, h.(activity.data["id"])}, + {:id, h.(activity.data["object"]["id"])}, {:title, ['New note by #{user.nickname}']}, {:content, [type: 'html'], h.(activity.data["object"]["content"])}, {:published, h.(inserted_at)}, diff --git a/test/web/ostatus/activity_representer_test.exs b/test/web/ostatus/activity_representer_test.exs index 16a9d3b00..de79717b1 100644 --- a/test/web/ostatus/activity_representer_test.exs +++ b/test/web/ostatus/activity_representer_test.exs @@ -18,7 +18,7 @@ defmodule Pleroma.Web.OStatus.ActivityRepresenterTest do expected = """ http://activitystrea.ms/schema/1.0/note http://activitystrea.ms/schema/1.0/post - #{note_activity.data["id"]} + #{note_activity.data["object"]["id"]} New note by #{user.nickname} #{note_activity.data["object"]["content"]} #{inserted_at} From 39dc74f967e3fdbcd949c50df8d2c5ed74f876ff Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sat, 22 Apr 2017 12:05:48 +0200 Subject: [PATCH 09/28] Add callback to websub subscription. --- lib/pleroma/web/websub/websub_controller.ex | 9 +++++++-- test/web/websub/websub_controller_test.exs | 3 ++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/lib/pleroma/web/websub/websub_controller.ex b/lib/pleroma/web/websub/websub_controller.ex index 09305c337..5766dff64 100644 --- a/lib/pleroma/web/websub/websub_controller.ex +++ b/lib/pleroma/web/websub/websub_controller.ex @@ -3,6 +3,7 @@ defmodule Pleroma.Web.Websub.WebsubController do alias Pleroma.Web.Websub.WebsubServerSubscription alias Pleroma.{Repo, User} alias Pleroma.Web.OStatus + alias Pleroma.Web.Websub def websub_subscription_request(conn, %{"nickname" => nickname} = params) do user = User.get_cached_by_nickname(nickname) @@ -13,7 +14,8 @@ defmodule Pleroma.Web.Websub.WebsubController do data = %{ state: "requested", topic: topic, - secret: secret + secret: secret, + callback: params["hub.callback"] } change = Ecto.Changeset.change(%WebsubServerSubscription{}, data) @@ -22,6 +24,9 @@ defmodule Pleroma.Web.Websub.WebsubController do change = Ecto.Changeset.change(websub, %{valid_until: NaiveDateTime.add(websub.inserted_at, lease_time)}) websub = Repo.update!(change) + # Just spawn that for now, maybe pool later. + spawn(fn -> Websub.verify(websub) end) + conn |> send_resp(202, "Accepted") else {:error, reason} -> @@ -31,7 +36,7 @@ defmodule Pleroma.Web.Websub.WebsubController do end defp lease_time(%{"hub.lease_seconds" => lease_seconds}) do - {:ok, lease_seconds} + {:ok, String.to_integer(lease_seconds)} end defp lease_time(_) do diff --git a/test/web/websub/websub_controller_test.exs b/test/web/websub/websub_controller_test.exs index 4eff598d6..584db0a19 100644 --- a/test/web/websub/websub_controller_test.exs +++ b/test/web/websub/websub_controller_test.exs @@ -14,7 +14,7 @@ defmodule Pleroma.Web.Websub.WebsubControllerTest do "hub.mode": "subscription", "hub.topic": Pleroma.Web.OStatus.feed_path(user), "hub.secret": "a random secret", - "hub.lease_seconds": 100 + "hub.lease_seconds": "100" } conn = conn @@ -25,6 +25,7 @@ defmodule Pleroma.Web.Websub.WebsubControllerTest do assert subscription.topic == Pleroma.Web.OStatus.feed_path(user) assert subscription.state == "requested" assert subscription.secret == "a random secret" + assert subscription.callback == "http://example.org/sub" assert subscription.valid_until == NaiveDateTime.add(subscription.inserted_at, 100) end end From 77cb260628fda32ffa42c68dbafab21fa6335469 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sat, 22 Apr 2017 12:07:51 +0200 Subject: [PATCH 10/28] add basic federation to websub. --- lib/pleroma/web/websub/websub.ex | 42 ++++++++++++++++++++++++++------ test/web/websub/websub_test.exs | 2 +- 2 files changed, 36 insertions(+), 8 deletions(-) diff --git a/lib/pleroma/web/websub/websub.ex b/lib/pleroma/web/websub/websub.ex index c7752487c..26a10788a 100644 --- a/lib/pleroma/web/websub/websub.ex +++ b/lib/pleroma/web/websub/websub.ex @@ -1,15 +1,26 @@ defmodule Pleroma.Web.Websub do alias Pleroma.Repo + alias Pleroma.Websub + alias Pleroma.Web.Websub.WebsubServerSubscription + alias Pleroma.Web.OStatus.FeedRepresenter + + import Ecto.Query def verify(subscription, getter \\ &HTTPoison.get/3 ) do challenge = Base.encode16(:crypto.strong_rand_bytes(8)) - lease_seconds = NaiveDateTime.diff(subscription.inserted_at, subscription.valid_until) - with {:ok, response} <- getter.(subscription.callback, [], [params: %{ - "hub.challenge": challenge, - "hub.lease_seconds": lease_seconds, - "hub.topic": subscription.topic, - "hub.mode": "subscribe" - }]), + lease_seconds = NaiveDateTime.diff(subscription.valid_until, subscription.inserted_at) |> to_string + + params = %{ + "hub.challenge": challenge, + "hub.lease_seconds": lease_seconds, + "hub.topic": subscription.topic, + "hub.mode": "subscribe" + } + + url = hd(String.split(subscription.callback, "?")) + query = URI.parse(subscription.callback).query || "" + params = Map.merge(params, URI.decode_query(query)) + with {:ok, response} <- getter.(url, [], [params: params]), ^challenge <- response.body do changeset = Ecto.Changeset.change(subscription, %{state: "active"}) @@ -20,4 +31,21 @@ defmodule Pleroma.Web.Websub do {:error, subscription} end end + + def publish(topic, user, activity) do + query = from sub in WebsubServerSubscription, + where: sub.topic == ^topic and sub.state == "active" + subscriptions = Repo.all(query) + Enum.each(subscriptions, fn(sub) -> + response = FeedRepresenter.to_simple_form(user, [activity], [user]) + |> :xmerl.export_simple(:xmerl_xml) + + signature = :crypto.hmac(:sha, sub.secret, response) |> Base.encode16 + + HTTPoison.post(sub.callback, response, [ + {"Content-Type", "application/atom+xml"}, + {"X-Hub-Signature", "sha1=#{signature}"} + ]) + end) + end end diff --git a/test/web/websub/websub_test.exs b/test/web/websub/websub_test.exs index 93a44fe46..36ea82299 100644 --- a/test/web/websub/websub_test.exs +++ b/test/web/websub/websub_test.exs @@ -15,7 +15,7 @@ defmodule Pleroma.Web.WebsubTest do "hub.mode": "subscribe" } = Keyword.get(options, :params) - assert