npm - @fedify/fedify - Versions diffs - 0.10.0-dev.190 → 0.10.0-dev.195 - Mend

@fedify/fedify 0.10.0-dev.190 → 0.10.0-dev.195

Files changed (179) hide show

package/esm/federation/middleware.js CHANGED Viewed

@@ -5,7 +5,7 @@ import { exportJwk, importJwk, validateCryptoKey } from "../sig/key.js";
 import { getKeyOwner } from "../sig/owner.js";
 import { handleNodeInfo, handleNodeInfoJrd } from "../nodeinfo/handler.js";
 import { fetchDocumentLoader, getAuthenticatedDocumentLoader, kvCache, } from "../runtime/docloader.js";
-import { Activity, CryptographicKey } from "../vocab/mod.js";
+import { Activity, CryptographicKey, Multikey, } from "../vocab/mod.js";
 import { handleWebFinger } from "../webfinger/handler.js";
 import { buildCollectionSynchronizationHeader } from "./collection.js";
 import { handleActor, handleCollection, handleInbox, handleObject, } from "./handler.js";
@@ -145,33 +145,12 @@ export class Federation {
         }
         logger.info("Successfully sent activity {activityId} to {inbox}.", { ...logData, activityId: activity?.id?.href });
     }
-    async #getKeyPairsFromHandle(url, contextData, handle) {
-        const logger = getLogger(["fedify", "federation", "actor"]);
-        if (this.#actorCallbacks?.keyPairsDispatcher == null) {
-            throw new Error("No actor key pairs dispatcher registered.");
-        }
-        const path = this.#router.build("actor", { handle });
-        if (path == null) {
-            logger.warn("No actor dispatcher registered.");
-            return [];
-        }
-        const actorUri = new URL(path, url);
-        const keyPairs = await this.#actorCallbacks?.keyPairsDispatcher(contextData, handle);
-        if (keyPairs.length < 1) {
-            logger.warn("No key pairs found for actor {handle}.", { handle });
-        }
-        let i = 0;
-        const result = [];
-        for (const keyPair of keyPairs) {
-            result.push({
-                ...keyPair,
-                keyId: new URL(i == 0 ? `#main-key` : `#key-${i + 1}`, actorUri),
-            });
-            i++;
-        }
-        return result;
-    }
     createContext(urlOrRequest, contextData) {
+        return urlOrRequest instanceof Request
+            ? this.#createContext(urlOrRequest, contextData)
+            : this.#createContext(urlOrRequest, contextData);
+    }
+    #createContext(urlOrRequest, contextData, opts = {}) {
         const request = urlOrRequest instanceof Request ? urlOrRequest : null;
         const url = urlOrRequest instanceof URL
             ? new URL(urlOrRequest)
@@ -183,304 +162,28 @@ export class Federation {
         }
         if (this.#treatHttps)
             url.protocol = "https:";
-        const getRsaKeyPairFromHandle = async (handle) => {
-            const keyPairs = await this.#getKeyPairsFromHandle(url, contextData, handle);
-            for (const keyPair of keyPairs) {
-                const { privateKey } = keyPair;
-                if (privateKey.algorithm.name === "RSASSA-PKCS1-v1_5" &&
-                    privateKey.algorithm.hash
-                        .name ===
-                        "SHA-256") {
-                    return keyPair;
-                }
-            }
-            getLogger(["fedify", "federation", "actor"]).warn("No RSA-PKCS#1-v1.5 SHA-256 key found for actor {handle}.", { handle });
-            return null;
-        };
-        const getAuthenticatedDocumentLoader = this.#authenticatedDocumentLoaderFactory;
-        const documentLoader = this.#documentLoader;
-        function getDocumentLoader(identity) {
-            if ("handle" in identity) {
-                const keyPair = getRsaKeyPairFromHandle(identity.handle);
-                if (keyPair == null)
-                    return documentLoader;
-                return keyPair.then((pair) => pair == null ? documentLoader : getAuthenticatedDocumentLoader(pair));
-            }
-            return getAuthenticatedDocumentLoader(identity);
-        }
-        const context = {
+        const ctxOptions = {
+            url,
+            federation: this,
+            router: this.#router,
+            objectTypeIds: this.#objectTypeIds,
+            objectCallbacks: this.#objectCallbacks,
+            actorCallbacks: this.#actorCallbacks,
             data: contextData,
-            documentLoader: this.#documentLoader,
+            documentLoader: opts.documentLoader ?? this.#documentLoader,
             contextLoader: this.#contextLoader,
-            getNodeInfoUri: () => {
-                const path = this.#router.build("nodeInfo", {});
-                if (path == null) {
-                    throw new RouterError("No NodeInfo dispatcher registered.");
-                }
-                return new URL(path, url);
-            },
-            getActorUri: (handle) => {
