forgejo/modules
Anthony Wang e86f18a05a
User keypairs and HTTP signatures for ActivityPub federation using go-ap (#19133)
* go.mod: add go-fed/{httpsig,activity/pub,activity/streams} dependency

go get github.com/go-fed/activity/streams@master
go get github.com/go-fed/activity/pub@master
go get github.com/go-fed/httpsig@master

* activitypub: implement /api/v1/activitypub/user/{username} (#14186)

Return informations regarding a Person (as defined in ActivityStreams
https://www.w3.org/TR/activitystreams-vocabulary/#dfn-person).

Refs: https://github.com/go-gitea/gitea/issues/14186

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: add the public key to Person (#14186)

Refs: https://github.com/go-gitea/gitea/issues/14186

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: go-fed conformant Clock instance

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: signing http client

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: implement the ReqSignature middleware

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: hack_16834

Signed-off-by: Loïc Dachary <loic@dachary.org>

* Fix CI checks-backend errors with go mod tidy

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Change 2021 to 2022, properly format package imports

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Run make fmt and make generate-swagger

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Use Gitea JSON library, add assert for pkp

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Run make fmt again, fix err var redeclaration

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Remove LogSQL from ActivityPub person test

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Assert if json.Unmarshal succeeds

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Cleanup, handle invalid usernames for ActivityPub person GET request

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Rename hack_16834 to user_settings

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Use the httplib module instead of http for GET requests

* Clean up whitespace with make fmt

* Use time.RFC1123 and make the http.Client proxy-aware

* Check if digest algo is supported in setting module

* Clean up some variable declarations

* Remove unneeded copy

* Use system timezone instead of setting.DefaultUILocation

* Use named constant for httpsigExpirationTime

* Make pubKey IRI #main-key instead of /#main-key

* Move /#main-key to #main-key in tests

* Implemented Webfinger endpoint.

* Add visible check.

* Add user profile as alias.

* Add actor IRI and remote interaction URL to WebFinger response

* fmt

* Fix lint errors

* Use go-ap instead of go-fed

* Run go mod tidy to fix missing modules in go.mod and go.sum

* make fmt

* Convert remaining code to go-ap

* Clean up go.sum

* Fix JSON unmarshall error

* Fix CI errors by adding @context to Person() and making sure types match

* Correctly decode JSON in api_activitypub_person_test.go

* Force CI rerun

* Fix TestActivityPubPersonInbox segfault

* Fix lint error

* Use @mariusor's suggestions for idiomatic go-ap usage

* Correctly add inbox/outbox IRIs to person

* Code cleanup

* Remove another LogSQL from ActivityPub person test

* Move httpsig algos slice to an init() function

* Add actor IRI and remote interaction URL to WebFinger response

* Update TestWebFinger to check for ActivityPub IRI in aliases

* make fmt

* Force CI rerun

* WebFinger: Add CORS header and fix Href -> Template for remote interactions

The CORS header is needed due to https://datatracker.ietf.org/doc/html/rfc7033#section-5 and fixes some Peertube <-> Gitea federation issues

* make lint-backend

* Make sure Person endpoint has Content-Type application/activity+json and includes PreferredUsername, URL, and Icon

Setting the correct Content-Type is essential for federating with Mastodon

* Use UTC instead of GMT

* Rename pkey to pubKey

* Make sure HTTP request Date in GMT

* make fmt

* dont drop err

* Make sure API responses always refer to username in original case

Copied from what I wrote on #19133 discussion: Handling username case is a very tricky issue and I've already encountered a Mastodon <-> Gitea federation bug due to Gitea considering Ta180m and ta180m to be the same user while Mastodon thinks they are two different users. I think the best way forward is for Gitea to only use the original case version of the username for federation so other AP software don't get confused.

* Move httpsig algs constant slice to modules/setting/federation.go

* Add new federation settings to app.example.ini and config-cheat-sheet

* Return if marshalling error

* Make sure Person IRIs are generated correctly

This commit ensures that if the setting.AppURL is something like "http://127.0.0.1:42567" (like in the integration tests), a trailing slash will be added after that URL.

* If httpsig verification fails, fix Host header and try again

This fixes a very rare bug when Gitea and another AP server (confirmed to happen with Mastodon) are running on the same machine, Gitea fails to verify incoming HTTP signatures. This is because the other AP server creates the sig with the public Gitea domain as the Host. However, when Gitea receives the request, the Host header is instead localhost, so the signature verification fails. Manually changing the host header to the correct value and trying the veification again fixes the bug.


