@fedify/fedify 0.8.0-dev.164 → 0.8.0-dev.167

package/CHANGES.md

@@ -10,7 +10,13 @@ To be released.
 
  -  The CLI toolchain for testing and debugging is now available on JSR:
     [@fedify/cli].  You can install it with
-    `deno install -A -n fedify jsr:@fedify/cli`.
+    `deno install -A --unstable-fs --unstable-kv --unstable-temporal -n fedify
+    jsr:@fedify/cli`, or download a standalone exectuable from the [releases]
+    page.
+
+     -  Added `fedify` command.
+     -  Added `fedify lookup` subcommand.
+     -  Added `fedify inbox` subcommand.
 
  -  Implemented [followers collection synchronization mechanism][FEP-8fcf].
 
@@ -40,6 +46,26 @@ To be released.
         parameter became `CollectionDispatcher<Recipient, TContextData, URL>`
         (was `CollectionDispatcher<Actor | URL, TContextData>`).
 
+ -  Some of the responsibility of a document loader was separated to a context
+    loader and a document loader.
+
+     -  Added `contextLoader` option to constructors, `fromJsonLd()` static
+        methods, `clone()` methods, and all non-scalar accessors (`get*()`) of
+        Activity Vocabulary classes.
+     -  Renamed `documentLoader` option to `contextLoader` in `toJsonLd()`
+        methods of Activity Vocabulary objects.
+     -  Added `contextLoader` option to `LookupObjectOptions` interface.
+     -  Added `contextLoader` property to `Context` interface.
+     -  Added `contextLoader` option to `FederationParameters` interface.
+     -  Renamed `documentLoader` option to `contextLoader` in
+        `RespondWithObjectOptions` interface.
+     -  Added `GetKeyOwnerOptions` interface.
+     -  The type of the second parameter of `getKeyOwner()` function became
+        `GetKeyOwnerOptions` (was `DocumentLoader`).
+     -  Added `DoesActorOwnKeyOptions` interface.
+     -  The type of the third parameter of `doesActorOwnKey()` function became
+        `DoesActorOwnKeyOptions` (was `DocumentLoader`).
+
  -  Removed the dependency on *@js-temporal/polyfill* on Deno, and Fedify now
     requires `--unstable-temporal` flag.  On other runtime, it still depends
     on *@js-temporal/polyfill*.
@@ -54,7 +80,13 @@ To be released.
  -  Fixed a bug where the authenticated document loader had thrown `InvalidUrl`
     error when the URL redirection was involved in Bun.
 
+ -  Fixed a bug of `lookupObject()` that it had failed to look up the actor
+    object when WebFinger response had no links with
+    `"type": "application/activity+json"` but had `"type":
+    "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\""`.
+
 [@fedify/cli]: https://jsr.io/@fedify/cli
+[releases]: https://github.com/dahlia/fedify/releases
 [FEP-8fcf]: https://codeberg.org/fediverse/fep/src/branch/main/fep/8fcf/fep-8fcf.md
 
 

package/esm/federation/handler.js

@@ -176,7 +176,7 @@ export async function handleInbox(request, { handle, context, kv, kvPrefix, acto
             return await onNotFound(request);
         }
     }
-    const key = await verify(request, context.documentLoader);
+    const key = await verify(request, context.documentLoader, context.contextLoader);
     if (key == null) {
         logger.error("Failed to verify the request signature.", { handle });
         const response = new Response("Failed to verify the request signature.", {
@@ -233,7 +233,7 @@ export async function handleInbox(request, { handle, context, kv, kvPrefix, acto
         });
         return response;
     }
-    if (!await doesActorOwnKey(activity, key, context.documentLoader)) {
+    if (!await doesActorOwnKey(activity, key, context)) {
         logger.error("The signer ({keyId}) and the actor ({actorId}) do not match.", { activity: json, keyId: key.id?.href, actorId: activity.actorId.href });
         const response = new Response("The signer and the actor do not match.", {
             status: 401,