-                const path = this.#router.build("actor", { handle });
-                if (path == null) {
-                    throw new RouterError("No actor dispatcher registered.");
-                }
-                return new URL(path, url);
-            },
-            getObjectUri: (
-            // deno-lint-ignore no-explicit-any
-            cls, values) => {
-                const callbacks = this.#objectCallbacks[cls.typeId.href];
-                if (callbacks == null) {
-                    throw new RouterError("No object dispatcher registered.");
-                }
-                for (const param of callbacks.parameters) {
-                    if (!(param in values)) {
-                        throw new TypeError(`Missing parameter: ${param}`);
-                    }
-                }
-                const path = this.#router.build(`object:${cls.typeId.href}`, values);
-                if (path == null) {
-                    throw new RouterError("No object dispatcher registered.");
-                }
-                return new URL(path, url);
-            },
-            getOutboxUri: (handle) => {
-                const path = this.#router.build("outbox", { handle });
-                if (path == null) {
-                    throw new RouterError("No outbox dispatcher registered.");
-                }
-                return new URL(path, url);
-            },
-            getInboxUri: (handle) => {
-                if (handle == null) {
-                    const path = this.#router.build("sharedInbox", {});
-                    if (path == null) {
-                        throw new RouterError("No shared inbox path registered.");
-                    }
-                    return new URL(path, url);
-                }
-                const path = this.#router.build("inbox", { handle });
-                if (path == null) {
-                    throw new RouterError("No inbox path registered.");
-                }
-                return new URL(path, url);
-            },
-            getFollowingUri: (handle) => {
-                const path = this.#router.build("following", { handle });
-                if (path == null) {
-                    throw new RouterError("No following collection path registered.");
-                }
-                return new URL(path, url);
-            },
-            getFollowersUri: (handle) => {
-                const path = this.#router.build("followers", { handle });
-                if (path == null) {
-                    throw new RouterError("No followers collection path registered.");
-                }
-                return new URL(path, url);
-            },
-            parseUri: (uri) => {
-                if (uri.origin !== url.origin)
-                    return null;
-                const route = this.#router.route(uri.pathname);
-                if (route == null)
-                    return null;
-                else if (route.name === "actor") {
-                    return { type: "actor", handle: route.values.handle };
-                }
-                else if (route.name.startsWith("object:")) {
-                    const typeId = route.name.replace(/^object:/, "");
-                    return {
-                        type: "object",
-                        class: this.#objectTypeIds[typeId],
-                        typeId: new URL(typeId),
-                        values: route.values,
-                    };
-                }
-                else if (route.name === "inbox") {
-                    return { type: "inbox", handle: route.values.handle };
-                }
-                else if (route.name === "sharedInbox") {
-                    return { type: "inbox" };
-                }
-                else if (route.name === "outbox") {
-                    return { type: "outbox", handle: route.values.handle };
-                }
-                else if (route.name === "following") {
-                    return { type: "following", handle: route.values.handle };
-                }
-                else if (route.name === "followers") {
-                    return { type: "followers", handle: route.values.handle };
-                }
-                return null;
-            },
-            getHandleFromActorUri(actorUri) {
-                getLogger(["fedify", "federation"]).warn("Context.getHandleFromActorUri() is deprecated; " +
-                    "use Context.parseUri() instead.");
-                const result = this.parseUri(actorUri);
-                if (result?.type === "actor")
-                    return result.handle;
-                return null;
-            },
-            getActorKeyPairs: async (handle) => {
-                let keyPairs;
-                try {
-                    keyPairs = await this.#getKeyPairsFromHandle(url, contextData, handle);
