@fedify/fedify 2.2.0-pr.695.16 → 2.2.0-pr.697.17

package/dist/sig/ld.test.mjs

@@ -5,9 +5,9 @@ import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
 import { n as assertFalse, t as assertRejects } from "../assert_rejects-B-qJtC9Z.mjs";
 import { t as assertThrows } from "../assert_throws-4NwKEy2q.mjs";
 import { t as assert } from "../assert-ddO5KLpe.mjs";
-import { i as generateCryptoKeyPair } from "../key-CGx_dDkX.mjs";
+import { i as generateCryptoKeyPair } from "../key-DVFCI5om.mjs";
 import { a as rsaPrivateKey3, c as rsaPublicKey3, i as rsaPrivateKey2, n as ed25519PrivateKey, s as rsaPublicKey2, t as ed25519Multikey } from "../keys-BAK-tUlf.mjs";
-import { a as signJsonLd, n as createSignature, o as verifyJsonLd, r as detachSignature, s as verifySignature, t as attachSignature } from "../ld-wup-liFO.mjs";
+import { a as signJsonLd, i as hasSignatureLike, n as createSignature, o as verifyJsonLd, r as detachSignature, s as verifySignature, t as attachSignature } from "../ld-N69KBAlI.mjs";
 import { mockDocumentLoader, test } from "@fedify/fixture";
 import { CryptographicKey } from "@fedify/vocab";
 import { encodeBase64 } from "byte-encodings/base64";
@@ -55,6 +55,48 @@ test("signJsonLd()", async () => {
 		contextLoader: mockDocumentLoader
 	}));
 });
+test("hasSignatureLike()", () => {
+	assert(hasSignatureLike({ signature: {
+		type: "RsaSignature2017",
+		creator: "https://example.com/users/alice#main-key",
+		signatureValue: "signature"
+	} }));
+	assert(hasSignatureLike({ signature: {
+		type: "Ed25519Signature2020",
+		verificationMethod: "https://example.com/users/alice#main-key",
+		jws: "signature"
+	} }));
+	assert(hasSignatureLike({ signature: {
+		type: "Ed25519Signature2020",
+		verificationMethod: { id: "https://example.com/users/alice#main-key" },
+		jws: "signature"
+	} }));
+	assert(hasSignatureLike({ signature: {
+		type: "Ed25519Signature2020",
+		verificationMethod: [{ id: "https://example.com/users/alice#main-key" }],
+		jws: "signature"
+	} }));
+	assert(hasSignatureLike({ signature: {
+		type: "Ed25519Signature2020",
+		verificationMethod: { "@id": "https://example.com/users/alice#main-key" },
+		jws: "signature"
+	} }));
+	assert(hasSignatureLike({ signature: [{
+		type: "Ed25519Signature2020",
+		verificationMethod: { "@id": "https://example.com/users/alice#main-key" },
+		jws: "signature"
+	}] }));
+	assert(hasSignatureLike({ signature: {
+		type: ["Ed25519Signature2020"],
+		verificationMethod: "https://example.com/users/alice#main-key",
+		jws: "signature"
+	} }));
+	assertFalse(hasSignatureLike({ signature: {
+		type: "Ed25519Signature2020",
+		verificationMethod: "https://example.com/users/alice#main-key"
+	} }));
+	assertFalse(hasSignatureLike(null));
+});
 const document = {
 	"@context": ["https://www.w3.org/ns/activitystreams", {
 		"ostatus": "http://ostatus.org#",

package/dist/sig/mod.cjs

@@ -1,8 +1,8 @@
 const { Temporal } = require("@js-temporal/polyfill");
 const { URLPattern } = require("urlpattern-polyfill");
 Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const require_http = require("../http-JxF7bG0o.cjs");
-const require_proof = require("../proof-_Zyfqyce.cjs");
+const require_http = require("../http-BLuuf-Rt.cjs");
+const require_proof = require("../proof-DwRcU3OF.cjs");
 exports.attachSignature = require_proof.attachSignature;
 exports.createProof = require_proof.createProof;
 exports.createSignature = require_proof.createSignature;
@@ -15,6 +15,8 @@ exports.formatAcceptSignature = require_http.formatAcceptSignature;
 exports.fulfillAcceptSignature = require_http.fulfillAcceptSignature;
 exports.generateCryptoKeyPair = require_http.generateCryptoKeyPair;
 exports.getKeyOwner = require_proof.getKeyOwner;
+exports.hasProofLike = require_proof.hasProofLike;
+exports.hasSignatureLike = require_proof.hasSignatureLike;
 exports.importJwk = require_http.importJwk;
 exports.parseAcceptSignature = require_http.parseAcceptSignature;
 exports.signJsonLd = require_proof.signJsonLd;

