activitypub: add the public key to Person (#14186)

Refs: https://github.com/go-gitea/gitea/issues/14186

Signed-off-by: Loïc Dachary <loic@dachary.org>
This commit is contained in:
Loïc Dachary 2021-10-28 17:13:24 -10:00 committed by Anthony Wang
parent 4951af4d99
commit 678a56fbf8
No known key found for this signature in database
GPG key ID: BC96B00AEC5F2D76
2 changed files with 90 additions and 7 deletions

View file

@ -13,6 +13,7 @@ import (
"testing" "testing"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
"github.com/go-fed/activity/pub"
"github.com/go-fed/activity/streams" "github.com/go-fed/activity/streams"
"github.com/go-fed/activity/streams/vocab" "github.com/go-fed/activity/streams/vocab"
@ -22,8 +23,10 @@ import (
func TestActivityPubPerson(t *testing.T) { func TestActivityPubPerson(t *testing.T) {
onGiteaRun(t, func(*testing.T, *url.URL) { onGiteaRun(t, func(*testing.T, *url.URL) {
setting.Federation.Enabled = true setting.Federation.Enabled = true
setting.Database.LogSQL = true
defer func() { defer func() {
setting.Federation.Enabled = false setting.Federation.Enabled = false
setting.Database.LogSQL = false
}() }()
username := "user2" username := "user2"
@ -41,11 +44,41 @@ func TestActivityPubPerson(t *testing.T) {
ctx := context.Background() ctx := context.Background()
err := resolver.Resolve(ctx, m) err := resolver.Resolve(ctx, m)
assert.Equal(t, err, nil) assert.Equal(t, err, nil)
assert.Equal(t, person.GetTypeName(), "Person") assert.Equal(t, "Person", person.GetTypeName())
assert.Equal(t, person.GetActivityStreamsName().Begin().GetXMLSchemaString(), username) assert.Equal(t, username, person.GetActivityStreamsName().Begin().GetXMLSchemaString())
assert.Regexp(t, fmt.Sprintf("activitypub/user/%s$", username), person.GetJSONLDId().GetIRI().String()) keyId := person.GetJSONLDId().GetIRI().String()
assert.Regexp(t, fmt.Sprintf("activitypub/user/%s$", username), keyId)
assert.Regexp(t, fmt.Sprintf("activitypub/user/%s/outbox$", username), person.GetActivityStreamsOutbox().GetIRI().String()) assert.Regexp(t, fmt.Sprintf("activitypub/user/%s/outbox$", username), person.GetActivityStreamsOutbox().GetIRI().String())
assert.Regexp(t, fmt.Sprintf("activitypub/user/%s/inbox$", username), person.GetActivityStreamsInbox().GetIRI().String()) assert.Regexp(t, fmt.Sprintf("activitypub/user/%s/inbox$", username), person.GetActivityStreamsInbox().GetIRI().String())
pkp := person.GetW3IDSecurityV1PublicKey()
publicKeyId := keyId + "/#main-key"
var pkpFound vocab.W3IDSecurityV1PublicKey
for pkpIter := pkp.Begin(); pkpIter != pkp.End(); pkpIter = pkpIter.Next() {
if !pkpIter.IsW3IDSecurityV1PublicKey() {
continue
}
pkValue := pkpIter.Get()
var pkId *url.URL
pkId, err = pub.GetId(pkValue)
if err != nil {
return
}
assert.Equal(t, pkId.String(), publicKeyId)
if pkId.String() != publicKeyId {
continue
}
pkpFound = pkValue
break
}
assert.NotNil(t, pkpFound)
pkPemProp := pkpFound.GetW3IDSecurityV1PublicKeyPem()
assert.NotNil(t, pkPemProp)
assert.True(t, pkPemProp.IsXMLSchemaString())
pubKeyPem := pkPemProp.Get()
assert.Regexp(t, "^-----BEGIN PUBLIC KEY-----", pubKeyPem)
}) })
} }

