federails 0.0.1 → 0.2.0

data/lib/federails/utils/host.rb

@@ -0,0 +1,54 @@
+module Federails
+  module Utils
+    class Host
+      class << self
+        COMMON_PORTS = [80, 443].freeze
+
+        ##
+        # @return [String] Host and port of the current instance
+        def localhost
+          uri = URI.parse Federails.configuration.site_host
+          host_and_port (uri.host || 'localhost'), Federails.configuration.site_port
+        end
+
+        ##
+        # Checks if the given URL points somewhere on current instance
+        #
+        # @param url [String] URL to check
+        #
+        # @return [true, false]
+        def local_url?(url)
+          uri = URI.parse url
+          host = host_and_port uri.host, uri.port
+          localhost == host
+        end
+
+        ##
+        # Gets the route on the current instance, or nil
+        #
+        # @param url [String] URL to check
+        #
+        # @return [ActionDispatch::Routing::RouteSet, nil] nil when URL do not match a route
+        def local_route(url)
+          return nil unless local_url? url
+
+          Rails.application.routes.recognize_path(url)
+        rescue ActionController::RoutingError
+          nil
+        end
+
+        private
+
+        def host_and_port(host, port)
+          port_string = if port.present? && COMMON_PORTS.exclude?(port)
+                          ":#{port}"
+                        else
+                          ''
+                        end
+
+          "#{host}#{port_string}"
+        end
+      end
+    end
+  end
+end

data/lib/federails/version.rb

@@ -1,3 +1,3 @@
 module Federails
-  VERSION = "0.0.1"
+  VERSION = '0.2.0'.freeze
 end

data/lib/federails.rb

@@ -1,6 +1,37 @@
-require "federails/version"
-require "federails/engine"
+require 'federails/version'
+require 'federails/engine'
+require 'federails/configuration'
 
+# rubocop:disable Style/ClassVars
 module Federails
-  # Your code goes here...
+  mattr_reader :configuration
+  @@configuration = Configuration
+
+  # Make factories available
+  config.factory_bot.definition_file_paths += [File.expand_path('spec/factories', __dir__)] if defined?(FactoryBotRails)
+
+  def self.configure
+    yield @@configuration
+  end
+
+  def self.config_from(name) # rubocop:disable Metrics/MethodLength
+    config = Rails.application.config_for name
+    [
+      :app_name,
+      :app_version,
+      :force_ssl,
+      :site_host,
+      :site_port,
+      :enable_discovery,
+      :app_layout,
+      :user_class, # @deprecated
+      :server_routes_path,
+      :client_routes_path,
+      :remote_follow_url_method,
+      :user_profile_url_method, # @deprecated
+      :user_name_field, # @deprecated
+      :user_username_field, # @deprecated
+    ].each { |key| Configuration.send :"#{key}=", config[key] if config.key?(key) }
+  end
 end
+# rubocop:enable Style/ClassVars