package/dist/sig/mod.d.cts

@@ -1,4 +1,4 @@
 import { C as exportJwk, D as importJwk, E as generateCryptoKeyPair, S as KeyCache, T as fetchKeyDetailed, _ as validateAcceptSignature, a as VerifyRequestDetailedResult, b as FetchKeyOptions, c as signRequest, d as AcceptSignatureMember, f as AcceptSignatureParameters, g as parseAcceptSignature, h as fulfillAcceptSignature, i as SignRequestOptions, l as verifyRequest, m as formatAcceptSignature, n as HttpMessageSignaturesSpecDeterminer, o as VerifyRequestFailureReason, p as FulfillAcceptSignatureResult, r as Rfc9421SignRequestOptions, s as VerifyRequestOptions, t as HttpMessageSignaturesSpec, u as verifyRequestDetailed, v as FetchKeyDetailedResult, w as fetchKey, x as FetchKeyResult, y as FetchKeyErrorResult } from "../http-CrGuipxe.cjs";
 import { i as getKeyOwner, n as GetKeyOwnerOptions, r as doesActorOwnKey, t as DoesActorOwnKeyOptions } from "../owner-CptqhsOy.cjs";
-import { _ as verifyJsonLd, a as createProof, c as verifyProof, d as VerifyJsonLdOptions, f as VerifySignatureOptions, g as signJsonLd, h as detachSignature, i as VerifyProofOptions, l as CreateSignatureOptions, m as createSignature, n as SignObjectOptions, o as signObject, p as attachSignature, r as VerifyObjectOptions, s as verifyObject, t as CreateProofOptions, u as SignJsonLdOptions, v as verifySignature } from "../mod-DoJBjjnO.cjs";
-export { AcceptSignatureMember, AcceptSignatureParameters, CreateProofOptions, CreateSignatureOptions, DoesActorOwnKeyOptions, FetchKeyDetailedResult, FetchKeyErrorResult, FetchKeyOptions, FetchKeyResult, FulfillAcceptSignatureResult, GetKeyOwnerOptions, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, KeyCache, Rfc9421SignRequestOptions, SignJsonLdOptions, SignObjectOptions, SignRequestOptions, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifyRequestDetailedResult, VerifyRequestFailureReason, VerifyRequestOptions, VerifySignatureOptions, attachSignature, createProof, createSignature, detachSignature, doesActorOwnKey, exportJwk, fetchKey, fetchKeyDetailed, formatAcceptSignature, fulfillAcceptSignature, generateCryptoKeyPair, getKeyOwner, importJwk, parseAcceptSignature, signJsonLd, signObject, signRequest, validateAcceptSignature, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifyRequestDetailed, verifySignature };
+import { _ as hasSignatureLike, a as createProof, b as verifySignature, c as verifyObject, d as SignJsonLdOptions, f as VerifyJsonLdOptions, g as detachSignature, h as createSignature, i as VerifyProofOptions, l as verifyProof, m as attachSignature, n as SignObjectOptions, o as hasProofLike, p as VerifySignatureOptions, r as VerifyObjectOptions, s as signObject, t as CreateProofOptions, u as CreateSignatureOptions, v as signJsonLd, y as verifyJsonLd } from "../mod-Cr3f-ACa.cjs";
+export { AcceptSignatureMember, AcceptSignatureParameters, CreateProofOptions, CreateSignatureOptions, DoesActorOwnKeyOptions, FetchKeyDetailedResult, FetchKeyErrorResult, FetchKeyOptions, FetchKeyResult, FulfillAcceptSignatureResult, GetKeyOwnerOptions, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, KeyCache, Rfc9421SignRequestOptions, SignJsonLdOptions, SignObjectOptions, SignRequestOptions, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifyRequestDetailedResult, VerifyRequestFailureReason, VerifyRequestOptions, VerifySignatureOptions, attachSignature, createProof, createSignature, detachSignature, doesActorOwnKey, exportJwk, fetchKey, fetchKeyDetailed, formatAcceptSignature, fulfillAcceptSignature, generateCryptoKeyPair, getKeyOwner, hasProofLike, hasSignatureLike, importJwk, parseAcceptSignature, signJsonLd, signObject, signRequest, validateAcceptSignature, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifyRequestDetailed, verifySignature };