View file

@ -9,12 +9,38 @@ import (
"net/url" "net/url"
"strings" "strings"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/activitypub"
"code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/routers/api/v1/user" "code.gitea.io/gitea/routers/api/v1/user"
"github.com/go-fed/activity/streams" "github.com/go-fed/activity/streams"
) )
// hack waiting on https://github.com/go-gitea/gitea/pull/16834
func GetPublicKey(user *models.User) (string, error) {
if settings, err := models.GetUserSetting(user.ID, []string{"activitypub_pubPem"}); err != nil {
return "", err
} else if len(settings) == 0 {
if priv, pub, err := activitypub.GenerateKeyPair(); err != nil {
return "", err
} else {
privPem := &models.UserSetting{UserID: user.ID, Name: "activitypub_privPem", Value: priv}
if err := models.SetUserSetting(privPem); err != nil {
return "", err
}
pubPem := &models.UserSetting{UserID: user.ID, Name: "activitypub_pubPem", Value: pub}
if err := models.SetUserSetting(pubPem); err != nil {
return "", err
}
return pubPem.Value, nil
}
} else {
return settings[0].Value, nil
}
}
// NodeInfo returns the NodeInfo for the Gitea instance to allow for federation
func Person(ctx *context.APIContext) { func Person(ctx *context.APIContext) {
// swagger:operation GET /activitypub/user/{username} information // swagger:operation GET /activitypub/user/{username} information
// --- // ---
@ -31,15 +57,15 @@ func Person(ctx *context.APIContext) {
// "200": // "200":
// "$ref": "#/responses/ActivityPub" // "$ref": "#/responses/ActivityPub"
user.GetUserByParamsName(ctx, "username") user := user.GetUserByParamsName(ctx, "username")
username := ctx.Params("username") username := ctx.Params("username")
person := streams.NewActivityStreamsPerson() person := streams.NewActivityStreamsPerson()
id := streams.NewJSONLDIdProperty() id := streams.NewJSONLDIdProperty()
link := strings.TrimSuffix(setting.AppURL, "/") + strings.TrimSuffix(ctx.Req.URL.EscapedPath(), "/") link := strings.TrimSuffix(setting.AppURL, "/") + strings.TrimSuffix(ctx.Req.URL.EscapedPath(), "/")
url_object, _ := url.Parse(link) idIRI, _ := url.Parse(link)
id.SetIRI(url_object) id.SetIRI(idIRI)
person.SetJSONLDId(id) person.SetJSONLDId(id)
name := streams.NewActivityStreamsNameProperty() name := streams.NewActivityStreamsNameProperty()
@ -47,7 +73,7 @@ func Person(ctx *context.APIContext) {
person.SetActivityStreamsName(name) person.SetActivityStreamsName(name)
ibox := streams.NewActivityStreamsInboxProperty() ibox := streams.NewActivityStreamsInboxProperty()
url_object, _ = url.Parse(link + "/inbox") url_object, _ := url.Parse(link + "/inbox")
ibox.SetIRI(url_object) ibox.SetIRI(url_object)
person.SetActivityStreamsInbox(ibox) person.SetActivityStreamsInbox(ibox)
@ -56,6 +82,30 @@ func Person(ctx *context.APIContext) {
obox.SetIRI(url_object) obox.SetIRI(url_object)
person.SetActivityStreamsOutbox(obox) person.SetActivityStreamsOutbox(obox)
publicKeyProp := streams.NewW3IDSecurityV1PublicKeyProperty()
publicKeyType := streams.NewW3IDSecurityV1PublicKey()
pubKeyIdProp := streams.NewJSONLDIdProperty()
pubKeyIRI, _ := url.Parse(link + "/#main-key")
pubKeyIdProp.SetIRI(pubKeyIRI)
publicKeyType.SetJSONLDId(pubKeyIdProp)
ownerProp := streams.NewW3IDSecurityV1OwnerProperty()
ownerProp.SetIRI(idIRI)
publicKeyType.SetW3IDSecurityV1Owner(ownerProp)
publicKeyPemProp := streams.NewW3IDSecurityV1PublicKeyPemProperty()
if publicKeyPem, err := GetPublicKey(user); err != nil {
ctx.Error(http.StatusInternalServerError, "GetPublicKey", err)
} else {
publicKeyPemProp.Set(publicKeyPem)
}
publicKeyType.SetW3IDSecurityV1PublicKeyPem(publicKeyPemProp)
publicKeyProp.AppendW3IDSecurityV1PublicKey(publicKeyType)
person.SetW3IDSecurityV1PublicKey(publicKeyProp)
var jsonmap map[string]interface{} var jsonmap map[string]interface{}
jsonmap, _ = streams.Serialize(person) jsonmap, _ = streams.Serialize(person)
ctx.JSON(http.StatusOK, jsonmap) ctx.JSON(http.StatusOK, jsonmap)