data/lib/fediverse/inbox.rb

@@ -0,0 +1,71 @@
+require 'fediverse/request'
+
+module Fediverse
+  class Inbox
+    class << self
+      def dispatch_request(payload)
+        case payload['type']
+        when 'Create'
+          handle_create_request payload
+        when 'Follow'
+          handle_create_follow_request payload
+        when 'Accept'
+          handle_accept_request payload
+        when 'Undo'
+          handle_undo_request payload
+        else
+          # FIXME: Fails silently
+          # raise NotImplementedError
+          Rails.logger.debug { "Unhandled activity type: #{payload['type']}" }
+        end
+      end
+
+      private
+
+      def handle_create_request(payload)
+        activity = Request.get(payload['object'])
+        case activity['type']
+        when 'Follow'
+          handle_create_follow_request activity
+        when 'Note'
+          handle_create_note activity
+        end
+      end
+
+      def handle_create_follow_request(activity)
+        actor        = Federails::Actor.find_or_create_by_object activity['actor']
+        target_actor = Federails::Actor.find_or_create_by_object activity['object']
+
+        Federails::Following.create! actor: actor, target_actor: target_actor, federated_url: activity['id']
+      end
+
+      def handle_create_note(activity)
+        actor = Federails::Actor.find_or_create_by_object activity['attributedTo']
+        Note.create! actor: actor, content: activity['content'], federated_url: activity['id']
+      end
+
+      def handle_accept_request(payload)
+        activity = Request.get(payload['object'])
+        raise "Can't accept things that are not Follow" unless activity['type'] == 'Follow'
+
+        actor        = Federails::Actor.find_or_create_by_object activity['actor']
+        target_actor = Federails::Actor.find_or_create_by_object activity['object']
+        raise 'Follow not accepted by target actor but by someone else' if payload['actor'] != target_actor.federated_url
+
+        follow = Federails::Following.find_by actor: actor, target_actor: target_actor
+        follow.accept!
+      end
+
+      def handle_undo_request(payload)
+        activity = payload['object']
+        raise "Can't undo things that are not Follow" unless activity['type'] == 'Follow'
+
+        actor        = Federails::Actor.find_or_create_by_object activity['actor']
+        target_actor = Federails::Actor.find_or_create_by_object activity['object']
+
+        follow = Federails::Following.find_by actor: actor, target_actor: target_actor
+        follow&.destroy
+      end
+    end
+  end
+end

data/lib/fediverse/notifier.rb

@@ -0,0 +1,60 @@
+require 'fediverse/signature'
+
+module Fediverse
+  class Notifier
+    class << self
+      def post_to_inboxes(activity)
+        actors = activity.recipients
+        Rails.logger.debug('Nobody to notice') && return if actors.count.zero?
+
+        message = payload(activity)
+        actors.each do |recipient|
+          Rails.logger.debug { "Sending activity ##{activity.id} to #{recipient.inbox_url}" }
+          post_to_inbox(to: recipient, message: message, from: activity.actor)
+        end
+      end
+
+      private
+
+      def payload(activity)
+        Federails::ApplicationController.renderer.new.render(
+          template: 'federails/server/activities/show',
+          assigns:  { activity: activity },
+          format:   :json
+        )
+      end
+
+      def post_to_inbox(to:, message:, from: nil)
+        conn = Faraday.default_connection
+        conn.builder.build_response(
+          conn,
+          signed_request(to: to, message: message, from: from)
+        )
+      end
+
+      def signed_request(to:, message:, from:)
+        req = request(to: to, message: message)
+        req.headers['Signature'] = Fediverse::Signature.sign(sender: from, request: req) if from
+        req
+      end
+
+      def request(to:, message:) # rubocop:todo Metrics/AbcSize
+        Faraday.default_connection.build_request(:post) do |req|
+          req.url to.inbox_url
+          req.body = message
+          req.headers['Content-Type'] = Mime[:activitypub].to_s
+          req.headers['Accept'] = Mime[:activitypub].to_s
+          req.headers['Host'] = URI.parse(to.inbox_url).host
+          req.headers['Date'] = Time.now.utc.httpdate
+          req.headers['Digest'] = digest(message)
+        end
+      end
+
+      def digest(message)
+        "SHA-256=#{Base64.strict_encode64(
+          OpenSSL::Digest.new('SHA256').digest(message)
+        )}"
+      end
+    end
+  end
+end

data/lib/fediverse/request.rb

@@ -0,0 +1,38 @@
+require 'json/ld'
+
+module Fediverse
+  class Request
+    BASE_HEADERS = {
+      'Content-Type' => 'application/json',
+      'Accept'       => 'application/json',
+    }.freeze
+
+    def initialize(id)
+      @id = id
+    end
+
+    def get
+      Rails.logger.debug { "GET #{@id}" }
+      @response = Faraday.get(@id, nil, BASE_HEADERS)
+      response_to_json
+    end
+
+    class << self
+      def get(id)
+        new(id).get
+      end
+    end
+
+    private
+
+    def response_to_json
+      begin
+        body = JSON.parse @response.body
+      rescue JSON::ParserError
+        return
+      end
+
+      JSON::LD::API.compact body, body['@context']
+    end
+  end
+end