package/dist/sig/mod.d.ts

@@ -2,5 +2,5 @@ import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
 import { C as exportJwk, D as importJwk, E as generateCryptoKeyPair, S as KeyCache, T as fetchKeyDetailed, _ as validateAcceptSignature, a as VerifyRequestDetailedResult, b as FetchKeyOptions, c as signRequest, d as AcceptSignatureMember, f as AcceptSignatureParameters, g as parseAcceptSignature, h as fulfillAcceptSignature, i as SignRequestOptions, l as verifyRequest, m as formatAcceptSignature, n as HttpMessageSignaturesSpecDeterminer, o as VerifyRequestFailureReason, p as FulfillAcceptSignatureResult, r as Rfc9421SignRequestOptions, s as VerifyRequestOptions, t as HttpMessageSignaturesSpec, u as verifyRequestDetailed, v as FetchKeyDetailedResult, w as fetchKey, x as FetchKeyResult, y as FetchKeyErrorResult } from "../http-aQzN9Ayi.js";
 import { i as getKeyOwner, n as GetKeyOwnerOptions, r as doesActorOwnKey, t as DoesActorOwnKeyOptions } from "../owner-74ARJ5TL.js";
-import { _ as verifyJsonLd, a as createProof, c as verifyProof, d as VerifyJsonLdOptions, f as VerifySignatureOptions, g as signJsonLd, h as detachSignature, i as VerifyProofOptions, l as CreateSignatureOptions, m as createSignature, n as SignObjectOptions, o as signObject, p as attachSignature, r as VerifyObjectOptions, s as verifyObject, t as CreateProofOptions, u as SignJsonLdOptions, v as verifySignature } from "../mod-DvxszxXC.js";
-export { AcceptSignatureMember, AcceptSignatureParameters, CreateProofOptions, CreateSignatureOptions, DoesActorOwnKeyOptions, FetchKeyDetailedResult, FetchKeyErrorResult, FetchKeyOptions, FetchKeyResult, FulfillAcceptSignatureResult, GetKeyOwnerOptions, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, KeyCache, Rfc9421SignRequestOptions, SignJsonLdOptions, SignObjectOptions, SignRequestOptions, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifyRequestDetailedResult, VerifyRequestFailureReason, VerifyRequestOptions, VerifySignatureOptions, attachSignature, createProof, createSignature, detachSignature, doesActorOwnKey, exportJwk, fetchKey, fetchKeyDetailed, formatAcceptSignature, fulfillAcceptSignature, generateCryptoKeyPair, getKeyOwner, importJwk, parseAcceptSignature, signJsonLd, signObject, signRequest, validateAcceptSignature, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifyRequestDetailed, verifySignature };
+import { _ as hasSignatureLike, a as createProof, b as verifySignature, c as verifyObject, d as SignJsonLdOptions, f as VerifyJsonLdOptions, g as detachSignature, h as createSignature, i as VerifyProofOptions, l as verifyProof, m as attachSignature, n as SignObjectOptions, o as hasProofLike, p as VerifySignatureOptions, r as VerifyObjectOptions, s as signObject, t as CreateProofOptions, u as CreateSignatureOptions, v as signJsonLd, y as verifyJsonLd } from "../mod-CR8soWa9.js";
+export { AcceptSignatureMember, AcceptSignatureParameters, CreateProofOptions, CreateSignatureOptions, DoesActorOwnKeyOptions, FetchKeyDetailedResult, FetchKeyErrorResult, FetchKeyOptions, FetchKeyResult, FulfillAcceptSignatureResult, GetKeyOwnerOptions, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, KeyCache, Rfc9421SignRequestOptions, SignJsonLdOptions, SignObjectOptions, SignRequestOptions, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifyRequestDetailedResult, VerifyRequestFailureReason, VerifyRequestOptions, VerifySignatureOptions, attachSignature, createProof, createSignature, detachSignature, doesActorOwnKey, exportJwk, fetchKey, fetchKeyDetailed, formatAcceptSignature, fulfillAcceptSignature, generateCryptoKeyPair, getKeyOwner, hasProofLike, hasSignatureLike, importJwk, parseAcceptSignature, signJsonLd, signObject, signRequest, validateAcceptSignature, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifyRequestDetailed, verifySignature };