is_number(seconds) + assert String.to_integer(seconds) > 0 {:ok, %HTTPoison.Response{ status_code: 200, From a2b79ce7d14060f643439bc95be4eded399b05c2 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sat, 22 Apr 2017 12:08:20 +0200 Subject: [PATCH 11/28] Add outgoin federation to twitter api. Doesn't really belong there, find a different place for it. Should federate on every activity insertion. --- lib/pleroma/web/twitter_api/twitter_api.ex | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex index 1053120c4..0f84cffbd 100644 --- a/lib/pleroma/web/twitter_api/twitter_api.ex +++ b/lib/pleroma/web/twitter_api/twitter_api.ex @@ -66,7 +66,9 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do end with {:ok, activity} <- ActivityPub.insert(activity) do - add_conversation_id(activity) + {:ok, activity} = add_conversation_id(activity) + Pleroma.Web.Websub.publish(Pleroma.Web.OStatus.feed_path(user), user, activity) + {:ok, activity} end end From ece85fc8bc18a67079179922cf728786c1c444e6 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sat, 22 Apr 2017 12:09:13 +0200 Subject: [PATCH 12/28] Add attachments to feed. --- lib/pleroma/web/ostatus/activity_representer.ex | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/ostatus/activity_representer.ex b/lib/pleroma/web/ostatus/activity_representer.ex index 6f101109c..daaa4ef03 100644 --- a/lib/pleroma/web/ostatus/activity_representer.ex +++ b/lib/pleroma/web/ostatus/activity_representer.ex @@ -7,6 +7,11 @@ defmodule Pleroma.Web.OStatus.ActivityRepresenter do inserted_at = activity.inserted_at |> NaiveDateTime.to_iso8601 + attachments = Enum.map(activity.data["object"]["attachment"] || [], fn(attachment) -> + url = hd(attachment["url"]) + {:link, [rel: 'enclosure', href: to_charlist(url["href"]), type: to_charlist(url["mediaType"])], []} + end) + [ {:"activity:object-type", ['http://activitystrea.ms/schema/1.0/note']}, {:"activity:verb", ['http://activitystrea.ms/schema/1.0/post']}, @@ -15,6 +20,6 @@ defmodule Pleroma.Web.OStatus.ActivityRepresenter do {:content, [type: 'html'], h.(activity.data["object"]["content"])}, {:published, h.(inserted_at)}, {:updated, h.(updated_at)} - ] + ] ++ attachments end end From 1feb193731881f87efda0dd3c08d554d2ef22971 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sat, 22 Apr 2017 12:11:36 +0200 Subject: [PATCH 13/28] Add rel=self link too feed. --- lib/pleroma/web/ostatus/feed_representer.ex | 3 ++- test/web/ostatus/feed_representer_test.exs | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/ostatus/feed_representer.ex b/lib/pleroma/web/ostatus/feed_representer.ex index 1576b4710..42be5f793 100644 --- a/lib/pleroma/web/ostatus/feed_representer.ex +++ b/lib/pleroma/web/ostatus/feed_representer.ex @@ -21,7 +21,8 @@ defmodule Pleroma.Web.OStatus.FeedRepresenter do {:title, ['#{user.nickname}\'s timeline']}, {:updated, h.(most_recent_update)}, {:link, [rel: 'hub', href: h.(OStatus.pubsub_path(user))], []}, - {:author, UserRepresenter.to_simple_form(user)} + {:link, [rel: 'self', href: h.(OStatus.feed_path(user))], []}, + {:author, UserRepresenter.to_simple_form(user)}, ] ++ entries }] end diff --git a/test/web/ostatus/feed_representer_test.exs b/test/web/ostatus/feed_representer_test.exs index 3d8eaac6e..1b0a10030 100644 --- a/test/web/ostatus/feed_representer_test.exs +++ b/test/web/ostatus/feed_representer_test.exs @@ -27,6 +27,7 @@ defmodule Pleroma.Web.OStatus.FeedRepresenterTest do #{user.nickname}'s timeline #{most_recent_update} + #{user_xml} From 8fb73c28bbeccb6a7462e4a0e9fb58726b68bcf5 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sat, 22 Apr 2017 13:44:21 +0200 Subject: [PATCH 14/28] Only have one subscription per callback. --- config/config.exs | 2 + config/test.exs | 2 + lib/pleroma/web/websub/websub.ex | 54 ++++++++++++++++++++- lib/pleroma/web/websub/websub_controller.ex | 41 ++-------------- test/web/websub/websub_controller_test.exs | 8 --- test/web/websub/websub_test.exs | 48 +++++++++++++++++- 6 files changed, 107 insertions(+), 48 deletions(-) diff --git a/config/config.exs b/config/config.exs index 18a2490a4..3826dddff 100644 --- a/config/config.exs +++ b/config/config.exs @@ -30,6 +30,8 @@ config :mime, :types, %{ "application/xrd+xml" => ["xrd+xml"] } +config :pleroma, :websub_verifier, Pleroma.Web.Websub + # Import environment specific config. This must remain at the bottom # of this file so it overrides the configuration defined above. import_config "#{Mix.env}.exs" diff --git a/config/test.exs b/config/test.exs index f5d6f240d..5d91279a2 100644 --- a/config/test.exs +++ b/config/test.exs @@ -24,3 +24,5 @@ config :pleroma, Pleroma.Repo, # Reduce hash rounds for testing config :comeonin, :pbkdf2_rounds, 1 + +config :pleroma, :websub_verifier, Pleroma.Web.WebsubMock diff --git a/lib/pleroma/web/websub/websub.ex b/lib/pleroma/web/websub/websub.ex index 26a10788a..50878e3c4 100644 --- a/lib/pleroma/web/websub/websub.ex +++ b/lib/pleroma/web/websub/websub.ex @@ -3,12 +3,15 @@ defmodule Pleroma.Web.Websub do alias Pleroma.Websub alias Pleroma.Web.Websub.WebsubServerSubscription alias Pleroma.Web.OStatus.FeedRepresenter + alias Pleroma.Web.OStatus import Ecto.Query + @websub_verifier Application.get_env(:pleroma, :websub_verifier) + def verify(subscription, getter \\ &HTTPoison.get/3 ) do challenge = Base.encode16(:crypto.strong_rand_bytes(8)) - lease_seconds = NaiveDateTime.diff(subscription.valid_until, subscription.inserted_at) |> to_string + lease_seconds = NaiveDateTime.diff(subscription.valid_until, subscription.updated_at) |> to_string params = %{ "hub.challenge": challenge, @@ -48,4 +51,53 @@ defmodule Pleroma.Web.Websub do ]) end) end + + def incoming_subscription_request(user, params) do + with {:ok, topic} <- valid_topic(params, user), + {:ok, lease_time} <- lease_time(params), + secret <- params["hub.secret"], + callback <- params["hub.callback"] + do + subscription = get_subscription(topic, callback) + data = %{ + state: subscription.state || "requested", + topic: topic, + secret: secret, + callback: callback + } + + change = Ecto.Changeset.change(subscription, data) + websub = Repo.insert_or_update!