data/lib/fediverse/signature.rb

@@ -0,0 +1,49 @@
+module Fediverse
+  class Signature
+    class << self
+      def sign(sender:, request:)
+        private_key = OpenSSL::PKey::RSA.new sender.private_key, Rails.application.credentials.secret_key_base
+        headers = '(request-target) host date digest'
+        sig = Base64.strict_encode64(
+          private_key.sign(
+            OpenSSL::Digest.new('SHA256'), signature_payload(request: request, headers: headers)
+          )
+        )
+        {
+          keyId:     sender.key_id,
+          headers:   headers,
+          signature: sig,
+        }.map { |k, v| "#{k}=\"#{v}\"" }.join(',')
+      end
+
+      def verify(sender:, request:)
+        raise 'Unsigned headers' unless request.headers['Signature']
+
+        signature_header = request.headers['Signature'].split(',').to_h do |pair|
+          /\A(?<key>[\w]+)="(?<value>.*)"\z/ =~ pair
+          [key, value]
+        end
+
+        headers   = signature_header['headers']
+        signature = Base64.decode64(signature_header['signature'])
+        key       = OpenSSL::PKey::RSA.new(sender.public_key)
+
+        comparison_string = signature_payload(request: request, headers: headers)
+
+        key.verify(OpenSSL::Digest.new('SHA256'), signature, comparison_string)
+      end
+
+      private
+
+      def signature_payload(request:, headers:)
+        headers.split.map do |signed_header_name|
+          if signed_header_name == '(request-target)'
+            "(request-target): #{request.http_method} #{URI.parse(request.path).path}"
+          else
+            "#{signed_header_name}: #{request.headers[signed_header_name.capitalize]}"
+          end
+        end.join("\n")
+      end
+    end
+  end
+end