package/dist/sig/mod.js

@@ -1,5 +1,5 @@
 import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
-import { a as verifyRequestDetailed, c as fetchKeyDetailed, f as formatAcceptSignature, h as validateAcceptSignature, i as verifyRequest, l as generateCryptoKeyPair, m as parseAcceptSignature, o as exportJwk, p as fulfillAcceptSignature, r as signRequest, s as fetchKey, u as importJwk } from "../http-D-MhhYUF.js";
-import { a as doesActorOwnKey, c as createSignature, d as signJsonLd, f as verifyJsonLd, i as verifyProof, l as detachSignature, n as signObject, o as getKeyOwner, p as verifySignature, r as verifyObject, s as attachSignature, t as createProof } from "../proof-CirP9OSd.js";
-export { attachSignature, createProof, createSignature, detachSignature, doesActorOwnKey, exportJwk, fetchKey, fetchKeyDetailed, formatAcceptSignature, fulfillAcceptSignature, generateCryptoKeyPair, getKeyOwner, importJwk, parseAcceptSignature, signJsonLd, signObject, signRequest, validateAcceptSignature, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifyRequestDetailed, verifySignature };
+import { a as verifyRequestDetailed, c as fetchKeyDetailed, f as formatAcceptSignature, h as validateAcceptSignature, i as verifyRequest, l as generateCryptoKeyPair, m as parseAcceptSignature, o as exportJwk, p as fulfillAcceptSignature, r as signRequest, s as fetchKey, u as importJwk } from "../http-CqkZgsp_.js";
+import { a as verifyProof, c as attachSignature, d as hasSignatureLike, f as signJsonLd, i as verifyObject, l as createSignature, m as verifySignature, n as hasProofLike, o as doesActorOwnKey, p as verifyJsonLd, r as signObject, s as getKeyOwner, t as createProof, u as detachSignature } from "../proof-BtFhWZuV.js";
+export { attachSignature, createProof, createSignature, detachSignature, doesActorOwnKey, exportJwk, fetchKey, fetchKeyDetailed, formatAcceptSignature, fulfillAcceptSignature, generateCryptoKeyPair, getKeyOwner, hasProofLike, hasSignatureLike, importJwk, parseAcceptSignature, signJsonLd, signObject, signRequest, validateAcceptSignature, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifyRequestDetailed, verifySignature };

package/dist/sig/owner.test.mjs

@@ -6,7 +6,7 @@ import "../std__assert-Duiq_YC9.mjs";
 import { n as assertFalse } from "../assert_rejects-B-qJtC9Z.mjs";
 import { t as assert } from "../assert-ddO5KLpe.mjs";
 import { o as rsaPublicKey1, s as rsaPublicKey2 } from "../keys-BAK-tUlf.mjs";
-import { n as getKeyOwner, t as doesActorOwnKey } from "../owner-q2mUMM9a.mjs";
+import { n as getKeyOwner, t as doesActorOwnKey } from "../owner-DGdkXeF5.mjs";
 import { createTestTracerProvider, mockDocumentLoader, test } from "@fedify/fixture";
 import { Create, CryptographicKey, lookupObject } from "@fedify/vocab";
 //#region src/sig/owner.test.ts