(change) + + change = Ecto.Changeset.change(websub, %{valid_until: NaiveDateTime.add(websub.updated_at, lease_time)}) + websub = Repo.update!(change) + + # Just spawn that for now, maybe pool later. + spawn(fn -> @websub_verifier.verify(websub) end) + + {:ok, websub} + else {:error, reason} -> + {:error, reason} + end + end + + defp get_subscription(topic, callback) do + Repo.get_by(WebsubServerSubscription, topic: topic, callback: callback) || %WebsubServerSubscription{} + end + + defp lease_time(%{"hub.lease_seconds" => lease_seconds}) do + {:ok, String.to_integer(lease_seconds)} + end + + defp lease_time(_) do + {:ok, 60 * 60 * 24 * 3} # three days + end + + defp valid_topic(%{"hub.topic" => topic}, user) do + if topic == OStatus.feed_path(user) do + {:ok, topic} + else + {:error, "Wrong topic requested, expected #{OStatus.feed_path(user)}, got #{topic}"} + end + end end diff --git a/lib/pleroma/web/websub/websub_controller.ex b/lib/pleroma/web/websub/websub_controller.ex index 5766dff64..5d54c6ef5 100644 --- a/lib/pleroma/web/websub/websub_controller.ex +++ b/lib/pleroma/web/websub/websub_controller.ex @@ -1,32 +1,13 @@ defmodule Pleroma.Web.Websub.WebsubController do use Pleroma.Web, :controller - alias Pleroma.Web.Websub.WebsubServerSubscription - alias Pleroma.{Repo, User} - alias Pleroma.Web.OStatus + alias Pleroma.User alias Pleroma.Web.Websub + def websub_subscription_request(conn, %{"nickname" => nickname} = params) do user = User.get_cached_by_nickname(nickname) - with {:ok, topic} <- valid_topic(params, user), - {:ok, lease_time} <- lease_time(params), - secret <- params["hub.secret"] + with {:ok, _websub} <- Websub.incoming_subscription_request(user, params) do - data = %{ - state: "requested", - topic: topic, - secret: secret, - callback: params["hub.callback"] - } - - change = Ecto.Changeset.change(%WebsubServerSubscription{}, data) - websub = Repo.insert!(change) - - change = Ecto.Changeset.change(websub, %{valid_until: NaiveDateTime.add(websub.inserted_at, lease_time)}) - websub = Repo.update!(change) - - # Just spawn that for now, maybe pool later. - spawn(fn -> Websub.verify(websub) end) - conn |> send_resp(202, "Accepted") else {:error, reason} -> @@ -34,20 +15,4 @@ defmodule Pleroma.Web.Websub.WebsubController do |> send_resp(500, reason) end end - - defp lease_time(%{"hub.lease_seconds" => lease_seconds}) do - {:ok, String.to_integer(lease_seconds)} - end - - defp lease_time(_) do - {:ok, 60 * 60 * 24 * 3} # three days - end - - defp valid_topic(%{"hub.topic" => topic}, user) do - if topic == OStatus.feed_path(user) do - {:ok, topic} - else - {:error, "Wrong topic requested, expected #{OStatus.feed_path(user)}, got #{topic}"} - end - end end diff --git a/test/web/websub/websub_controller_test.exs b/test/web/websub/websub_controller_test.exs index 584db0a19..9a0a5c61b 100644 --- a/test/web/websub/websub_controller_test.exs +++ b/test/web/websub/websub_controller_test.exs @@ -1,8 +1,6 @@ defmodule Pleroma.Web.Websub.WebsubControllerTest do use Pleroma.Web.ConnCase import Pleroma.Factory - alias Pleroma.Repo - alias Pleroma.Web.Websub.WebsubServerSubscription test "websub subscription request", %{conn: conn} do user = insert(:user) @@ -21,11 +19,5 @@ defmodule Pleroma.Web.Websub.WebsubControllerTest do |> post(path, data) assert response(conn, 202) == "Accepted" - subscription = Repo.one!(WebsubServerSubscription) - assert subscription.topic == Pleroma.Web.OStatus.feed_path(user) - assert subscription.state == "requested" - assert subscription.secret == "a random secret" - assert subscription.callback == "http://example.org/sub" - assert subscription.valid_until == NaiveDateTime.add(subscription.inserted_at, 100) end end diff --git a/test/web/websub/websub_test.exs b/test/web/websub/websub_test.exs index 36ea82299..5fe91d0f8 100644 --- a/test/web/websub/websub_test.exs +++ b/test/web/websub/websub_test.exs @@ -1,6 +1,12 @@ +defmodule Pleroma.Web.WebsubMock do + def verify(sub) do + {:ok, sub} + end +end defmodule Pleroma.Web.WebsubTest do use Pleroma.DataCase alias Pleroma.Web.Websub + alias Pleroma.Web.Websub.WebsubServerSubscription import Pleroma.Factory test "a verification of a request that is accepted" do @@ -29,7 +35,6 @@ defmodule Pleroma.Web.WebsubTest do test "a verification of a request that doesn't return 200" do sub = insert(:websub_subscription) - topic = sub.topic getter = fn (_path, _headers, _options) -> {:ok, %HTTPoison.Response{ @@ -41,4 +46,45 @@ defmodule Pleroma.Web.WebsubTest do {:error, sub} = Websub.verify(sub, getter) assert sub.state == "rejected" end + + test "an incoming subscription request" do + user = insert(:user) + + data = %{ + "hub.callback" => "http://example.org/sub", + "hub.mode" => "subscription", + "hub.topic" => Pleroma.Web.OStatus.feed_path(user), + "hub.secret" => "a random secret", + "hub.lease_seconds" => "100" + } + + + {:ok, subscription } = Websub.incoming_subscription_request(user, data) + assert subscription.topic == Pleroma.Web.OStatus.feed_path(user) + assert subscription.state == "requested" + assert subscription.secret == "a random secret" + assert subscription.callback == "http://example.org/sub" + end + + test "an incoming subscription request for an existing subscription" do + user = insert(:user) + sub = insert(:websub_subscription, state: "accepted", topic: Pleroma.Web.OStatus.feed_path(user)) + + data = %{ + "hub.callback" => sub.callback, + "hub.mode" => "subscription", + "hub.topic" => Pleroma.Web.OStatus.feed_path(user), + "hub.secret" => "a random secret", + "hub.lease_seconds" => "100" + } + + + {:ok, subscription } = Websub.incoming_subscription_request(user, data) + assert subscription.topic == Pleroma.Web.OStatus.feed_path(user) + assert subscription.state == sub.state + assert subscription.secret == "a random secret" + assert subscription.callback == sub.callback + assert