FoundKey/packages/backend/src/queue/processors/inbox.ts

import { URL } from 'node:url';
import Bull from 'bull';
import { perform } from '@/remote/activitypub/perform.js';
import Logger from '@/services/logger.js';
import { registerOrFetchInstanceDoc } from '@/services/register-or-fetch-instance-doc.js';
import { Instances } from '@/models/index.js';
import { apRequestChart, federationChart, instanceChart } from '@/services/chart/index.js';
import { extractPunyHost } from '@/misc/convert-host.js';
import { getApId } from '@/remote/activitypub/type.js';
import { fetchInstanceMetadata } from '@/services/fetch-instance-metadata.js';
import { Resolver } from '@/remote/activitypub/resolver.js';
import { LdSignature } from '@/remote/activitypub/misc/ld-signature.js';
import { AuthUser, getAuthUser } from '@/remote/activitypub/misc/auth-user.js';
import { InboxJobData } from '@/queue/types.js';
import { shouldBlockInstance } from '@/misc/should-block-instance.js';
import { verifyHttpSignature } from '@/remote/http-signature.js';

const logger = new Logger('inbox');

// Processing when an activity arrives in the user's inbox
export default async (job: Bull.Job<InboxJobData>): Promise<string> => {
	const signature = job.data.signature;	// HTTP-signature
	const activity = job.data.activity;
	const resolver = new Resolver();

	//#region Log
	const info = Object.assign({}, activity) as any;
	delete info['@context'];
	logger.debug(JSON.stringify(info, null, 2));
	//#endregion

	const validated = await verifyHttpSignature(signature, resolver, getApId(activity.actor));
	let authUser = validated.authUser;

	// The signature must be valid.
	// The signature must also match the actor otherwise anyone could sign any activity.
	if (validated.status !== 'valid' || validated.authUser.user.uri !== activity.actor) {
		// Last resort: LD-Signature
		if (activity.signature) {
			if (activity.signature.type !== 'RsaSignature2017') {
				return `skip: unsupported LD-signature type ${activity.signature.type}`;
			}

			// get user based on LD-Signature key id.
			// lets assume that the creator has this common form:
			// <https://example.com/users/user#main-key>
			// Then we can use it as the key id and (without fragment part) user id.
			authUser = await getAuthUser(activity.signature.creator, activity.signature.creator.replace(/#.*$/, ''), resolver);

			if (authUser == null) {
				return 'skip: failed to resolve LD-Signature user';
			}

			// LD-Signature verification
			const ldSignature = new LdSignature();
			const verified = await ldSignature.verifyRsaSignature2017(activity, authUser.key.keyPem).catch(() => false);
			if (!verified) {
				return 'skip: LD-Signatureの検証に失敗しました';
			}

			// Again, the actor must match.
			if (authUser.user.uri !== activity.actor) {
				return `skip: LD-Signature user(${authUser.user.uri}) !== activity.actor(${activity.actor})`;
			}

			// Stop if the host is blocked.
			const ldHost = extractPunyHost(authUser.user.uri);
			if (await shouldBlockInstance(ldHost)) {
				return `Blocked request: ${ldHost}`;
			}
		} else {
			return `skip: http-signature verification failed and no LD-Signature. keyId=${signature.keyId}`;
		}
	}

	// authUser cannot be null at this point:
	// either it was already not null because the HTTP signature was valid
	// or, if the LD signature was not verified, this function will already have returned.
	authUser = authUser as AuthUser;

	// Verify that the actor's host is not blocked
	const signerHost = extractPunyHost(authUser.user.uri!);
	if (await shouldBlockInstance(signerHost)) {
		return `Blocked request: ${signerHost}`;
	}

	if (typeof activity.id === 'string') {
		// Verify that activity and actor are from the same host.
		const activityIdHost = extractPunyHost(activity.id);
		if (signerHost !== activityIdHost) {
			return `skip: signerHost(${signerHost}) !== activity.id host(${activityIdHost}`;
		}

		// Verify that the id has a sane length
		if (activity.id.length > 2048) {
			return `skip: overly long id from ${signerHost}`;
		}
	}