package/dist/sig/proof.test.mjs

@@ -3,10 +3,11 @@ import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
 import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
 import "../std__assert-Duiq_YC9.mjs";
-import { t as assertRejects } from "../assert_rejects-B-qJtC9Z.mjs";
+import { n as assertFalse, t as assertRejects } from "../assert_rejects-B-qJtC9Z.mjs";
 import { t as assertInstanceOf } from "../assert_instance_of-C4Ri6VuN.mjs";
+import { t as assert } from "../assert-ddO5KLpe.mjs";
 import { i as rsaPrivateKey2, n as ed25519PrivateKey, r as ed25519PublicKey, s as rsaPublicKey2, t as ed25519Multikey } from "../keys-BAK-tUlf.mjs";
-import { i as verifyProof, n as signObject, r as verifyObject, t as createProof } from "../proof--CpZsF_p.mjs";
+import { a as verifyProof, i as verifyObject, n as hasProofLike, r as signObject, t as createProof } from "../proof-C50gFNxj.mjs";
 import { mockDocumentLoader, test } from "@fedify/fixture";
 import { Create, DataIntegrityProof, Multikey, Note, Place } from "@fedify/vocab";
 import { decodeMultibase, importMultibaseKey } from "@fedify/vocab-runtime";
@@ -151,6 +152,49 @@ test("signObject()", async () => {
 		contextLoader: mockDocumentLoader
 	}), TypeError, "Unsupported algorithm");
 });
+test("hasProofLike()", () => {
+	assert(hasProofLike({ proof: {
+		type: "DataIntegrityProof",
+		verificationMethod: "https://example.com/users/alice#main-key",
+		proofPurpose: "assertionMethod",
+		proofValue: "signature"
+	} }));
+	assert(hasProofLike({ proof: {
+		type: "DataIntegrityProof",
+		verificationMethod: { id: "https://example.com/users/alice#main-key" },
+		proofPurpose: "assertionMethod",
+		proofValue: "signature"
+	} }));
+	assert(hasProofLike({ proof: [{
+		type: "DataIntegrityProof",
+		verificationMethod: { id: "https://example.com/users/alice#main-key" },
+		proofPurpose: "assertionMethod",
+		proofValue: "signature"
+	}] }));
+	assert(hasProofLike({ proof: {
+		type: ["https://w3id.org/security#DataIntegrityProof"],
+		verificationMethod: [{ "@id": "https://example.com/users/alice#main-key" }],
+		proofPurpose: { "@id": "https://w3id.org/security#assertionMethod" },
+		proofValue: "signature"
+	} }));
+	assert(hasProofLike({ "https://w3id.org/security#proof": {
+		type: "DataIntegrityProof",
+		verificationMethod: { "@id": "https://example.com/users/alice#main-key" },
+		proofPurpose: { "@id": "https://w3id.org/security#assertionMethod" },
+		proofValue: "signature"
+	} }));
+	assert(hasProofLike({ "https://w3id.org/security#proof": [{
+		"@type": ["https://w3id.org/security#DataIntegrityProof"],
+		"https://w3id.org/security#verificationMethod": [{ "@id": "https://example.com/users/alice#main-key" }],
+		"https://w3id.org/security#proofPurpose": [{ "@id": "https://w3id.org/security#assertionMethod" }],
+		"https://w3id.org/security#proofValue": [{ "@value": "signature" }]
+	}] }));
+	assertFalse(hasProofLike({ proof: {
+		type: "DataIntegrityProof",
+		verificationMethod: { id: "https://example.com/users/alice#main-key" },
+		proofPurpose: "assertionMethod"
+	} }));
+});
 test("verifyProof()", async () => {
 	const cache = {};
 	const options = {