length(Repo.all(WebsubServerSubscription)) == 1 + assert subscription.id == sub.id + end end From c585f9e26ca81f0394cf3fc1a9271833506811e1 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sat, 22 Apr 2017 13:48:10 +0200 Subject: [PATCH 15/28] Only handle subscription requests for now. --- lib/pleroma/web/websub/websub.ex | 2 +- test/web/websub/websub_controller_test.exs | 2 +- test/web/websub/websub_test.exs | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/pleroma/web/websub/websub.ex b/lib/pleroma/web/websub/websub.ex index 50878e3c4..cf819afd1 100644 --- a/lib/pleroma/web/websub/websub.ex +++ b/lib/pleroma/web/websub/websub.ex @@ -52,7 +52,7 @@ defmodule Pleroma.Web.Websub do end) end - def incoming_subscription_request(user, params) do + def incoming_subscription_request(user, %{"hub.mode" => "subscribe"} = params) do with {:ok, topic} <- valid_topic(params, user), {:ok, lease_time} <- lease_time(params), secret <- params["hub.secret"], diff --git a/test/web/websub/websub_controller_test.exs b/test/web/websub/websub_controller_test.exs index 9a0a5c61b..8368cafea 100644 --- a/test/web/websub/websub_controller_test.exs +++ b/test/web/websub/websub_controller_test.exs @@ -9,7 +9,7 @@ defmodule Pleroma.Web.Websub.WebsubControllerTest do data = %{ "hub.callback": "http://example.org/sub", - "hub.mode": "subscription", + "hub.mode": "subscribe", "hub.topic": Pleroma.Web.OStatus.feed_path(user), "hub.secret": "a random secret", "hub.lease_seconds": "100" diff --git a/test/web/websub/websub_test.exs b/test/web/websub/websub_test.exs index 5fe91d0f8..334ba03fc 100644 --- a/test/web/websub/websub_test.exs +++ b/test/web/websub/websub_test.exs @@ -52,7 +52,7 @@ defmodule Pleroma.Web.WebsubTest do data = %{ "hub.callback" => "http://example.org/sub", - "hub.mode" => "subscription", + "hub.mode" => "subscribe", "hub.topic" => Pleroma.Web.OStatus.feed_path(user), "hub.secret" => "a random secret", "hub.lease_seconds" => "100" @@ -72,7 +72,7 @@ defmodule Pleroma.Web.WebsubTest do data = %{ "hub.callback" => sub.callback, - "hub.mode" => "subscription", + "hub.mode" => "subscribe", "hub.topic" => Pleroma.Web.OStatus.feed_path(user), "hub.secret" => "a random secret", "hub.lease_seconds" => "100" From 923584d0467b2213bef0d3d78c8713f34b7b21d7 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sat, 22 Apr 2017 14:37:54 +0200 Subject: [PATCH 16/28] Remove unknown activities from feed. --- lib/pleroma/web/ostatus/activity_representer.ex | 2 ++ lib/pleroma/web/ostatus/feed_representer.ex | 1 + lib/pleroma/web/websub/websub.ex | 1 - test/web/ostatus/activity_representer_test.exs | 7 ++++++- 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/web/ostatus/activity_representer.ex b/lib/pleroma/web/ostatus/activity_representer.ex index daaa4ef03..590abc8bb 100644 --- a/lib/pleroma/web/ostatus/activity_representer.ex +++ b/lib/pleroma/web/ostatus/activity_representer.ex @@ -22,4 +22,6 @@ defmodule Pleroma.Web.OStatus.ActivityRepresenter do {:updated, h.(updated_at)} ] ++ attachments end + + def to_simple_form(_,_), do: nil end diff --git a/lib/pleroma/web/ostatus/feed_representer.ex b/lib/pleroma/web/ostatus/feed_representer.ex index 42be5f793..c9cd12937 100644 --- a/lib/pleroma/web/ostatus/feed_representer.ex +++ b/lib/pleroma/web/ostatus/feed_representer.ex @@ -11,6 +11,7 @@ defmodule Pleroma.Web.OStatus.FeedRepresenter do entries = Enum.map(activities, fn(activity) -> {:entry, ActivityRepresenter.to_simple_form(activity, user)} end) + |> Enum.filter(fn ({_, form}) -> form end) [{ :feed, [ diff --git a/lib/pleroma/web/websub/websub.ex b/lib/pleroma/web/websub/websub.ex index cf819afd1..cc66b52dd 100644 --- a/lib/pleroma/web/websub/websub.ex +++ b/lib/pleroma/web/websub/websub.ex @@ -1,6 +1,5 @@ defmodule Pleroma.Web.Websub do alias Pleroma.Repo - alias Pleroma.Websub alias Pleroma.Web.Websub.WebsubServerSubscription alias Pleroma.Web.OStatus.FeedRepresenter alias Pleroma.Web.OStatus diff --git a/test/web/ostatus/activity_representer_test.exs b/test/web/ostatus/activity_representer_test.exs index de79717b1..61df41a1d 100644 --- a/test/web/ostatus/activity_representer_test.exs +++ b/test/web/ostatus/activity_representer_test.exs @@ -2,7 +2,7 @@ defmodule Pleroma.Web.OStatus.ActivityRepresenterTest do use Pleroma.DataCase alias Pleroma.Web.OStatus.ActivityRepresenter - alias Pleroma.User + alias Pleroma.{User, Activity} import Pleroma.Factory @@ -32,6 +32,11 @@ defmodule Pleroma.Web.OStatus.ActivityRepresenterTest do assert clean(res) == clean(expected) end + test "an unknown activity" do + tuple = ActivityRepresenter.to_simple_form(%Activity{}, nil) + assert is_nil(tuple) + end + defp clean(string) do String.replace(string, ~r/\s/, "") end From 04fb4f9c47b273256d628eefa5bd8af77cca31fb Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sat, 22 Apr 2017 15:11:13 +0200 Subject: [PATCH 17/28] Add poco data to user. --- lib/pleroma/web/ostatus/feed_representer.ex | 3 ++- lib/pleroma/web/ostatus/user_representer.ex | 5 +++++ test/web/ostatus/feed_representer_test.exs | 2 +- test/web/ostatus/user_representer_test.exs | 3 +++ 4 files changed, 11 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/web/ostatus/feed_representer.ex b/lib/pleroma/web/ostatus/feed_representer.ex index c9cd12937..749cb10d0 100644 --- a/lib/pleroma/web/ostatus/feed_representer.ex +++ b/lib/pleroma/web/ostatus/feed_representer.ex @@ -16,7 +16,8 @@ defmodule Pleroma.Web.OStatus.FeedRepresenter do [{ :feed, [ xmlns: 'http://www.w3.org/2005/Atom', - "xmlns:activity": 'http://activitystrea.ms/spec/1.0/' + "xmlns:activity": 'http://activitystrea.ms/spec/1.0/', + "xmlns:poco": 'http://portablecontacts.net/spec/1.0' ], [ {:id, h.