-                }
-                catch (_) {
-                    getLogger(["fedify", "federation", "actor"])
-                        .warn("No actor key pairs dispatcher registered.");
-                    return [];
-                }
-                const owner = context.getActorUri(handle);
-                const result = [];
-                for (const keyPair of keyPairs) {
-                    const newPair = {
-                        ...keyPair,
-                        cryptographicKey: new CryptographicKey({
-                            id: keyPair.keyId,
-                            owner,
-                            publicKey: keyPair.publicKey,
-                        }),
-                    };
-                    result.push(newPair);
-                }
-                return result;
-            },
-            getActorKey: async (handle) => {
-                getLogger(["fedify", "federation", "actor"]).warn("Context.getActorKey() method is deprecated; " +
-                    "use Context.getActorKeyPairs() method instead.");
-                let keyPair;
-                try {
-                    keyPair = await getRsaKeyPairFromHandle(handle);
-                }
-                catch (_) {
-                    return null;
-                }
-                if (keyPair == null)
-                    return null;
-                return new CryptographicKey({
-                    id: keyPair.keyId,
-                    owner: context.getActorUri(handle),
-                    publicKey: keyPair.publicKey,
-                });
-            },
-            getDocumentLoader,
-            sendActivity: async (sender, recipients, activity, options = {}) => {
-                let senderPair;
-                if ("handle" in sender) {
-                    const keyPair = await getRsaKeyPairFromHandle(sender.handle);
-                    if (keyPair == null) {
-                        throw new Error(`No key pair found for actor ${sender.handle}`);
-                    }
-                    senderPair = keyPair;
-                }
-                else {
-                    senderPair = sender;
-                }
-                const opts = { ...options };
-                let expandedRecipients;
-                if (Array.isArray(recipients)) {
-                    expandedRecipients = recipients;
-                }
-                else if (recipients === "followers") {
-                    if (!("handle" in sender)) {
-                        throw new Error("If recipients is 'followers', sender must be an actor handle.");
-                    }
-                    expandedRecipients = [];
-                    for await (const recipient of this.#getFollowers(reqCtx, sender.handle)) {
-                        expandedRecipients.push(recipient);
-                    }
-                    const collectionId = this.#router.build("followers", sender);
-                    opts.collectionSync = collectionId == null
-                        ? undefined
-                        : new URL(collectionId, url).href;
-                }
-                else {
-                    expandedRecipients = [recipients];
-                }
-                return await this.sendActivity(senderPair, expandedRecipients, activity, opts);
-            },
+            authenticatedDocumentLoaderFactory: this.#authenticatedDocumentLoaderFactory,
         };
         if (request == null)
-            return context;
-        let signedKey = undefined;
-        let signedKeyOwner = undefined;
-        const timeWindow = this.#signatureTimeWindow;
-        const reqCtx = {
-            ...context,
+            return new ContextImpl(ctxOptions);
+        return new RequestContextImpl({
+            ...ctxOptions,
             request,
-            url,
-            getActor: async (handle) => {
-                if (this.#actorCallbacks == null ||
-                    this.#actorCallbacks.dispatcher == null) {
-                    throw new Error("No actor dispatcher registered.");
-                }
-                let rsaKey;
-                try {
-                    rsaKey = await getRsaKeyPairFromHandle(handle);
-                }
-                catch (_) {
-                    rsaKey = null;
-                }
-                return await this.#actorCallbacks.dispatcher({
-                    ...reqCtx,
-                    getActor(handle2) {
-                        getLogger(["fedify", "federation"]).warn("RequestContext.getActor({getActorHandle}) is invoked from " +
-                            "the actor dispatcher ({actorDispatcherHandle}); " +
-                            "this may cause an infinite loop.", { getActorHandle: handle2, actorDispatcherHandle: handle });
-                        return reqCtx.getActor(handle2);
-                    },