* Revert "If httpsig verification fails, fix Host header and try again"

This reverts commit f53e46c721.

The bug was actually caused by nginx messing up the Host header when reverse-proxying since I didn't have the line `proxy_set_header Host $host;` in my nginx config for Gitea.

* Go back to using ap.IRI to generate inbox and outbox IRIs

* use const for key values

* Update routers/web/webfinger.go

* Use ctx.JSON in Person response to make code cleaner

* Revert "Use ctx.JSON in Person response to make code cleaner"

This doesn't work because the ctx.JSON() function already sends the response out and it's too late to edit the headers.

This reverts commit 95aad98897.

* Use activitypub.ActivityStreamsContentType for Person response Content Type

* Limit maximum ActivityPub request and response sizes to a configurable setting

* Move setting key constants to models/user/setting_keys.go

* Fix failing ActivityPubPerson integration test by checking the correct field for username

* Add a warning about changing settings that can break federation

* Add better comments

* Don't multiply Federation.MaxSize by 1<<20 twice

* Add more better comments

* Fix failing ActivityPubMissingPerson test

We now use ctx.ContextUser so the message printed out when a user does not exist is slightly different

* make generate-swagger

For some reason I didn't realize that /templates/swagger/v1_json.tmpl was machine-generated by make generate-swagger... I've been editing it by hand for three months! 🤦