(OStatus.feed_path(user))}, {:title, ['#{user.nickname}\'s timeline']}, diff --git a/lib/pleroma/web/ostatus/user_representer.ex b/lib/pleroma/web/ostatus/user_representer.ex index e7ee4cfeb..65dfc5643 100644 --- a/lib/pleroma/web/ostatus/user_representer.ex +++ b/lib/pleroma/web/ostatus/user_representer.ex @@ -3,11 +3,16 @@ defmodule Pleroma.Web.OStatus.UserRepresenter do def to_simple_form(user) do ap_id = to_charlist(user.ap_id) nickname = to_charlist(user.nickname) + name = to_charlist(user.name) + bio = to_charlist(user.bio) avatar_url = to_charlist(User.avatar_url(user)) [ { :id, [ap_id] }, { :"activity:object", ['http://activitystrea.ms/schema/1.0/person'] }, { :uri, [ap_id] }, + { :"poco:preferredUsername", [nickname] }, + { :"poco:displayName", [name] }, + { :"poco:note", [bio] }, { :name, [nickname] }, { :link, [rel: 'avatar', href: avatar_url], []} ] diff --git a/test/web/ostatus/feed_representer_test.exs b/test/web/ostatus/feed_representer_test.exs index 1b0a10030..a5f28f6d5 100644 --- a/test/web/ostatus/feed_representer_test.exs +++ b/test/web/ostatus/feed_representer_test.exs @@ -22,7 +22,7 @@ defmodule Pleroma.Web.OStatus.FeedRepresenterTest do |> :xmerl.export_simple_content(:xmerl_xml) expected = """ - + #{OStatus.feed_path(user)} #{user.nickname}'s timeline #{most_recent_update} diff --git a/test/web/ostatus/user_representer_test.exs b/test/web/ostatus/user_representer_test.exs index a401a56da..80ac8181a 100644 --- a/test/web/ostatus/user_representer_test.exs +++ b/test/web/ostatus/user_representer_test.exs @@ -15,6 +15,9 @@ defmodule Pleroma.Web.OStatus.UserRepresenterTest do #{user.ap_id} http://activitystrea.ms/schema/1.0/person #{user.ap_id} + #{user.nickname} + #{user.name} + #{user.bio} #{user.nickname} """ From cef4a4d7095eae474c0bebaa4b0fb0001f140672 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sat, 22 Apr 2017 15:34:29 +0200 Subject: [PATCH 18/28] Fix utf8 problems with iolists. --- lib/pleroma/web/ostatus/ostatus_controller.ex | 1 + test/support/factory.ex | 2 +- test/web/ostatus/feed_representer_test.exs | 2 +- test/web/ostatus/user_representer_test.exs | 4 ++-- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/lib/pleroma/web/ostatus/ostatus_controller.ex b/lib/pleroma/web/ostatus/ostatus_controller.ex index 4db4a55e6..3c8d8c0f1 100644 --- a/lib/pleroma/web/ostatus/ostatus_controller.ex +++ b/lib/pleroma/web/ostatus/ostatus_controller.ex @@ -18,6 +18,7 @@ defmodule Pleroma.Web.OStatus.OStatusController do response = FeedRepresenter.to_simple_form(user, activities, [user]) |> :xmerl.export_simple(:xmerl_xml) + |> to_string conn |> put_resp_content_type("application/atom+xml") diff --git a/test/support/factory.ex b/test/support/factory.ex index 401fdfda3..d7c16f0e0 100644 --- a/test/support/factory.ex +++ b/test/support/factory.ex @@ -3,7 +3,7 @@ defmodule Pleroma.Factory do def user_factory do user = %Pleroma.User{ - name: sequence(:name, &"Test User #{&1}"), + name: sequence(:name, &"Test テスト User #{&1}"), email: sequence(:email, &"user#{&1}@example.com"), nickname: sequence(:nickname, &"nick#{&1}"), password_hash: Comeonin.Pbkdf2.hashpwsalt("test"), diff --git a/test/web/ostatus/feed_representer_test.exs b/test/web/ostatus/feed_representer_test.exs index a5f28f6d5..9a02d8c16 100644 --- a/test/web/ostatus/feed_representer_test.exs +++ b/test/web/ostatus/feed_representer_test.exs @@ -14,7 +14,7 @@ defmodule Pleroma.Web.OStatus.FeedRepresenterTest do most_recent_update = note_activity.updated_at |> NaiveDateTime.to_iso8601 - res = :xmerl.export_simple_content(tuple, :xmerl_xml) |> IO.iodata_to_binary + res = :xmerl.export_simple_content(tuple, :xmerl_xml) |> to_string user_xml = UserRepresenter.to_simple_form(user) |> :xmerl.export_simple_content(:xmerl_xml) diff --git a/test/web/ostatus/user_representer_test.exs b/test/web/ostatus/user_representer_test.exs index 80ac8181a..a4afc2cf7 100644 --- a/test/web/ostatus/user_representer_test.exs +++ b/test/web/ostatus/user_representer_test.exs @@ -6,10 +6,10 @@ defmodule Pleroma.Web.OStatus.UserRepresenterTest do alias Pleroma.User test "returns a user with id, uri, name and link" do - user = build(:user) + user = build(:user, nickname: "レイン") tuple = UserRepresenter.to_simple_form(user) - res = :xmerl.export_simple_content(tuple, :xmerl_xml) |> IO.iodata_to_binary + res = :xmerl.export_simple_content(tuple, :xmerl_xml) |> to_string expected = """ #{user.ap_id} From 8a07ddef8f7193adb3eb4b069ef0231e769a0fb9 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sun, 23 Apr 2017 10:38:24 +0200 Subject: [PATCH 19/28] Don't break feed if user has no posts. --- lib/pleroma/web/ostatus/feed_representer.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pleroma/web/ostatus/feed_representer.ex b/lib/pleroma/web/ostatus/feed_representer.ex index 749cb10d0..14ac3ebf4 100644 --- a/lib/pleroma/web/ostatus/feed_representer.ex +++ b/lib/pleroma/web/ostatus/feed_representer.ex @@ -3,7 +3,7 @@ defmodule Pleroma.Web.OStatus.FeedRepresenter do alias Pleroma.Web.OStatus.{UserRepresenter, ActivityRepresenter} def to_simple_form(user, activities, users) do - most_recent_update = List.first(activities).updated_at + most_recent_update = (List.first(activities) || user).updated_at |> NaiveDateTime.to_iso8601 h = fn(str) -> [to_charlist(str)] end From 4c216cba9cd5fc20e03e1f68a4d347cfbc2a2a0b Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sun, 23 Apr 2017 15:21:58 +0200 Subject: [PATCH 20/28] Decode and verify salmons. --- lib/pleroma/web/salmon/salmon.ex | 48 ++++++++++++++++++++++++++++++++ test/fixtures/salmon.xml | 2 ++ test/web/salmon/salmon_test.exs | 19 +++++++++++++ 3 files changed, 69 insertions(+) create mode 100644 lib/pleroma/web/salmon/salmon.ex create mode 100644 test/fixtures/salmon.xml create mode 100644 test/web/salmon/salmon_test.exs diff --git a/lib/pleroma/web/salmon/salmon.ex b/lib/pleroma/web/salmon/salmon.ex new file mode 100644 index 000000000..7f1c63a5f --- /dev/null +++ b/lib/pleroma/web/salmon/salmon.ex @@ -0,0 +1,48 @@ +defmodule Pleroma.Web.Salmon do + use Bitwise + + def decode_and_validate(magickey, salmon) do + {doc, _rest} = :xmerl_scan.string(to_charlist(salmon)) + + {:xmlObj, :string, data} = :xmerl_xpath.string('string(//me:data[1])', doc) + {:xmlObj, :string, sig} = :xmerl_xpath.string('string(//me:sig[1])', doc) + {:xmlObj, :string, alg} = :xmerl_xpath.string('string(//me:alg[1])', doc) + {:xmlObj, :string, encoding} = :xmerl_xpath.string('string(//me:encoding[1])', doc) + {:xmlObj, :string, type} = :xmerl_xpath.string('string(//me:data[1]/@type)', doc) + + + {:ok, data} = Base.url_decode64(to_string(data), ignore: :whitespace) + {:ok, sig} = Base.url_decode64(to_string(sig), ignore: :whitespace) + alg = to_string(alg) + encoding = to_string(encoding) + type = to_string(type) + + signed_text = [data, type, encoding, alg] + |> Enum.map(&Base.url_encode64/1) + |> Enum.join(".") + + key = decode_key(magickey) + + verify = :public_key.verify(signed_text, :sha256, sig, key) + + if verify do + {:ok, data} + else + :error + end + end + + defp decode_key("RSA." <> magickey) do + make_integer = fn(bin) -> + list = :erlang.binary_to_list(bin) + Enum.reduce(list, 0, fn (el, acc) -> (acc <<< 8) ||| el end) + end + + [modulus, exponent] = magickey + |> String.split(".") + |> Enum.map(&Base.url_decode64!/1) + |> Enum.map(make_integer) + + {:RSAPublicKey, modulus, exponent} + end +end diff --git a/test/fixtures/salmon.xml b/test/fixtures/salmon.xml new file mode 100644 index 000000000..fadcd3219 --- /dev/null +++ b/test/fixtures/salmon.xml @@ -0,0 +1,2 @@ + +PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiID8-PGVudHJ5IHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDA1L0F0b20iIHhtbG5zOnRocj0iaHR0cDovL3B1cmwub3JnL3N5bmRpY2F0aW9uL3RocmVhZC8xLjAiIHhtbG5zOmFjdGl2aXR5PSJodHRwOi8vYWN0aXZpdHlzdHJlYS5tcy9zcGVjLzEuMC8iIHhtbG5zOmdlb3Jzcz0iaHR0cDovL3d3dy5nZW9yc3Mub3JnL2dlb3JzcyIgeG1sbnM6b3N0YXR1cz0iaHR0cDovL29zdGF0dXMub3JnL3NjaGVtYS8xLjAiIHhtbG5zOnBvY289Imh0dHA6Ly9wb3J0YWJsZWNvbnRhY3RzLm5ldC9zcGVjLzEuMCIgeG1sbnM6bWVkaWE9Imh0dHA6Ly9wdXJsLm9yZy9zeW5kaWNhdGlvbi9hdG9tbWVkaWEiIHhtbG5zOnN0YXR1c25ldD0iaHR0cDovL3N0YXR1cy5uZXQvc2NoZW1hL2FwaS8xLyI-CiA8aWQ-dGFnOmdzLmV4YW1wbGUub3JnOjQwNDAsMjAxNy0wNC0yMzpkaXNmYXZvcjoxOjg6MTk3MC0wMS0wMVQwMDowMDowMCswMDowMDwvaWQ-CiA8dGl0bGU-VW5saWtlPC90aXRsZT4KIDxjb250ZW50IHR5cGU9Imh0bWwiPmxhbWJkYSBubyBsb25nZXIgbGlrZXMgaHR0cDovL3BsZXJvbWEuZXhhbXBsZS5vcmc6NDAwMC9vYmplY3RzL2UyODk2ZmMxLTY1OGItNDJhNy1hMzYyLWUyNThkMzkwNmRlOS48L2NvbnRlbnQ-CiA8YWN0aXZpdHk6dmVyYj5odHRwOi8vYWN0aXZpdHlzdHJlYS5tcy9zY2hlbWEvMS4wL3VuZmF2b3JpdGU8L2FjdGl2aXR5OnZlcmI-CiA8cHVibGlzaGVkPjIwMTctMDQtMjNUMTE6NDc6NTUrMDA6MDA8L3B1Ymxpc2hlZD4KIDx1cGRhdGVkPjIwMTctMDQtMjNUMTE6NDc6NTUrMDA6MDA8L3VwZGF0ZWQ-CiA8YXV0aG9yPgogIDxhY3Rpdml0eTpvYmplY3QtdHlwZT5odHRwOi8vYWN0aXZpdHlzdHJlYS5tcy9zY2hlbWEvMS4wL3BlcnNvbjwvYWN0aXZpdHk6b2JqZWN0LXR5cGU-CiAgPHVyaT5odHRwOi8vZ3MuZXhhbXBsZS5vcmc6NDA0MC9pbmRleC5waHAvdXNlci8xPC91cmk-CiAgPG5hbWU-bGFtYmRhPC9uYW1lPgogIDxsaW5rIHJlbD0iYWx0ZXJuYXRlIiB0eXBlPSJ0ZXh0L2h0bWwiIGhyZWY9Imh0dHA6Ly9ncy5leGFtcGxlLm9yZzo0MDQwL2luZGV4LnBocC9sYW1iZGEiLz4KICA8bGluayByZWw9ImF2YXRhciIgdHlwZT0iaW1hZ2UvcG5nIiBtZWRpYTp3aWR0aD0iOTYiIG1lZGlhOmhlaWdodD0iOTYiIGhyZWY9Imh0dHA6Ly9ncy5leGFtcGxlLm9yZzo0MDQwL3RoZW1lL25lby1nbnUvZGVmYXVsdC1hdmF0YXItcHJvZmlsZS5wbmciLz4KICA8bGluayByZWw9ImF2YXRhciIgdHlwZT0iaW1hZ2UvcG5nIiBtZWRpYTp3aWR0aD0iNDgiIG1lZGlhOmhlaWdodD0iNDgiIGhyZWY9Imh0dHA6Ly9ncy5leGFtcGxlLm9yZzo0MDQwL3RoZW1lL25lby1nbnUvZGVmYXVsdC1hdmF0YXItc3RyZWFtLnBuZyIvPgogIDxsaW5rIHJlbD0iYXZhdGFyIiB0eXBlPSJpbWFnZS9wbmciIG1lZGlhOndpZHRoPSIyNCIgbWVkaWE6aGVpZ2h0PSIyNCIgaHJlZj0iaHR0cDovL2dzLmV4YW1wbGUub3JnOjQwNDAvdGhlbWUvbmVvLWdudS9kZWZhdWx0LWF2YXRhci1taW5pLnBuZyIvPgogIDxwb2NvOnByZWZlcnJlZFVzZXJuYW1lPmxhbWJkYTwvcG9jbzpwcmVmZXJyZWRVc2VybmFtZT4KICA8cG9jbzpkaXNwbGF5TmFtZT5sYW1iZGE8L3BvY286ZGlzcGxheU5hbWU-CiAgPGZvbGxvd2VycyB1cmw9Imh0dHA6Ly9ncy5leGFtcGxlLm9yZzo0MDQwL2luZGV4LnBocC9sYW1iZGEvc3Vic2NyaWJlcnMiPjwvZm9sbG93ZXJzPgogPC9hdXRob3I-CiA8YWN0aXZpdHk6b2JqZWN0PgogIDxhY3Rpdml0eTpvYmplY3QtdHlwZT5odHRwOi8vYWN0aXZpdHlzdHJlYS5tcy9zY2hlbWEvMS4wL25vdGU8L2FjdGl2aXR5Om9iamVjdC10eXBlPgogIDxpZD5odHRwOi8vcGxlcm9tYS5leGFtcGxlLm9yZzo0MDAwL29iamVjdHMvZTI4OTZmYzEtNjU4Yi00MmE3LWEzNjItZTI1OGQzOTA2ZGU5PC9pZD4KICA8dGl0bGU-TmV3IG5vdGUgYnkgbGFpbjI8L3RpdGxlPgogIDxjb250ZW50IHR5cGU9Imh0bWwiPkhlbGxvLjwvY29udGVudD4KICA8bGluayByZWw9ImFsdGVybmF0ZSIgdHlwZT0idGV4dC9odG1sIiBocmVmPSJodHRwOi8vcGxlcm9tYS5leGFtcGxlLm9yZzo0MDAwL29iamVjdHMvZTI4OTZmYzEtNjU4Yi00MmE3LWEzNjItZTI1OGQzOTA2ZGU5Ii8-CiAgPHN0YXR1c19uZXQgbm90aWNlX2lkPSI4Ij48L3N0YXR1c19uZXQ-CiA8L2FjdGl2aXR5Om9iamVjdD4KPC9lbnRyeT4Kbase64urlRSA-SHA256ZXXHgp_ihTZIJnnFiQuJD0TSvo4OIqrpblHHQQwfpCy-85mtTf0QO1LclX3P3Ra8BqAmhs7j9nDxuEGLuVLTt53DvMP-pOjCtWYDKBbEZQtFIVnCcvBzGPW1HmimdN49M3VtAohbhfVilTrApQpGnI6kHvx7G1fQdQxHRtMsdNI= \ No newline at end of file diff --git a/test/web/salmon/salmon_test.exs b/test/web/salmon/salmon_test.exs new file mode 100644 index 000000000..4ebb32081 --- /dev/null +++ b/test/web/salmon/salmon_test.exs @@ -0,0 +1,19 @@ +defmodule Pleroma.Web.Salmon.SalmonTest do + use Pleroma.DataCase + alias Pleroma.Web.Salmon + + @magickey "RSA.pu0s-halox4tu7wmES1FVSx6u-4wc0YrUFXcqWXZG4-27UmbCOpMQftRCldNRfyA-qLbz-eqiwQhh-1EwUvjsD4cYbAHNGHwTvDOyx5AKthQUP44ykPv7kjKGh3DWKySJvcs9tlUG87hlo7AvnMo9pwRS_Zz2CacQ-MKaXyDepk=.AQAB" + + @wrong_magickey "RSA.pu0s-halox4tu7wmES1FVSx6u-4wc0YrUFXcqWXZG4-27UmbCOpMQftRCldNRfyA-qLbz-eqiwQhh-1EwUvjsD4cYbAHNGHwTvDOyx5AKthQUP44ykPv7kjKGh3DWKySJvcs9tlUG87hlo7AvnMo9pwRS_Zz2CacQ-MKaXyDepk=.AQAA" + + test "decodes a salmon" do + {:ok, salmon} = File.read("test/fixtures/salmon.xml") + {:ok, doc} = Salmon.decode_and_validate(@magickey, salmon) + assert Regex.match?