-                }, handle, rsaKey == null ? null : new CryptographicKey({
-                    id: rsaKey.keyId,
-                    owner: context.getActorUri(handle),
-                    publicKey: rsaKey.publicKey,
-                }));
-            },
-            getObject: async (cls, values) => {
-                const callbacks = this.#objectCallbacks[cls.typeId.href];
-                if (callbacks == null) {
-                    throw new Error("No object dispatcher registered.");
-                }
-                for (const param of callbacks.parameters) {
-                    if (!(param in values)) {
-                        throw new TypeError(`Missing parameter: ${param}`);
-                    }
-                }
-                return await callbacks.dispatcher({
-                    ...reqCtx,
-                    getObject(cls2, values2) {
-                        getLogger(["fedify", "federation"]).warn("RequestContext.getObject({getObjectClass}, " +
-                            "{getObjectValues}) is invoked from the object dispatcher " +
-                            "({actorDispatcherClass}, {actorDispatcherValues}); " +
-                            "this may cause an infinite loop.", {
-                            getObjectClass: cls2.name,
-                            getObjectValues: values2,
-                            actorDispatcherClass: cls.name,
-                            actorDispatcherValues: values,
-                        });
-                        return reqCtx.getObject(cls2, values2);
-                    },
-                }, values);
-            },
-            async getSignedKey() {
-                if (signedKey !== undefined)
-                    return signedKey;
-                return signedKey = await verifyRequest(request, {
-                    ...context,
-                    timeWindow,
-                });
-            },
-            async getSignedKeyOwner() {
-                if (signedKeyOwner !== undefined)
-                    return signedKeyOwner;
-                const key = await this.getSignedKey();
-                if (key == null)
-                    return signedKeyOwner = null;
-                return signedKeyOwner = await getKeyOwner(key, context);
-            },
-        };
-        return reqCtx;
+            signatureTimeWindow: this.#signatureTimeWindow,
+            followersCallbacks: this.#followersCallbacks,
+            invokedFromActorDispatcher: opts.invokedFromActorDispatcher,
+            invokedFromObjectDispatcher: opts.invokedFromObjectDispatcher,
+        });
     }
     /**
      * Registers a NodeInfo dispatcher.
@@ -604,6 +307,18 @@ export class Federation {
                             "URI.  Set the property with Context.getInboxUri().");
                     }
                 }
+                if (callbacks.keyPairsDispatcher != null) {
+                    if (actor.publicKeyId == null) {
+                        logger.warn("You configured a key pairs dispatcher, but the actor does " +
+                            "not have a publicKey property.  Set the property with " +
+                            "Context.getActorKeyPairs(handle).");
+                    }
+                    if (actor.assertionMethodId == null) {
+                        logger.warn("You configured a key pairs dispatcher, but the actor does " +
+                            "not have an assertionMethod property.  Set the property " +
+                            "with Context.getActorKeyPairs(handle).");
+                    }
+                }
                 return actor;
             },
         };
@@ -798,29 +513,6 @@ export class Federation {
         };
         return setters;
     }
-    async *#getFollowers(context, handle) {
-        if (this.#followersCallbacks == null) {
-            throw new Error("No followers collection dispatcher registered.");
-        }
-        const result = await this.#followersCallbacks.dispatcher(context, handle, null);
-        if (result != null) {
-            for (const recipient of result.items)
-                yield recipient;
-            return;
-        }
-        if (this.#followersCallbacks.firstCursor == null) {
-            throw new Error("No first cursor dispatcher registered for followers collection.");
-        }
-        let cursor = await this.#followersCallbacks.firstCursor(context, handle);
-        while (cursor != null) {
-            const result = await this.#followersCallbacks.dispatcher(context, handle, cursor);
-            if (result == null)
-                break;
-            for (const recipient of result.items)
-                yield recipient;
-            cursor = result.nextCursor ?? null;
-        }
-    }
     /**
      * Assigns the URL path for the inbox and starts setting inbox listeners.