package/esm/federation/middleware.js

@@ -32,6 +32,7 @@ export class Federation {
     #inboxListeners;
     #inboxErrorHandler;
     #documentLoader;
+    #contextLoader;
     #authenticatedDocumentLoaderFactory;
     #treatHttps;
     #onOutboxError;
@@ -40,7 +41,7 @@ export class Federation {
      * Create a new {@link Federation} instance.
      * @param parameters Parameters for initializing the instance.
      */
-    constructor({ kv, kvPrefixes, queue, documentLoader, authenticatedDocumentLoaderFactory, treatHttps, onOutboxError, backoffSchedule, }) {
+    constructor({ kv, kvPrefixes, queue, documentLoader, contextLoader, authenticatedDocumentLoaderFactory, treatHttps, onOutboxError, backoffSchedule, }) {
         this.#kv = kv;
         this.#kvPrefixes = {
             ...({
@@ -61,6 +62,7 @@ export class Federation {
             kv: kv,
             prefix: this.#kvPrefixes.remoteDocument,
         });
+        this.#contextLoader = contextLoader ?? this.#documentLoader;
         this.#authenticatedDocumentLoaderFactory =
             authenticatedDocumentLoaderFactory ??
                 getAuthenticatedDocumentLoader;
@@ -98,13 +100,14 @@ export class Federation {
             const documentLoader = this.#authenticatedDocumentLoaderFactory({ keyId, privateKey });
             activity = await Activity.fromJsonLd(message.activity, {
                 documentLoader,
+                contextLoader: this.#contextLoader,
             });
             await sendActivity({
                 keyId,
                 privateKey,
                 activity,
                 inbox: new URL(message.inbox),
-                documentLoader,
+                contextLoader: this.#contextLoader,
                 headers: new Headers(message.headers),
             });
         }
@@ -169,6 +172,7 @@ export class Federation {
         const context = {
             data: contextData,
             documentLoader: this.#documentLoader,
+            contextLoader: this.#contextLoader,
             getNodeInfoUri: () => {
                 const path = this.#router.build("nodeInfo", {});
                 if (path == null) {
@@ -337,7 +341,7 @@ export class Federation {
             async getSignedKey() {
                 if (signedKey !== undefined)
                     return signedKey;
-                return signedKey = await verify(request, context.documentLoader);
+                return signedKey = await verify(request, context.documentLoader, context.contextLoader);
             },
             async getSignedKeyOwner() {
                 if (signedKeyOwner !== undefined)
@@ -345,7 +349,7 @@ export class Federation {
                 const key = await this.getSignedKey();
                 if (key == null)
                     return signedKeyOwner = null;
-                return signedKeyOwner = await getKeyOwner(key, context.documentLoader);
+                return signedKeyOwner = await getKeyOwner(key, context);
             },
         };
         return reqCtx;
@@ -698,7 +702,6 @@ export class Federation {
             activityId: activity.id?.href,
             activity,
         });
-        const documentLoader = this.#authenticatedDocumentLoaderFactory({ keyId, privateKey });
         if (immediate || this.#queue == null) {
             if (immediate) {
                 logger.debug("Sending activity immediately without queue since immediate option " +
@@ -714,7 +717,7 @@ export class Federation {
                     privateKey,
                     activity,
                     inbox: new URL(inbox),
-                    documentLoader,
+                    contextLoader: this.#contextLoader,
                     headers: collectionSync == null ? undefined : new Headers({
                         "Collection-Synchronization": await buildCollectionSynchronizationHeader(collectionSync, inboxes[inbox]),
                     }),
@@ -725,7 +728,9 @@ export class Federation {
         }
         logger.debug("Enqueuing activity {activityId} to send later.", { activityId: activity.id?.href, activity });
         const privateKeyJwk = await exportJwk(privateKey);
-        const activityJson = await activity.toJsonLd({ documentLoader });
+        const activityJson = await activity.toJsonLd({
+            contextLoader: this.#contextLoader,
+        });
         for (const inbox in inboxes) {
             const message = {
                 type: "outbox",

package/esm/federation/send.js

@@ -26,12 +26,12 @@ export function extractInboxes({ recipients, preferSharedInbox }) {
  *                   See also {@link SendActivityParameters}.
  * @throws {Error} If the activity fails to send.
  */
-export async function sendActivity({ activity, privateKey, keyId, inbox, documentLoader, headers, }) {
+export async function sendActivity({ activity, privateKey, keyId, inbox, contextLoader, headers, }) {
     const logger = getLogger(["fedify", "federation", "outbox"]);
     if (activity.actorId == null) {
         throw new TypeError("The activity to send must have at least one actor property.");
     }
-    const jsonLd = await activity.toJsonLd({ documentLoader });
+    const jsonLd = await activity.toJsonLd({ contextLoader });
     headers = new Headers(headers);
     headers.set("Content-Type", "application/activity+json");
     let request = new Request(inbox, {