* Move getting the RFC 2616 time to a separate function

* More code cleanup

* Update go-ap to fix empty liked collection and removed unneeded HTTP headers

* go mod tidy

* Add ed25519 to httpsig algorithms

* Use go-ap/jsonld to add @context and marshal JSON

* Change Gitea user agent from the default to Gitea/Version

* Use ctx.ServerError and remove all remote interaction code from webfinger.go
2022-06-19 07:25:12 +02:00
..
activitypub User keypairs and HTTP signatures for ActivityPub federation using go-ap (#19133) 2022-06-19 07:25:12 +02:00
analyze Simplify IsVendor (#19626) 2022-05-06 10:12:30 +01:00
appstate Use a struct as test options (#19393) 2022-04-14 21:58:21 +08:00
auth Remove legacy +build: constraint (#19582) 2022-05-02 23:22:45 +08:00
avatar Remove legacy +build: constraint (#19582) 2022-05-02 23:22:45 +08:00
base Prettify number of issues (#17760) 2022-06-12 20:08:23 +08:00
cache Update go-chi/cache to utilize Ping() (#19719) 2022-05-15 20:43:27 +02:00
charset Detect truncated utf-8 characters at the end of content as still representing utf-8 (#19773) 2022-05-21 14:06:24 +01:00
container Move reaction to models/issues/ (#19264) 2022-03-31 17:20:39 +08:00
context Return 404 when tag is broken (#20017) 2022-06-18 19:08:34 +02:00
convert Move issues related files into models/issues (#19931) 2022-06-13 17:37:59 +08:00
csv Allow render HTML with css/js external links (#19017) 2022-06-16 11:33:23 +08:00
doctor Backtick table name in generic orphan check (#20019) 2022-06-19 07:26:22 +08:00
emoji format with gofumpt (#18184) 2022-01-20 18:46:10 +01:00
eventsource Stop spurious APIFormat stopwatches logs (#20008) 2022-06-17 22:47:15 +01:00
generate Use base32 for 2FA scratch token (#18384) 2022-01-26 12:10:10 +08:00
git Add fetch.writeCommitGraph to gitconfig (#20006) 2022-06-17 21:18:35 +01:00
gitgraph Move some code into models/git (#19879) 2022-06-12 23:51:54 +08:00
graceful Fix signal loop in graceful manager (#19943) 2022-06-12 21:50:18 +08:00
hcaptcha
highlight Fix copy/paste of empty lines (#19798) 2022-06-10 21:45:28 +08:00
hostmatcher Support hostname:port to pass host matcher's check #19543 (#19543) 2022-04-29 01:39:50 +08:00
httpcache Set the LastModified header for raw files (#18356) 2022-05-09 17:54:51 +02:00
httplib refactor httplib (#18338) 2022-01-19 19:31:39 -05:00
indexer Move issues related files into models/issues (#19931) 2022-06-13 17:37:59 +08:00
json Refactor legacy unknwon/com package, improve golangci lint (#19284) 2022-04-01 16:47:50 +08:00
lfs Move some code into models/git (#19879) 2022-06-12 23:51:54 +08:00
log Empty log queue on flush and close (#19994) 2022-06-18 10:33:13 +08:00
markup Remove legacy git code (ver < 2.0), fine tune markup tests (#19930) 2022-06-16 23:47:44 +08:00
metrics format with gofumpt (#18184) 2022-01-20 18:46:10 +01:00
migration Prevent NPE whilst migrating if there is a team request review (#19855) 2022-06-09 10:50:05 +08:00
nosql Remove legacy unknwon/com package (#19298) 2022-04-02 00:34:57 +08:00
notification Move issues related files into models/issues (#19931) 2022-06-13 17:37:59 +08:00
options Remove legacy +build: constraint (#19582) 2022-05-02 23:22:45 +08:00
packages Add Helm Chart registry (#19406) 2022-04-19 12:55:35 -04:00
paginator Remove legacy unmaintained packages, refactor to support change default locale (#19308) 2022-04-03 17:46:48 +08:00
password Fixed assert statements. (#16089) 2021-06-07 07:27:09 +02:00
pprof refactor: move from io/ioutil to io and os package (#17109) 2021-09-22 13:38:34 +08:00
private Add Goroutine stack inspector to admin/monitor (#19207) 2022-03-31 19:01:43 +02:00
process Set Setpgid on child git processes (#19865) 2022-06-03 15:36:18 +01:00
proxy Return nil proxy function if proxy not enabled (#16742) 2021-08-19 16:41:20 -04:00
public Remove legacy +build: constraint (#19582) 2022-05-02 23:22:45 +08:00
queue Fix 64-bit atomic operations on 32-bit machines (#19531) 2022-04-27 10:32:04 -05:00
recaptcha refactor: move from io/ioutil to io and os package (#17109) 2021-09-22 13:38:34 +08:00
references Custom regexp external issues (#17624) 2022-06-10 13:39:53 +08:00
regexplru Custom regexp external issues (#17624) 2022-06-10 13:39:53 +08:00
repository Remove legacy git code (ver < 2.0), fine tune markup tests (#19930) 2022-06-16 23:47:44 +08:00
secret Use CryptoRandomBytes instead of CryptoRandomString (#18439) 2022-02-04 18:03:15 +01:00
session format with gofumpt (#18184) 2022-01-20 18:46:10 +01:00
setting User keypairs and HTTP signatures for ActivityPub federation using go-ap (#19133) 2022-06-19 07:25:12 +02:00
ssh Implement http signatures support for the API (#17565) 2022-06-05 08:16:14 +01:00
storage Add Package Registry (#16510) 2022-03-30 16:42:47 +08:00
structs User keypairs and HTTP signatures for ActivityPub federation using go-ap (#19133) 2022-06-19 07:25:12 +02:00
svg Remove legacy +build: constraint (#19582) 2022-05-02 23:22:45 +08:00
sync Use queue instead of memory queue in webhook send service (#19390) 2022-04-25 20:03:01 +02:00
templates fix push mirrors URL are no longer displayed on the UI (#20011) 2022-06-18 11:30:26 +08:00
test Move access and repo permission to models/perm/access (#19350) 2022-05-11 12:09:36 +02:00
timeutil Remove legacy unmaintained packages, refactor to support change default locale (#19308) 2022-04-03 17:46:48 +08:00
translation Remove legacy unmaintained packages, refactor to support change default locale (#19308) 2022-04-03 17:46:48 +08:00
typesniffer Fix raw endpoint PDF file headers (#19825) 2022-05-28 18:10:14 +03:00
updatechecker format with gofumpt (#18184) 2022-01-20 18:46:10 +01:00
upload Simplify parameter types (#18006) 2021-12-20 04:41:31 +00:00
uri Prevent NPE if gitea uploader fails to open url (#18080) 2021-12-23 16:27:33 +00:00
user
util Prettify number of issues (#17760) 2022-06-12 20:08:23 +08:00
validation use IsLoopback (#19477) 2022-04-25 13:55:12 +08:00
web Unify repo settings & show better error (#19828) 2022-06-12 13:43:27 +08:00