package/dist/testing/mod.d.mts

@@ -393,6 +393,16 @@ type CollectionCursor<TContext extends Context<TContextData>, TContextData, TFil
  * @param activity The activity that was received.
  */
 type InboxListener<TContextData, TActivity extends Activity> = (context: InboxContext<TContextData>, activity: TActivity) => void | Promise<void>;
+/**
+ * A callback that listens for activities in an outbox.
+ *
+ * @template TContextData The context data to pass to the {@link Context}.
+ * @template TActivity The type of activity to listen for.
+ * @param context The outbox context.
+ * @param activity The activity that was received.
+ * @since 2.2.0
+ */
+type OutboxListener<TContextData, TActivity extends Activity> = (context: OutboxContext<TContextData>, activity: TActivity) => void | Promise<void>;
 /**
  * The reason why an incoming activity could not be verified.
  *
@@ -423,6 +433,15 @@ type UnverifiedActivityHandler<TContextData> = (context: RequestContext<TContext
  * @param context The inbox context.
  */
 type InboxErrorHandler<TContextData> = (context: Context<TContextData>, error: Error) => void | Promise<void>;
+/**
+ * A callback that handles errors in an outbox listener.
+ *
+ * @template TContextData The context data to pass to the {@link Context}.
+ * @param context The outbox context.
+ * @param error The error that occurred.
+ * @since 2.2.0
+ */
+type OutboxListenerErrorHandler<TContextData> = (context: OutboxContext<TContextData>, error: Error) => void | Promise<void>;
 /**
  * A callback that dispatches the key pair for the authenticated document loader
  * of the {@link Context} passed to the shared inbox listener.
@@ -781,6 +800,32 @@ interface Federatable<TContextData> {
    * @throws {@link RouterError} Thrown if the path pattern is invalid.
    */
   setOutboxDispatcher(path: `${string}${Rfc6570Expression<"identifier">}${string}`, dispatcher: CollectionDispatcher<Activity, RequestContext<TContextData>, TContextData, void>): CollectionCallbackSetters<RequestContext<TContextData>, TContextData, void>;
+  /**
+   * Assigns the URL path for the outbox and starts setting outbox listeners.
+   *
+   * @example
+   * ``` typescript
+   * federation
+   *   .setOutboxListeners("/users/{identifier}/outbox")
+   *   .on(Activity, async (ctx, activity) => {
+   *     await ctx.sendActivity({ identifier: ctx.identifier }, "followers", activity);
+   *   })
+   *   .authorize(async (ctx, identifier) => {
+   *     return ctx.request.headers.get("authorization") === `Bearer ${identifier}`;
+   *   });
+   * ```
+   *
+   * @param outboxPath The URI path pattern for the outbox.  The syntax is based
+   *                   on URI Template
+   *                   ([RFC 6570](https://tools.ietf.org/html/rfc6570)).  The
+   *                   path must have one variable: `{identifier}`.  If an
+   *                   outbox dispatcher is configured, this path must match
+   *                   the outbox dispatcher path.
+   * @returns An object to register outbox listeners.
+   * @throws {RouterError} Thrown if the path pattern is invalid.
+   * @since 2.2.0
+   */
+  setOutboxListeners(outboxPath: `${string}${Rfc6570Expression<"identifier">}${string}`): OutboxListenerSetters<TContextData>;
   /**
    * Registers a following collection dispatcher.
    * @param path The URI path pattern for the following collection.  The syntax
@@ -1168,6 +1213,38 @@ type IdempotencyStrategy = "global" | "per-origin" | "per-inbox";
  * @since 1.9.0
  */
 type IdempotencyKeyCallback<TContextData> = (ctx: InboxContext<TContextData>, activity: Activity) => string | null | Promise<string | null>;
+/**
+ * Registry for outbox listeners for different activity types.
+ * @since 2.2.0
+ */
+interface OutboxListenerSetters<TContextData> {
+  /**
+   * Registers a listener for a specific incoming activity type.
+   *
+   * @param type A subclass of {@link Activity} to listen to.
+   * @param listener A callback to handle an incoming activity.
+   * @returns The setters object so that settings can be chained.
+   * @since 2.2.0
+   */
+  on<TActivity extends Activity>(type: new (...args: any[]) => TActivity, listener: OutboxListener<TContextData, TActivity>): OutboxListenerSetters<TContextData>;
+  /**
+   * Registers an error handler for outbox listeners.  Any exceptions thrown
+   * from the listeners are caught and passed to this handler.
+   *
+   * @param handler A callback to handle an error.
+   * @returns The setters object so that settings can be chained.
+   * @since 2.2.0
+   */
+  onError(handler: OutboxListenerErrorHandler<TContextData>): OutboxListenerSetters<TContextData>;
+  /**
+   * Registers a callback to authorize POST requests to the outbox.
+   *
+   * @param predicate A callback to authorize the request.
+   * @returns The setters object so that settings can be chained.
+   * @since 2.2.0
+   */
+  authorize(predicate: AuthorizePredicate<TContextData>): OutboxListenerSetters<TContextData>;
+}
 /**
  * Registry for inbox listeners for different activity types.
  */
@@ -1939,6 +2016,71 @@ interface InboxContext<TContextData> extends Context<TContextData> {
     username: string;
   }, recipients: "followers", options?: ForwardActivityOptions): Promise<void>;
 }
+/**
+ * A context for outbox listeners.
+ * @since 2.2.0
+ */
+interface OutboxContext<TContextData> extends Context<TContextData> {
+  /**
+   * The identifier of the actor whose outbox received the POST.
+   * @since 2.2.0
+   */
+  readonly identifier: string;
+  /**
+   * Indicates whether the posted activity has been delivered during the
+   * current outbox listener invocation.
+   * @returns `true` if the posted activity has been delivered; `false`
+   *          otherwise.
+   * @since 2.2.0
+   */
+  hasDeliveredActivity(): boolean;
+  /**
+   * Forwards a posted activity to the recipients' inboxes without
+   * re-serializing the original payload.  The forwarded activity will be
+   * signed in HTTP Signatures by the forwarder, but its payload will not be
+   * modified, i.e., Linked Data Signatures and Object Integrity Proofs will
+   * not be added.  Therefore, if the posted activity is not signed (i.e., it
+   * has neither Linked Data Signatures nor Object Integrity Proofs), the
+   * recipients probably will not trust the activity.
+   * @param forwarder The forwarder's identifier or the forwarder's username
+   *                  or the forwarder's key pair(s).
+   * @param recipients The recipients of the activity.
+   * @param options Options for forwarding the activity.
+   * @since 2.2.0
+   */
+  forwardActivity(forwarder: SenderKeyPair | SenderKeyPair[] | {
+    identifier: string;
+  } | {
+    username: string;
+  }, recipients: Recipient | Recipient[], options?: ForwardActivityOptions): Promise<void>;
+  /**
+   * Forwards a posted activity to the recipients' inboxes without
+   * re-serializing the original payload.  The forwarded activity will be
+   * signed in HTTP Signatures by the forwarder, but its payload will not be
+   * modified, i.e., Linked Data Signatures and Object Integrity Proofs will
+   * not be added.  Therefore, if the posted activity is not signed (i.e., it
+   * has neither Linked Data Signatures nor Object Integrity Proofs), the
+   * recipients probably will not trust the activity.
+   * @param forwarder The forwarder's identifier or the forwarder's username.
+   * @param recipients In this case, it must be `"followers"`.
+   * @param options Options for forwarding the activity.
+   * @since 2.2.0
+   */
+  forwardActivity(forwarder: {
+    identifier: string;
+  } | {
+    username: string;
+  }, recipients: "followers", options?: ForwardActivityOptions): Promise<void>;
+  /**
+   * Creates a new context with the same properties as this one,
+   * but with the given data.
+   * @param data The new data to associate with the context.
+   * @returns A new context with the same properties as this one,
+   *          but with the given data.
+   * @since 2.2.0
+   */
+  clone(data: TContextData): OutboxContext<TContextData>;
+}
 /**
  * A result of parsing an URI.
  */
@@ -2204,5 +2346,11 @@ declare function createInboxContext<TContextData>(args: Partial<InboxContext<TCo
   recipient?: string | null;
   federation: Federation<TContextData>;
 }): InboxContext<TContextData>;
+declare function createOutboxContext<TContextData>(args: Partial<OutboxContext<TContextData>> & {
+  url?: URL;
+  data: TContextData;
+  identifier: string;
+  federation: Federation<TContextData>;
+}): OutboxContext<TContextData>;
 //#endregion
-export { createInboxContext, createRequestContext, testDefinitions };
+export { createInboxContext, createOutboxContext, createRequestContext, testDefinitions };