package/esm/httpsig/mod.js

@@ -8,6 +8,7 @@ import * as dntShim from "../_dnt.shims.js";
 import { getLogger } from "@logtape/logtape";
 import { equals } from "../deps/jsr.io/@std/bytes/0.224.0/mod.js";
 import { decodeBase64, encodeBase64 } from "../deps/jsr.io/@std/encoding/0.224.0/base64.js";
+import { fetchDocumentLoader, } from "../runtime/docloader.js";
 import { isActor } from "../vocab/actor.js";
 import { CryptographicKey, Object as ASObject, } from "../vocab/vocab.js";
 import { validateCryptoKey } from "./key.js";
@@ -68,12 +69,13 @@ const supportedHashAlgorithms = {
  * under the hood.
  * @param request The request to verify.
  * @param documentLoader The document loader to use for fetching the public key.
+ * @param contextLoader The context loader to use for JSON-LD context retrieval.
  * @param currentTime The current time.  If not specified, the current time is
  *                    used.  This is useful for testing.
  * @returns The public key of the verified signature, or `null` if the signature
  *          could not be verified.
  */
-export async function verify(request, documentLoader, currentTime) {
+export async function verify(request, documentLoader, contextLoader, currentTime) {
     const logger = getLogger(["fedify", "httpsig", "verify"]);
     request = request.clone();
     const dateHeader = request.headers.get("Date");
@@ -159,13 +161,19 @@ export async function verify(request, documentLoader, currentTime) {
     }
     let object;
     try {
-        object = await ASObject.fromJsonLd(document, { documentLoader });
+        object = await ASObject.fromJsonLd(document, {
+            documentLoader,
+            contextLoader,
+        });
     }
     catch (e) {
         if (!(e instanceof TypeError))
             throw e;
         try {
-            object = await CryptographicKey.fromJsonLd(document, { documentLoader });
+            object = await CryptographicKey.fromJsonLd(document, {
+                documentLoader,
+                contextLoader,
+            });
         }
         catch (e) {
             if (e instanceof TypeError) {
@@ -179,7 +187,7 @@ export async function verify(request, documentLoader, currentTime) {
     if (object instanceof CryptographicKey)
         key = object;
     else if (isActor(object)) {
-        for await (const k of object.getPublicKeys({ documentLoader })) {
+        for await (const k of object.getPublicKeys({ documentLoader, contextLoader })) {
             if (k.id?.href === keyId) {
                 key = k;
                 break;
@@ -231,14 +239,14 @@ export async function verify(request, documentLoader, currentTime) {
  * Checks if the actor of the given activity owns the specified key.
  * @param activity The activity to check.
  * @param key The public key to check.
- * @param documentLoader The document loader to use for fetching the actor.
+ * @param options Options for checking the key ownership.
  * @returns Whether the actor is the owner of the key.
  */
-export async function doesActorOwnKey(activity, key, documentLoader) {
+export async function doesActorOwnKey(activity, key, options) {
     if (key.ownerId != null) {
         return key.ownerId.href === activity.actorId?.href;
     }
-    const actor = await activity.getActor({ documentLoader });
+    const actor = await activity.getActor(options);
     if (actor == null || !isActor(actor))
         return false;
     for (const publicKeyId of actor.publicKeyIds) {
@@ -248,14 +256,18 @@ export async function doesActorOwnKey(activity, key, documentLoader) {
     return false;
 }
 /**
- * Gets the actor that owns the specified key.  Returns `null` if the key has no known owner.
+ * Gets the actor that owns the specified key.  Returns `null` if the key has no
+ * known owner.
  *
  * @param keyId The ID of the key to check, or the key itself.
- * @param documentLoader The document loader to use for fetching the key and its owner.
- * @returns The actor that owns the key, or `null` if the key has no known owner.
+ * @param options Options for getting the key owner.
+ * @returns The actor that owns the key, or `null` if the key has no known
+ *          owner.
  * @since 0.7.0
  */
-export async function getKeyOwner(keyId, documentLoader) {
+export async function getKeyOwner(keyId, options) {
+    const documentLoader = options.documentLoader ?? fetchDocumentLoader;
+    const contextLoader = options.contextLoader ?? fetchDocumentLoader;
     let object;
     if (keyId instanceof CryptographicKey) {
         object = keyId;
@@ -273,13 +285,19 @@ export async function getKeyOwner(keyId, documentLoader) {
             return null;
         }
         try {
-            object = await ASObject.fromJsonLd(keyDoc, { documentLoader });
+            object = await ASObject.fromJsonLd(keyDoc, {
+                documentLoader,
+                contextLoader,
+            });
         }
         catch (e) {
             if (!(e instanceof TypeError))
                 throw e;
             try {
-                object = await CryptographicKey.fromJsonLd(keyDoc, { documentLoader });
+                object = await CryptographicKey.fromJsonLd(keyDoc, {
+                    documentLoader,
+                    contextLoader,
+                });
             }
             catch (e) {
                 if (e instanceof TypeError)
@@ -292,7 +310,7 @@ export async function getKeyOwner(keyId, documentLoader) {
     if (object instanceof CryptographicKey) {
         if (object.ownerId == null)
             return null;
-        owner = await object.getOwner({ documentLoader });
+        owner = await object.getOwner({ documentLoader, contextLoader });
     }
     else if (isActor(object)) {
         owner = object;

package/esm/vocab/lookup.js

@@ -57,7 +57,8 @@ export async function lookupObject(identifier, options = {}) {
         if (jrd?.links == null)
             return null;
         for (const l of jrd.links) {
-            if (l.type !== "application/activity+json" || l.rel !== "self")
+            if (l.type !== "application/activity+json" &&
+                !l.type?.match(/application\/ld\+json;\s*profile="https:\/\/www.w3.org\/ns\/activitystreams"/) || l.rel !== "self")
                 continue;
             try {
                 const remoteDoc = await documentLoader(l.href);
@@ -73,7 +74,10 @@ export async function lookupObject(identifier, options = {}) {
     if (document == null)
         return null;
     try {
-        return await Object.fromJsonLd(document, { documentLoader });
+        return await Object.fromJsonLd(document, {
+            documentLoader,
+            contextLoader: options.contextLoader,
+        });
     }
     catch (e) {
         if (e instanceof TypeError)