      *
@@ -1016,7 +708,7 @@ export class Federation {
             const response = onNotFound(request);
             return response instanceof Promise ? await response : response;
         }
-        let context = this.createContext(request, contextData);
+        let context = this.#createContext(request, contextData);
         switch (route.name.replace(/:.*$/, "")) {
             case "webfinger":
                 return await handleWebFinger(request, {
@@ -1032,6 +724,9 @@ export class Federation {
                     nodeInfoDispatcher: this.#nodeInfoDispatcher,
                 });
             case "actor":
+                context = this.#createContext(request, contextData, {
+                    invokedFromActorDispatcher: { handle: route.values.handle },
+                });
                 return await handleActor(request, {
                     handle: route.values.handle,
                     context,
@@ -1044,6 +739,10 @@ export class Federation {
             case "object": {
                 const typeId = route.name.replace(/^object:/, "");
                 const callbacks = this.#objectCallbacks[typeId];
+                const cls = this.#objectTypeIds[typeId];
+                context = this.#createContext(request, contextData, {
+                    invokedFromObjectDispatcher: { cls, values: route.values },
+                });
                 return await handleObject(request, {
                     values: route.values,
                     context,
@@ -1065,12 +764,11 @@ export class Federation {
                     onNotAcceptable,
                 });
             case "inbox":
-                context = {
-                    ...context,
+                context = this.#createContext(request, contextData, {
                     documentLoader: await context.getDocumentLoader({
                         handle: route.values.handle,
                     }),
-                };
+                });
             // falls through
             case "sharedInbox":
                 return await handleInbox(request, {
@@ -1121,6 +819,396 @@ export class Federation {
         }
     }
 }
+class ContextImpl {
+    #url;
+    #federation;
+    #router;
+    #objectTypeIds;
+    objectCallbacks;
+    actorCallbacks;
+    data;
+    documentLoader;
+    contextLoader;
+    #authenticatedDocumentLoaderFactory;
+    constructor({ url, federation, router, objectTypeIds, objectCallbacks, actorCallbacks, data, documentLoader, contextLoader, authenticatedDocumentLoaderFactory, }) {
+        this.#url = url;
+        this.#federation = federation;
+        this.#router = router;
+        this.#objectTypeIds = objectTypeIds;
+        this.objectCallbacks = objectCallbacks;
+        this.actorCallbacks = actorCallbacks;
+        this.data = data;
+        this.documentLoader = documentLoader;
+        this.contextLoader = contextLoader;
+        this.#authenticatedDocumentLoaderFactory =
+            authenticatedDocumentLoaderFactory;
+    }
+    getNodeInfoUri() {
+        const path = this.#router.build("nodeInfo", {});
+        if (path == null) {
+            throw new RouterError("No NodeInfo dispatcher registered.");
+        }
+        return new URL(path, this.#url);
+    }
+    getActorUri(handle) {
+        const path = this.#router.build("actor", { handle });
+        if (path == null) {
+            throw new RouterError("No actor dispatcher registered.");
+        }
+        return new URL(path, this.#url);
+    }
+    getObjectUri(
+    // deno-lint-ignore no-explicit-any
+    cls, values) {
+        const callbacks = this.objectCallbacks[cls.typeId.href];
+        if (callbacks == null) {
+            throw new RouterError("No object dispatcher registered.");
+        }
+        for (const param of callbacks.parameters) {
+            if (!(param in values)) {
+                throw new TypeError(`Missing parameter: ${param}`);
+            }
+        }
+        const path = this.#router.build(`object:${cls.typeId.href}`, values);
+        if (path == null) {
+            throw new RouterError("No object dispatcher registered.");
+        }
+        return new URL(path, this.#url);
+    }
+    getOutboxUri(handle) {
+        const path = this.#router.build("outbox", { handle });
+        if (path == null) {
+            throw new RouterError("No outbox dispatcher registered.");