	// Update stats
	registerOrFetchInstanceDoc(authUser.user.host).then(i => {
		Instances.update(i.id, {
			latestRequestReceivedAt: new Date(),
			lastCommunicatedAt: new Date(),
			isNotResponding: false,
		});

		fetchInstanceMetadata(i);

		instanceChart.requestReceived(i.host);
		apRequestChart.inbox();
		federationChart.inbox(i.host);
	});

	// process the activity
	await perform(authUser.user, activity, resolver);
	return 'ok';
};
refactor: Use ESM (#8358) * wip * wip * fix * clean up * Update tsconfig.json * Update activitypub.ts * wip 2022-02-27 02:07:39 +00:00			`import { URL } from 'node:url';`
			`import Bull from 'bull';`
refactor: remove default export for perform 2022-12-11 14:35:31 +00:00			`import { perform } from '@/remote/activitypub/perform.js';`
refactor: Use ESM (#8358) * wip * wip * fix * clean up * Update tsconfig.json * Update activitypub.ts * wip 2022-02-27 02:07:39 +00:00			`import Logger from '@/services/logger.js';`
			`import { registerOrFetchInstanceDoc } from '@/services/register-or-fetch-instance-doc.js';`
			`import { Instances } from '@/models/index.js';`
			`import { apRequestChart, federationChart, instanceChart } from '@/services/chart/index.js';`
rename extractDbHost to extractPunyHost 2023-06-27 20:02:32 +00:00			`import { extractPunyHost } from '@/misc/convert-host.js';`
refactor: Use ESM (#8358) * wip * wip * fix * clean up * Update tsconfig.json * Update activitypub.ts * wip 2022-02-27 02:07:39 +00:00			`import { getApId } from '@/remote/activitypub/type.js';`
			`import { fetchInstanceMetadata } from '@/services/fetch-instance-metadata.js';`
refactor: remove default export for Resolver 2022-12-11 14:33:03 +00:00			`import { Resolver } from '@/remote/activitypub/resolver.js';`
refactor: Use ESM (#8358) * wip * wip * fix * clean up * Update tsconfig.json * Update activitypub.ts * wip 2022-02-27 02:07:39 +00:00			`import { LdSignature } from '@/remote/activitypub/misc/ld-signature.js';`
server: refactor HTTP signature validation 2023-06-26 20:02:27 +00:00			`import { AuthUser, getAuthUser } from '@/remote/activitypub/misc/auth-user.js';`
bacakend: prefer absolute over relative imports There are still many places where import paths with `..` are used and maybe should use absolute paths also. 2022-10-01 12:40:30 +00:00			`import { InboxJobData } from '@/queue/types.js';`
BREAKING: server: remove wildcard blocking and instead block subdomains (#269) Co-authored-by: Francis Dinh <normandy@biribiri.dev> Reviewed-on: https://akkoma.dev/FoundKeyGang/FoundKey/pulls/269 Changelog: Changed 2022-12-05 17:55:38 +00:00			`import { shouldBlockInstance } from '@/misc/should-block-instance.js';`
server: refactor HTTP signature validation 2023-06-26 20:02:27 +00:00			`import { verifyHttpSignature } from '@/remote/http-signature.js';`
wip 2018-04-04 14:12:35 +00:00
Use internal logger instead of debug/console for logging Resolve #4104 Resolve #1966 Resolve #1937 2019-02-03 09:16:57 +00:00			`const logger = new Logger('inbox');`
Log 2018-04-06 13:40:06 +00:00
server: refactor HTTP signature validation 2023-06-26 20:02:27 +00:00			`// Processing when an activity arrives in the user's inbox`
APリファクタとLD-Signatureの検証に対応 (#6300) * DbResolver * inbox types * 認証順を変更 * User/Keyあたりをまとめる * LD-Signatue * Validate contexts url * LD-Signature DocumentLoaderにProxyとTimeout 2020-05-08 23:21:42 +00:00			`export default async (job: Bull.Job<InboxJobData>): Promise<string> => {`
			`const signature = job.data.signature; // HTTP-signature`
wip 2018-04-04 14:12:35 +00:00			`const activity = job.data.activity;`
server: refactor HTTP signature validation 2023-06-26 20:02:27 +00:00			`const resolver = new Resolver();`
wip 2018-04-04 14:12:35 +00:00
Log 2018-04-06 13:40:06 +00:00			`//#region Log`
Add queue types (#7504) 2021-05-08 09:56:21 +00:00			`const info = Object.assign({}, activity) as any;`
Log 2018-04-06 13:40:06 +00:00			`delete info['@context'];`
Fix log 2019-02-05 05:04:40 +00:00			`logger.debug(JSON.stringify(info, null, 2));`
Log 2018-04-06 13:40:06 +00:00			`//#endregion`