data/lib/fediverse/webfinger.rb

@@ -0,0 +1,117 @@
+require 'faraday'
+require 'faraday/follow_redirects'
+
+require 'federails/utils/host'
+
+module Fediverse
+  class Webfinger
+    class << self
+      ACCOUNT_REGEX = /(?<username>[a-z0-9\-_.]+)(?:@(?<domain>.*))?/
+
+      def split_resource_account(account)
+        /\Aacct:#{ACCOUNT_REGEX}\z/io.match account
+      end
+
+      def split_account(account)
+        /\A#{ACCOUNT_REGEX}\z/io.match account
+      end
+
+      def local_user?(account)
+        account[:username] && (account[:domain].nil? || (account[:domain] == Federails::Utils::Host.localhost))
+      end
+
+      def fetch_actor(username, domain)
+        fetch_actor_url webfinger(username, domain)
+      end
+
+      def fetch_actor_url(url)
+        webfinger_to_actor get_json url
+      end
+
+      # Returns actor id
+      def webfinger(username, domain)
+        json = webfinger_response(username, domain)
+        link = json['links'].find { |l| l['type'] == 'application/activity+json' }
+
+        link['href'] if link
+      end
+
+      # Returns remote follow link template, or complete link if actor_url is provided
+      def remote_follow_url(username, domain, actor_url: nil)
+        json = webfinger_response(username, domain)
+        link = json['links'].find { |l| l['rel'] == 'http://ostatus.org/schema/1.0/subscribe' }
+        return nil if link&.dig('template').nil?
+
+        if actor_url
+          link['template'].gsub('{uri}', CGI.escape(actor_url))
+        else
+          link['template']
+        end
+      end
+
+      private
+
+      def webfinger_response(username, domain)
+        scheme = Federails.configuration.force_ssl ? 'https' : 'http'
+        get_json "#{scheme}://#{domain}/.well-known/webfinger", resource: "acct:#{username}@#{domain}"
+      end
+
+      def server_and_port(id)
+        uri = URI.parse id
+        if uri.port && [80, 443].exclude?(uri.port)
+          "#{uri.host}:#{uri.port}"
+        else
+          uri.host
+        end
+      end
+
+      def webfinger_to_actor(data)
+        Federails::Actor.new federated_url:  data['id'],
+                             username:       data['preferredUsername'],
+                             name:           data['name'],
+                             server:         server_and_port(data['id']),
+                             inbox_url:      data['inbox'],
+                             outbox_url:     data['outbox'],
+                             followers_url:  data['followers'],
+                             followings_url: data['following'],
+                             profile_url:    data['url'],
+                             public_key:     data.dig('publicKey', 'publicKeyPem')
+      end
+
+      def get_json(url, payload = {})
+        response = get(url, payload: payload, headers: { accept: 'application/json' })
+
+        if response.status != 200
+          Rails.logger.debug { "Unhandled status code #{response.status} for GET #{url}" }
+          raise ActiveRecord::RecordNotFound
+        end
+
+        JSON.parse(response.body)
+      rescue JSON::ParserError
+        Rails.logger.debug { "Invalid JSON response GET #{url}" }
+
+        raise ActiveRecord::RecordNotFound
+      end
+
+      # Only perform a GET request and throws an ActiveRecord::RecordNotFound
+      # on error.
+      # That's "ok-ish"; when an actor is unavailable, whatever the reason is, it's
+      # not found...
+      def get(url, payload: {}, headers: {})
+        connection = Faraday.new url: url, params: payload, headers: headers do |faraday|
+          faraday.response :follow_redirects # use Faraday::FollowRedirects::Middleware
+          faraday.adapter Faraday.default_adapter
+        end
+
+        begin
+          response = connection.get
+        rescue Faraday::ConnectionFailed
+          Rails.logger.debug { "Failed to reach server for GET #{url}" }
+          raise ActiveRecord::RecordNotFound
+        end
+
+        response
+      end
+    end
+  end
+end

data/lib/generators/federails/install/USAGE

@@ -0,0 +1,9 @@
+Description:
+    Copies configuration file and initializer
+
+Example:
+    bin/rails generate federails:install
+
+    This will create:
+        config/federails.yml
+        config/initializers/federails.rb

data/lib/generators/federails/install/install_generator.rb

@@ -0,0 +1,10 @@
+module Federails
+  class InstallGenerator < Rails::Generators::Base
+    source_root File.expand_path('templates', __dir__)
+
+    def copy_files
+      copy_file 'federails.yml', 'config/federails.yml'
+      copy_file 'federails.rb', 'config/initializers/federails.rb'
+    end
+  end
+end

data/lib/generators/federails/install/templates/federails.rb

@@ -0,0 +1 @@
+Federails.config_from 'federails'

data/lib/generators/federails/install/templates/federails.yml

@@ -0,0 +1,23 @@
+---
+defaults: &defaults
+  app_name:
+  app_version:
+  force_ssl: false
+  site_host: http://localhost
+  site_port: 3000
+  enable_discovery: true
+  app_layout: 'layouts/application'
+  server_routes_path: federation
+  client_routes_path: app
+
+development:
+  <<: *defaults
+
+test:
+  <<: *defaults
+  site_port: null
+
+production:
+  <<: *defaults
+  force_ssl: true
+  site_port: 443

data/lib/tasks/factory_bot.rake

@@ -0,0 +1,15 @@
+namespace :factory_bot do
+  desc 'Verify that all FactoryBot factories are valid'
+  task lint: :environment do
+    if Rails.env.test?
+      conn = ActiveRecord::Base.connection
+      conn.transaction do
+        FactoryBot.lint traits: true
+        raise ActiveRecord::Rollback
+      end
+    else
+      system("bundle exec rake app:factory_bot:lint RAILS_ENV='test'")
+      raise if $CHILD_STATUS.exitstatus.nonzero?
+    end
+  end
+end