+        }
+        return new URL(path, this.#url);
+    }
+    getInboxUri(handle) {
+        if (handle == null) {
+            const path = this.#router.build("sharedInbox", {});
+            if (path == null) {
+                throw new RouterError("No shared inbox path registered.");
+            }
+            return new URL(path, this.#url);
+        }
+        const path = this.#router.build("inbox", { handle });
+        if (path == null) {
+            throw new RouterError("No inbox path registered.");
+        }
+        return new URL(path, this.#url);
+    }
+    getFollowingUri(handle) {
+        const path = this.#router.build("following", { handle });
+        if (path == null) {
+            throw new RouterError("No following collection path registered.");
+        }
+        return new URL(path, this.#url);
+    }
+    getFollowersUri(handle) {
+        const path = this.#router.build("followers", { handle });
+        if (path == null) {
+            throw new RouterError("No followers collection path registered.");
+        }
+        return new URL(path, this.#url);
+    }
+    parseUri(uri) {
+        if (uri.origin !== this.#url.origin)
+            return null;
+        const route = this.#router.route(uri.pathname);
+        if (route == null)
+            return null;
+        else if (route.name === "actor") {
+            return { type: "actor", handle: route.values.handle };
+        }
+        else if (route.name.startsWith("object:")) {
+            const typeId = route.name.replace(/^object:/, "");
+            return {
+                type: "object",
+                class: this.#objectTypeIds[typeId],
+                typeId: new URL(typeId),
+                values: route.values,
+            };
+        }
+        else if (route.name === "inbox") {
+            return { type: "inbox", handle: route.values.handle };
+        }
+        else if (route.name === "sharedInbox") {
+            return { type: "inbox" };
+        }
+        else if (route.name === "outbox") {
+            return { type: "outbox", handle: route.values.handle };
+        }
+        else if (route.name === "following") {
+            return { type: "following", handle: route.values.handle };
+        }
+        else if (route.name === "followers") {
+            return { type: "followers", handle: route.values.handle };
+        }
+        return null;
+    }
+    getHandleFromActorUri(actorUri) {
+        getLogger(["fedify", "federation"]).warn("Context.getHandleFromActorUri() is deprecated; " +
+            "use Context.parseUri() instead.");
+        const result = this.parseUri(actorUri);
+        if (result?.type === "actor")
+            return result.handle;
+        return null;
+    }
+    async getActorKeyPairs(handle) {
+        let keyPairs;
+        try {
+            keyPairs = await this.getKeyPairsFromHandle(this.#url, this.data, handle);
+        }
+        catch (_) {
+            getLogger(["fedify", "federation", "actor"])
+                .warn("No actor key pairs dispatcher registered.");
+            return [];
+        }
+        const owner = this.getActorUri(handle);
+        const result = [];
+        for (const keyPair of keyPairs) {
+            const newPair = {
+                ...keyPair,
+                cryptographicKey: new CryptographicKey({
+                    id: keyPair.keyId,
+                    owner,
+                    publicKey: keyPair.publicKey,
+                }),
+                multikey: new Multikey({
+                    id: keyPair.keyId,
+                    controller: owner,
+                    publicKey: keyPair.publicKey,
+                }),
+            };
+            result.push(newPair);
+        }
+        return result;
+    }
+    async getKeyPairsFromHandle(url, contextData, handle) {
+        const logger = getLogger(["fedify", "federation", "actor"]);
+        if (this.actorCallbacks?.keyPairsDispatcher == null) {
+            throw new Error("No actor key pairs dispatcher registered.");
+        }
+        const path = this.#router.build("actor", { handle });
+        if (path == null) {
+            logger.warn("No actor dispatcher registered.");
+            return [];
+        }
+        const actorUri = new URL(path, url);