server: refactor HTTP signature validation 2023-06-26 20:02:27 +00:00			`const validated = await verifyHttpSignature(signature, resolver, getApId(activity.actor));`
			`let authUser = validated.authUser;`
APリファクタとLD-Signatureの検証に対応 (#6300) * DbResolver * inbox types * 認証順を変更 * User/Keyあたりをまとめる * LD-Signatue * Validate contexts url * LD-Signature DocumentLoaderにProxyとTimeout 2020-05-08 23:21:42 +00:00
server: refactor "authUser" functions into separate file They did not really fit into the DbResolver because they may fetch data from remote instances even though DbResolver is only supposed to access the database. 2022-12-03 22:07:33 +00:00			`// The signature must be valid.`
			`// The signature must also match the actor otherwise anyone could sign any activity.`
server: refactor HTTP signature validation 2023-06-26 20:02:27 +00:00			`if (validated.status !== 'valid' \|\| validated.authUser.user.uri !== activity.actor) {`
server: refactor "authUser" functions into separate file They did not really fit into the DbResolver because they may fetch data from remote instances even though DbResolver is only supposed to access the database. 2022-12-03 22:07:33 +00:00			`// Last resort: LD-Signature`
APリファクタとLD-Signatureの検証に対応 (#6300) * DbResolver * inbox types * 認証順を変更 * User/Keyあたりをまとめる * LD-Signatue * Validate contexts url * LD-Signature DocumentLoaderにProxyとTimeout 2020-05-08 23:21:42 +00:00			`if (activity.signature) {`
			`if (activity.signature.type !== 'RsaSignature2017') {`
			return `skip: unsupported LD-signature type ${activity.signature.type}`;
			`}`

server: refactor "authUser" functions into separate file They did not really fit into the DbResolver because they may fetch data from remote instances even though DbResolver is only supposed to access the database. 2022-12-03 22:07:33 +00:00			`// get user based on LD-Signature key id.`
			`// lets assume that the creator has this common form:`
			`// <https://example.com/users/user#main-key>`
			`// Then we can use it as the key id and (without fragment part) user id.`
fix: properly supply resolver (2) 2022-12-08 18:06:55 +00:00			`authUser = await getAuthUser(activity.signature.creator, activity.signature.creator.replace(/#.*$/, ''), resolver);`
APリファクタとLD-Signatureの検証に対応 (#6300) * DbResolver * inbox types * 認証順を変更 * User/Keyあたりをまとめる * LD-Signatue * Validate contexts url * LD-Signature DocumentLoaderにProxyとTimeout 2020-05-08 23:21:42 +00:00
			`if (authUser == null) {`
server: refactor "authUser" functions into separate file They did not really fit into the DbResolver because they may fetch data from remote instances even though DbResolver is only supposed to access the database. 2022-12-03 22:07:33 +00:00			`return 'skip: failed to resolve LD-Signature user';`
AP Actorの修正 (#7573) * AP Actorの修正 * Add ActivityPub test * Fix person * Test * ap test * Revert "Test" This reverts commit 3c493eff4e89f94fd33f25189ba3bc96ef4366b3. * Test comment * fix * fix * Update inbox * indent * nl * indent * TODO * Fix inbox * Update test 2021-07-10 14:14:57 +00:00			`}`