(~r/xml/, doc) + end + + test "errors on wrong magic key" do + {:ok, salmon} = File.read("test/fixtures/salmon.xml") + assert Salmon.decode_and_validate(@wrong_magickey, salmon) == :error + end +end From 7424310e148a5763776b2c5eb5129b54ec770afe Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sun, 23 Apr 2017 16:35:17 +0200 Subject: [PATCH 21/28] Basic key fetching. --- lib/pleroma/web/salmon/salmon.ex | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/salmon/salmon.ex b/lib/pleroma/web/salmon/salmon.ex index 7f1c63a5f..3881f2758 100644 --- a/lib/pleroma/web/salmon/salmon.ex +++ b/lib/pleroma/web/salmon/salmon.ex @@ -1,7 +1,7 @@ defmodule Pleroma.Web.Salmon do use Bitwise - def decode_and_validate(magickey, salmon) do + def decode(salmon) do {doc, _rest} = :xmerl_scan.string(to_charlist(salmon)) {:xmlObj, :string, data} = :xmerl_xpath.string('string(//me:data[1])', doc) @@ -17,6 +17,31 @@ defmodule Pleroma.Web.Salmon do encoding = to_string(encoding) type = to_string(type) + [data, type, encoding, alg, sig] + end + + def fetch_magic_key(salmon) do + [data, _, _, _, _] = decode(salmon) + {doc, _rest} = :xmerl_scan.string(to_charlist(data)) + {:xmlObj, :string, uri} = :xmerl_xpath.string('string(//author[1]/uri)', doc) + + uri = to_string(uri) + base = URI.parse(uri).host + + # TODO: Find out if this endpoint is mandated by the standard. + {:ok, response} = HTTPoison.get(base <> "/.well-known/webfinger", ["Accept": "application/xrd+xml"], [params: [resource: uri]]) + + {doc, _rest} = :xmerl_scan.string(to_charlist(response.body)) + + {:xmlObj, :string, magickey} = :xmerl_xpath.string('string(//Link[@rel="magic-public-key"]/@href)', doc) + "data:application/magic-public-key," <> magickey = to_string(magickey) + + magickey + end + + def decode_and_validate(magickey, salmon) do + [data, type, encoding, alg, sig] = decode(salmon) + signed_text = [data, type, encoding, alg] |> Enum.map(&Base.url_encode64/1) |> Enum.join(".") From 1e3791877caa15cc6ef5873c747a4a466ba6cbd4 Mon Sep 17 00:00:00 2001 From: dtluna Date: Sun, 23 Apr 2017 19:08:25 +0300 Subject: [PATCH 22/28] Add error response on empty status --- .../web/twitter_api/twitter_api_controller.ex | 24 +++++++++++++++---- .../twitter_api_controller_test.exs | 16 +++++++++---- 2 files changed, 31 insertions(+), 9 deletions(-) diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index 8ea54852d..2ea45603a 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -12,13 +12,25 @@ defmodule Pleroma.Web.TwitterAPI.Controller do |> json_reply(200, response) end - def status_update(%{assigns: %{user: user}} = conn, status_data) do + def status_update(conn, %{"status" => ""} = _status_data) do + empty_status_reply(conn) + end + + def status_update(%{assigns: %{user: user}} = conn, %{"status" => _status_text} = status_data) do media_ids = extract_media_ids(status_data) {:ok, activity} = TwitterAPI.create_status(user, Map.put(status_data, "media_ids", media_ids )) conn |> json_reply(200, ActivityRepresenter.to_json(activity, %{user: user})) end + def status_update(conn, _status_data) do + empty_status_reply(conn) + end + + defp empty_status_reply(conn) do + bad_request_reply(conn, "Client must provide a 'status' parameter with a value.") + end + defp extract_media_ids(status_data) do with media_ids when not is_nil(media_ids) <- status_data["media_ids"], split_ids <- String.split(media_ids, ","), @@ -183,7 +195,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do end defp bad_request_reply(conn, error_message) do - json = Poison.encode!(%{"error" => error_message}) + json = error_json(conn, error_message) json_reply(conn, 400, json) end @@ -194,9 +206,11 @@ defmodule Pleroma.Web.TwitterAPI.Controller do end defp forbidden_json_reply(conn, error_message) do - json = %{"error" => error_message, "request" => conn.request_path} - |> Poison.encode! - + json = error_json(conn, error_message) json_reply(conn, 403, json) end + + defp error_json(conn, error_message) do + %{"error" => error_message, "request" => conn.request_path} |> Poison.encode! + end end diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index 0761d0566..0bd27c8c7 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -31,10 +31,18 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do end test "with credentials", %{conn: conn, user: user} do - conn = conn - |> with_credentials(user.nickname, "test") - |> post("/api/statuses/update.json", %{ status: "Nice meme." }) + conn_with_creds = conn |> with_credentials(user.nickname, "test") + request_path = "/api/statuses/update.json" + error_response = %{"request" => request_path, + "error" => "Client must provide a 'status' parameter with a value."} + conn = conn_with_creds |> post(request_path) + assert json_response(conn, 400) == error_response + + conn = conn_with_creds |> post(request_path, %{ status: "" }) + assert json_response(conn, 400) == error_response + + conn = conn_with_creds |> post(request_path, %{ status: "Nice meme." }) assert json_response(conn, 200) == ActivityRepresenter.to_map(Repo.one(Activity), %{user: user}) end end @@ -139,7 +147,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do setup [:valid_user] test "without any params", %{conn: conn} do conn = get(conn, "/api/statuses/user_timeline.json") - assert json_response(conn, 400) == %{"error" => "You need to specify screen_name or user_id"} + assert json_response(conn, 400) == %{"error" => "You need to specify screen_name or user_id", "request" => "/api/statuses/user_timeline.json"} end test "with user_id", %{conn: conn} do From f723b2369160ee08f7155e299aa44410b26b7e51 Mon Sep 17 00:00:00 2001 From: dtluna Date: Mon, 24 Apr 2017 01:11:38 +0300 Subject: [PATCH 23/28] Add error response to self-repeats --- .../web/twitter_api/twitter_api_controller.ex | 13 +++++++++---- .../twitter_api_controller_test.exs | 18 ++++++++++++++---- 2 files changed, 23 insertions(+), 8 deletions(-) diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index 19de0665c..3f27ad1ac 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -163,11 +163,16 @@ defmodule Pleroma.Web.TwitterAPI.Controller do def retweet(%{assigns: %{user: user}} = conn, %{"id" => id}) do activity = Repo.get(Activity, id) - {:ok, status} = TwitterAPI.retweet(user, activity) - response = Poison.encode!(status) + if activity.data["actor"] == user.ap_id do + bad_request_reply(conn, "You cannot repeat your own notice.") + else + {:ok, status} = TwitterAPI.retweet(user, activity) + response = Poison.encode!