+        const keyPairs = await this.actorCallbacks?.keyPairsDispatcher(contextData, handle);
+        if (keyPairs.length < 1) {
+            logger.warn("No key pairs found for actor {handle}.", { handle });
+        }
+        let i = 0;
+        const result = [];
+        for (const keyPair of keyPairs) {
+            result.push({
+                ...keyPair,
+                keyId: new URL(
+                // For backwards compatibility, the first key is always the #main-key:
+                i == 0 ? `#main-key` : `#key-${i + 1}`, actorUri),
+            });
+            i++;
+        }
+        return result;
+    }
+    async getActorKey(handle) {
+        getLogger(["fedify", "federation", "actor"]).warn("Context.getActorKey() method is deprecated; " +
+            "use Context.getActorKeyPairs() method instead.");
+        let keyPair;
+        try {
+            keyPair = await this.getRsaKeyPairFromHandle(handle);
+        }
+        catch (_) {
+            return null;
+        }
+        if (keyPair == null)
+            return null;
+        return new CryptographicKey({
+            id: keyPair.keyId,
+            owner: this.getActorUri(handle),
+            publicKey: keyPair.publicKey,
+        });
+    }
+    async getRsaKeyPairFromHandle(handle) {
+        const keyPairs = await this.getKeyPairsFromHandle(this.#url, this.data, handle);
+        for (const keyPair of keyPairs) {
+            const { privateKey } = keyPair;
+            if (privateKey.algorithm.name === "RSASSA-PKCS1-v1_5" &&
+                privateKey.algorithm.hash
+                    .name ===
+                    "SHA-256") {
+                return keyPair;
+            }
+        }
+        getLogger(["fedify", "federation", "actor"]).warn("No RSA-PKCS#1-v1.5 SHA-256 key found for actor {handle}.", { handle });
+        return null;
+    }
+    getDocumentLoader(identity) {
+        if ("handle" in identity) {
+            const keyPair = this.getRsaKeyPairFromHandle(identity.handle);
+            return keyPair.then((pair) => pair == null
+                ? this.documentLoader
+                : this.#authenticatedDocumentLoaderFactory(pair));
+        }
+        return this.#authenticatedDocumentLoaderFactory(identity);
+    }
+    async sendActivity(sender, recipients, activity, options = {}) {
+        let senderPair;
+        if ("handle" in sender) {
+            const keyPair = await this.getRsaKeyPairFromHandle(sender.handle);
+            if (keyPair == null) {
+                throw new Error(`No key pair found for actor ${sender.handle}`);
+            }
+            senderPair = keyPair;
+        }
+        else {
+            senderPair = sender;
+        }
+        const opts = { ...options };
+        let expandedRecipients;
+        if (Array.isArray(recipients)) {
+            expandedRecipients = recipients;
+        }
+        else if (recipients === "followers") {
+            if (!("handle" in sender)) {
+                throw new Error("If recipients is 'followers', sender must be an actor handle.");
+            }
+            expandedRecipients = [];
+            for await (const recipient of this.getFollowers(sender.handle)) {
+                expandedRecipients.push(recipient);
+            }
+            const collectionId = this.#router.build("followers", sender);
+            opts.collectionSync = collectionId == null
+                ? undefined
+                : new URL(collectionId, this.#url).href;
+        }
+        else {
+            expandedRecipients = [recipients];
+        }
+        return await this.#federation.sendActivity(senderPair, expandedRecipients, activity, opts);
+    }
+    getFollowers(_handle) {
+        throw new Error('"followers" recipients are not supported in Context.  ' +
+            "Use RequestContext instead.");
+    }
+}
+class RequestContextImpl extends ContextImpl {
+    #options;
+    #followersCallbacks;
+    #signatureTimeWindow;
+    #invokedFromActorDispatcher;
+    #invokedFromObjectDispatcher;
+    request;
+    url;
+    constructor(options) {
+        super(options);
+        this.#options = options;
+        this.#followersCallbacks = options.followersCallbacks;
+        this.#signatureTimeWindow = options.signatureTimeWindow;
+        this.#invokedFromActorDispatcher = options.invokedFromActorDispatcher;