server: refactor "authUser" functions into separate file They did not really fit into the DbResolver because they may fetch data from remote instances even though DbResolver is only supposed to access the database. 2022-12-03 22:07:33 +00:00			`// LD-Signature verification`
APリファクタとLD-Signatureの検証に対応 (#6300) * DbResolver * inbox types * 認証順を変更 * User/Keyあたりをまとめる * LD-Signatue * Validate contexts url * LD-Signature DocumentLoaderにProxyとTimeout 2020-05-08 23:21:42 +00:00			`const ldSignature = new LdSignature();`
			`const verified = await ldSignature.verifyRsaSignature2017(activity, authUser.key.keyPem).catch(() => false);`
			`if (!verified) {`
fix lint "quotes" 2022-08-02 21:25:36 +00:00			`return 'skip: LD-Signatureの検証に失敗しました';`
APリファクタとLD-Signatureの検証に対応 (#6300) * DbResolver * inbox types * 認証順を変更 * User/Keyあたりをまとめる * LD-Signatue * Validate contexts url * LD-Signature DocumentLoaderにProxyとTimeout 2020-05-08 23:21:42 +00:00			`}`

server: refactor "authUser" functions into separate file They did not really fit into the DbResolver because they may fetch data from remote instances even though DbResolver is only supposed to access the database. 2022-12-03 22:07:33 +00:00			`// Again, the actor must match.`
APリファクタとLD-Signatureの検証に対応 (#6300) * DbResolver * inbox types * 認証順を変更 * User/Keyあたりをまとめる * LD-Signatue * Validate contexts url * LD-Signature DocumentLoaderにProxyとTimeout 2020-05-08 23:21:42 +00:00			`if (authUser.user.uri !== activity.actor) {`
			return `skip: LD-Signature user(${authUser.user.uri}) !== activity.actor(${activity.actor})`;
Receive Update activity 2018-09-01 08:53:38 +00:00			`}`
Apply blocked instance to LD-Signature host (#6355) 2020-05-15 11:50:28 +00:00
server: add wildcard matching to blocked hosts This adds in wildcard matching. For instance: - `.bad.tld` will match: `very.bad.tld` - `bad.` will match: `bad.something` - `.bad.` will match: `very.bad.evil` Changelog: Changed 2022-12-01 06:42:09 +00:00			`// Stop if the host is blocked.`
rename extractDbHost to extractPunyHost 2023-06-27 20:02:32 +00:00			`const ldHost = extractPunyHost(authUser.user.uri);`
server: add wildcard matching to blocked hosts This adds in wildcard matching. For instance: - `.bad.tld` will match: `very.bad.tld` - `bad.` will match: `bad.something` - `.bad.` will match: `very.bad.evil` Changelog: Changed 2022-12-01 06:42:09 +00:00			`if (await shouldBlockInstance(ldHost)) {`
Apply blocked instance to LD-Signature host (#6355) 2020-05-15 11:50:28 +00:00			return `Blocked request: ${ldHost}`;
			`}`
Fix inbox bug (#6334) 2020-05-09 08:08:54 +00:00			`} else {`
署名検証失敗はリトライしないように (#6437) 2020-06-03 00:12:54 +00:00			return `skip: http-signature verification failed and no LD-Signature. keyId=${signature.keyId}`;
wip 2018-04-04 14:12:35 +00:00			`}`
Receive Update activity 2018-09-01 08:53:38 +00:00			`}`

server: refactor HTTP signature validation 2023-06-26 20:02:27 +00:00			`// authUser cannot be null at this point:`
			`// either it was already not null because the HTTP signature was valid`
			`// or, if the LD signature was not verified, this function will already have returned.`
			`authUser = authUser as AuthUser;`

activitypub: also check incoming activity host for block 2023-04-16 17:34:15 +00:00			`// Verify that the actor's host is not blocked`
rename extractDbHost to extractPunyHost 2023-06-27 20:02:32 +00:00			`const signerHost = extractPunyHost(authUser.user.uri!);`
activitypub: also check incoming activity host for block 2023-04-16 17:34:15 +00:00			`if (await shouldBlockInstance(signerHost)) {`
			return `Blocked request: ${signerHost}`;
			`}`