(status) - conn - |> json_reply(200, response) + conn + + |> json_reply(200, response) + end end def register(conn, params) do diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index 0bd27c8c7..a5551fa82 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -328,11 +328,21 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do test "with credentials", %{conn: conn, user: current_user} do note_activity = insert(:note_activity) - conn = conn - |> with_credentials(current_user.nickname, "test") - |> post("/api/statuses/retweet/#{note_activity.id}.json") + request_path = "/api/statuses/retweet/#{note_activity.id}.json" - assert json_response(conn, 200) + user = Repo.get_by(User, ap_id: note_activity.data["actor"]) + response = conn + |> with_credentials(user.nickname, "test") + |> post(request_path) + assert json_response(response, 400) == %{"error" => "You cannot repeat your own notice.", + "request" => request_path} + + response = conn + |> with_credentials(current_user.nickname, "test") + |> post(request_path) + activity = Repo.get(Activity, note_activity.id) + current_user = Repo.get_by(User, ap_id: note_activity.data["actor"]) + assert json_response(response, 200) == ActivityRepresenter.to_map(activity, %{user: current_user}) end end From 5b6070ec404f83055db8c9be083b6d3a2a30df75 Mon Sep 17 00:00:00 2001 From: dtluna Date: Mon, 24 Apr 2017 12:09:11 +0300 Subject: [PATCH 24/28] Deny whitespace statuses --- .../web/twitter_api/twitter_api_controller.ex | 14 +++++++++----- .../twitter_api/twitter_api_controller_test.exs | 3 +++ 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index 2ea45603a..4740c3a4c 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -16,11 +16,15 @@ defmodule Pleroma.Web.TwitterAPI.Controller do empty_status_reply(conn) end - def status_update(%{assigns: %{user: user}} = conn, %{"status" => _status_text} = status_data) do - media_ids = extract_media_ids(status_data) - {:ok, activity} = TwitterAPI.create_status(user, Map.put(status_data, "media_ids", media_ids )) - conn - |> json_reply(200, ActivityRepresenter.to_json(activity, %{user: user})) + def status_update(%{assigns: %{user: user}} = conn, %{"status" => status_text} = status_data) do + if status_text |> String.trim |> String.length != 0 do + media_ids = extract_media_ids(status_data) + {:ok, activity} = TwitterAPI.create_status(user, Map.put(status_data, "media_ids", media_ids )) + conn + |> json_reply(200, ActivityRepresenter.to_json(activity, %{user: user})) + else + empty_status_reply(conn) + end end def status_update(conn, _status_data) do diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index 0bd27c8c7..766268ce9 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -42,6 +42,9 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do conn = conn_with_creds |> post(request_path, %{ status: "" }) assert json_response(conn, 400) == error_response + conn = conn_with_creds |> post(request_path, %{ status: " " }) + assert json_response(conn, 400) == error_response + conn = conn_with_creds |> post(request_path, %{ status: "Nice meme." }) assert json_response(conn, 200) == ActivityRepresenter.to_map(Repo.one(Activity), %{user: user}) end From 668b01da0b9f339aabedaae424023e60a38c2529 Mon Sep 17 00:00:00 2001 From: dtluna Date: Mon, 24 Apr 2017 15:33:27 +0300 Subject: [PATCH 25/28] Add restriction on names --- lib/pleroma/user.ex | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 3ce07d510..5e579dc44 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -63,6 +63,7 @@ defmodule Pleroma.User do |> validate_confirmation(:password) |> unique_constraint(:email) |> unique_constraint(:nickname) + |> validate_format(:nickname, ~r/^[a-zA-Z\d]+$/) if changeset.valid? do hashed = Comeonin.Pbkdf2.hashpwsalt(changeset.changes[:password]) From a25adfbfeedb049f44bb05275ce1040ed00a4ad2 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Tue, 25 Apr 2017 11:33:32 +0200 Subject: [PATCH 26/28] Remove superflous function. --- lib/pleroma/web/twitter_api/twitter_api_controller.ex | 4 ---- 1 file changed, 4 deletions(-) diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index f80b66858..d9ff7e530 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -12,10 +12,6 @@ defmodule Pleroma.Web.TwitterAPI.Controller do |> json_reply(200, response) end - def status_update(conn, %{"status" => ""} = _status_data) do - empty_status_reply(conn) - end - def status_update(%{assigns: %{user: user}} = conn, %{"status" => status_text} = status_data) do if status_text |> String.trim |> String.length != 0 do media_ids = extract_media_ids(status_data) From c3655d1c479aa69b35820f96da3f891f6af9fcdb Mon Sep 17 00:00:00 2001 From: dtluna Date: Tue, 25 Apr 2017 19:47:16 +0300 Subject: [PATCH 27/28] Remove unnecessary status_update definition --- lib/pleroma/web/twitter_api/twitter_api_controller.ex | 4 ---- 1 file changed, 4 deletions(-) diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index f55db37b3..b5b829ca0 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -12,10 +12,6 @@ defmodule Pleroma.Web.TwitterAPI.Controller do |> json_reply(200, response) end - def status_update(conn, %{"status" => ""} = _status_data) do - empty_status_reply(conn) - end - def status_update(%{assigns: %{user: user}} = conn, %{"status" => status_text} = status_data) do if status_text |> String.trim |> String.length != 0 do media_ids = extract_media_ids(status_data) From 22e936372e12879e97beac5d886566b1c6c4d55e Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Wed, 26 Apr 2017 08:55:00 +0200 Subject: [PATCH 28/28] Fix retweet spec. --- test/web/twitter_api/twitter_api_controller_test.exs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index eb952a230..6c249be7d 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -344,8 +344,8 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do |> with_credentials(current_user.nickname, "test") |> post(request_path) activity = Repo.get(Activity, note_activity.id) - current_user = Repo.get_by(User, ap_id: note_activity.data["actor"]) - assert json_response(response, 200) == ActivityRepresenter.to_map(activity, %{user: current_user}) + activity_user = Repo.get_by(User, ap_id: note_activity.data["actor"]) + assert json_response(response, 200) == ActivityRepresenter.to_map(activity, %{user: activity_user, for: current_user}) end end