+        this.#invokedFromObjectDispatcher = options.invokedFromObjectDispatcher;
+        this.request = options.request;
+        this.url = options.url;
+    }
+    async *getFollowers(handle) {
+        if (this.#followersCallbacks == null) {
+            throw new Error("No followers collection dispatcher registered.");
+        }
+        const result = await this.#followersCallbacks.dispatcher(this, handle, null);
+        if (result != null) {
+            for (const recipient of result.items)
+                yield recipient;
+            return;
+        }
+        if (this.#followersCallbacks.firstCursor == null) {
+            throw new Error("No first cursor dispatcher registered for followers collection.");
+        }
+        let cursor = await this.#followersCallbacks.firstCursor(this, handle);
+        while (cursor != null) {
+            const result = await this.#followersCallbacks.dispatcher(this, handle, cursor);
+            if (result == null)
+                break;
+            for (const recipient of result.items)
+                yield recipient;
+            cursor = result.nextCursor ?? null;
+        }
+    }
+    async getActor(handle) {
+        if (this.actorCallbacks == null ||
+            this.actorCallbacks.dispatcher == null) {
+            throw new Error("No actor dispatcher registered.");
+        }
+        if (this.#invokedFromActorDispatcher != null) {
+            getLogger(["fedify", "federation"]).warn("RequestContext.getActor({getActorHandle}) is invoked from " +
+                "the actor dispatcher ({actorDispatcherHandle}); " +
+                "this may cause an infinite loop.", {
+                getActorHandle: handle,
+                actorDispatcherHandle: this.#invokedFromActorDispatcher.handle,
+            });
+        }
+        let rsaKey;
+        try {
+            rsaKey = await this.getRsaKeyPairFromHandle(handle);
+        }
+        catch (_) {
+            rsaKey = null;
+        }
+        return await this.actorCallbacks.dispatcher(new RequestContextImpl({
+            ...this.#options,
+            invokedFromActorDispatcher: { handle },
+        }), handle, rsaKey == null ? null : new CryptographicKey({
+            id: rsaKey.keyId,
+            owner: this.getActorUri(handle),
+            publicKey: rsaKey.publicKey,
+        }));
+    }
+    async getObject(
+    // deno-lint-ignore no-explicit-any
+    cls, values) {
+        const callbacks = this.objectCallbacks[cls.typeId.href];
+        if (callbacks == null) {
+            throw new Error("No object dispatcher registered.");
+        }
+        for (const param of callbacks.parameters) {
+            if (!(param in values)) {
+                throw new TypeError(`Missing parameter: ${param}`);
+            }
+        }
+        if (this.#invokedFromObjectDispatcher != null) {
+            getLogger(["fedify", "federation"]).warn("RequestContext.getObject({getObjectClass}, " +
+                "{getObjectValues}) is invoked from the object dispatcher " +
+                "({actorDispatcherClass}, {actorDispatcherValues}); " +
+                "this may cause an infinite loop.", {
+                getObjectClass: cls.name,
+                getObjectValues: values,
+                actorDispatcherClass: this.#invokedFromObjectDispatcher.cls.name,
+                actorDispatcherValues: this.#invokedFromObjectDispatcher.values,
+            });
+        }
+        return await callbacks.dispatcher(new RequestContextImpl({
+            ...this.#options,
+            invokedFromObjectDispatcher: { cls, values },
+        }), values);
+    }
+    #signedKey = undefined;
+    async getSignedKey() {
+        if (this.#signedKey !== undefined)
+            return this.#signedKey;
+        return this.#signedKey = await verifyRequest(this.request, {
+            ...this,
+            timeWindow: this.#signatureTimeWindow,
+        });
+    }
+    #signedKeyOwner = undefined;
+    async getSignedKeyOwner() {
+        if (this.#signedKeyOwner !== undefined)
+            return this.#signedKeyOwner;
+        const key = await this.getSignedKey();
+        if (key == null)
+            return this.#signedKeyOwner = null;
+        return this.#signedKeyOwner = await getKeyOwner(key, this);
+    }
+}
 function notFound(_request) {
     return new Response("Not Found", { status: 404 });
 }