APリファクタとLD-Signatureの検証に対応 (#6300) * DbResolver * inbox types * 認証順を変更 * User/Keyあたりをまとめる * LD-Signatue * Validate contexts url * LD-Signature DocumentLoaderにProxyとTimeout 2020-05-08 23:21:42 +00:00			`if (typeof activity.id === 'string') {`
limit id length of all incoming activities 2022-09-12 16:30:53 +00:00			`// Verify that activity and actor are from the same host.`
rename extractDbHost to extractPunyHost 2023-06-27 20:02:32 +00:00			`const activityIdHost = extractPunyHost(activity.id);`
APリファクタとLD-Signatureの検証に対応 (#6300) * DbResolver * inbox types * 認証順を変更 * User/Keyあたりをまとめる * LD-Signatue * Validate contexts url * LD-Signature DocumentLoaderにProxyとTimeout 2020-05-08 23:21:42 +00:00			`if (signerHost !== activityIdHost) {`
			return `skip: signerHost(${signerHost}) !== activity.id host(${activityIdHost}`;
			`}`
limit id length of all incoming activities 2022-09-12 16:30:53 +00:00
			`// Verify that the id has a sane length`
			`if (activity.id.length > 2048) {`
			return `skip: overly long id from ${signerHost}`;
			`}`
wip 2018-04-04 14:12:35 +00:00			`}`
Remove a trailing whitespace (#3261) 2018-11-16 08:04:28 +00:00
Improve instance stats 2019-02-07 07:05:29 +00:00			`// Update stats`
APリファクタとLD-Signatureの検証に対応 (#6300) * DbResolver * inbox types * 認証順を変更 * User/Keyあたりをまとめる * LD-Signatue * Validate contexts url * LD-Signature DocumentLoaderにProxyとTimeout 2020-05-08 23:21:42 +00:00			`registerOrFetchInstanceDoc(authUser.user.host).then(i => {`
Use PostgreSQL instead of MongoDB (#4572) * wip * Update note.ts * Update timeline.ts * Update core.ts * wip * Update generate-visibility-query.ts * wip * wip * wip * wip * wip * Update global-timeline.ts * wip * wip * wip * Update vote.ts * wip * wip * Update create.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * Update files.ts * wip * wip * Update CONTRIBUTING.md * wip * wip * wip * wip * wip * wip * wip * wip * Update read-notification.ts * wip * wip * wip * wip * wip * wip * wip * Update cancel.ts * wip * wip * wip * Update show.ts * wip * wip * Update gen-id.ts * Update create.ts * Update id.ts * wip * wip * wip * wip * wip * wip * wip * Docker: Update files about Docker (#4599) * Docker: Use cache if files used by `yarn install` was not updated This patch reduces the number of times to installing node_modules. For example, `yarn install` step will be skipped when only ".config/default.yml" is updated. * Docker: Migrate MongoDB to Postgresql Misskey uses Postgresql as a database instead of Mongodb since version 11. * Docker: Uncomment about data persistence This patch will save a lot of databases. * wip * wip * wip * Update activitypub.ts * wip * wip * wip * Update logs.ts * wip * Update drive-file.ts * Update register.ts * wip * wip * Update mentions.ts * wip * wip * wip * Update recommendation.ts * wip * Update index.ts * wip * Update recommendation.ts * Doc: Update docker.ja.md and docker.en.md (#1) (#4608) Update how to set up misskey. * wip * :v: * wip * Update note.ts * Update postgre.ts * wip * wip * wip * wip * Update add-file.ts * wip * wip * wip * Clean up * Update logs.ts * wip * :pizza: * wip * Ad notes * wip * Update api-visibility.ts * Update note.ts * Update add-file.ts * tests * tests * Update postgre.ts * Update utils.ts * wip * wip * Refactor * wip * Refactor * wip * wip * Update show-users.ts * Update update-instance.ts * wip * Update feed.ts * Update outbox.ts * Update outbox.ts * Update user.ts * wip * Update list.ts * Update update-hashtag.ts * wip * Update update-hashtag.ts * Refactor * Update update.ts * wip * wip * :v: * clean up * docs * Update push.ts * wip * Update api.ts * wip * :v: * Update make-pagination-query.ts * :v: * Delete hashtags.ts * Update instances.ts * Update instances.ts * Update create.ts * Update search.ts * Update reversi-game.ts * Update signup.ts * Update user.ts * id * Update example.yml * :art: * objectid * fix * reversi * reversi * Fix bug of chart engine * Add test of chart engine * Improve test * Better testing * Improve chart engine * Refactor * Add test of chart engine * Refactor * Add chart test * Fix bug * コミットし忘れ * Refactoring * :v: * Add tests * Add test * Extarct note tests * Refactor * 存在しないユーザーにメンションできなくなっていた問題を修正 * Fix bug * Update update-meta.ts * Fix bug * Update mention.vue * Fix bug * Update meta.ts * Update CONTRIBUTING.md * Fix bug * Fix bug * Fix bug * Clean up * Clean up * Update notification.ts * Clean up * Add mute tests * Add test * Refactor * Add test * Fix test * Refactor * Refactor * Add tests * Update utils.ts * Update utils.ts * Fix test * Update package.json * Update update.ts * Update manifest.ts * Fix bug * Fix bug * Add test * :art: * Update endpoint permissions * Updaye permisison * Update person.ts #4299 * データベースと同期しないように * Fix bug * Fix bug * Update reversi-game.ts * Use a feature of Node v11.7.0 to extract a public key (#4644) * wip * wip * :v: * Refactoring #1540 * test * test * test * test * test * test * test * Fix bug * Fix test * :sushi: * wip * #4471 * Add test for #4335 * Refactor * Fix test * Add tests * :clock4: * Fix bug * Add test * Add test * rename * Fix bug 2019-04-07 12:50:36 +00:00			`Instances.update(i.id, {`
			`latestRequestReceivedAt: new Date(),`
			`lastCommunicatedAt: new Date(),`
fix lint 2021-12-09 14:58:30 +00:00			`isNotResponding: false,`
Improve instance stats 2019-02-07 07:05:29 +00:00			`});`
Introduce per-instance chart (#4183) * Introduce per-instance chart * Implement chart view in client * Handle note deleting * More chart srcs * Add drive stats * Improve drive stats * Fix bug * Add icon 2019-02-08 07:58:57 +00:00
feat(server): Fetch icon url of an instance (#6591) * feat(server): Fetch icon url of an instance Resolve #6589 * chore: Rename the function 2020-07-26 02:04:07 +00:00			`fetchInstanceMetadata(i);`
Store nodeinfo per federated instances (#5578) * Store nodeinfo per federated instances * Update fetch-nodeinfo.ts * Update fetch-nodeinfo.ts * update 2019-11-05 13:14:42 +00:00
Introduce per-instance chart (#4183) * Introduce per-instance chart * Implement chart view in client * Handle note deleting * More chart srcs * Add drive stats * Improve drive stats * Fix bug * Add icon 2019-02-08 07:58:57 +00:00			`instanceChart.requestReceived(i.host);`
Improve chart engine (#8253) * wip * wip * wip * wip * wip * wip * wip * Update core.ts * wip * wip * #7361 * delete network chart * federationChart強化 apRequestChart追加 * tweak 2022-02-05 15:13:52 +00:00			`apRequestChart.inbox();`
			`federationChart.inbox(i.host);`
Improve instance stats 2019-02-07 07:05:29 +00:00			`});`

translate yet another japanese comment 2023-04-16 17:33:50 +00:00			`// process the activity`
activitypub: refactor to always apply recursion limit Refactor to remove as many "new Resolver" as possible. 2022-12-03 23:29:45 +00:00			`await perform(authUser.user, activity, resolver);`
fix lint "quotes" 2022-08-02 21:25:36 +00:00			`return 'ok';`
wip 2018-04-04 14:12:35 +00:00			`};`