package/dist/testing/mod.mjs

@@ -1,6 +1,6 @@
 import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
-import { n as createRequestContext, t as createInboxContext } from "../context-Juj6bdHC.mjs";
+import { n as createOutboxContext, r as createRequestContext, t as createInboxContext } from "../context-Dk_tacqz.mjs";
 import { testDefinitions } from "@fedify/fixture";
-export { createInboxContext, createRequestContext, testDefinitions };
+export { createInboxContext, createOutboxContext, createRequestContext, testDefinitions };

package/dist/utils/docloader.test.mjs

@@ -5,9 +5,9 @@ import { t as esm_default } from "../esm-DVILvP5e.mjs";
 import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
 import "../std__assert-Duiq_YC9.mjs";
 import { t as assertRejects } from "../assert_rejects-B-qJtC9Z.mjs";
-import { l as verifyRequest } from "../http-RZPxDWq5.mjs";
+import { l as verifyRequest } from "../http-CFmrJbuT.mjs";
 import { i as rsaPrivateKey2 } from "../keys-BAK-tUlf.mjs";
-import { t as getAuthenticatedDocumentLoader } from "../docloader-D7q0-Xef.mjs";
+import { t as getAuthenticatedDocumentLoader } from "../docloader-qLB9fFVV.mjs";
 import { mockDocumentLoader, test } from "@fedify/fixture";
 import { UrlError } from "@fedify/vocab-runtime";
 //#region src/utils/docloader.test.ts

package/dist/utils/mod.cjs

@@ -1,6 +1,6 @@
 const { Temporal } = require("@js-temporal/polyfill");
 const { URLPattern } = require("urlpattern-polyfill");
 Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const require_kv_cache = require("../kv-cache-C2gdVgvb.cjs");
+const require_kv_cache = require("../kv-cache-BlXew67e.cjs");
 exports.getAuthenticatedDocumentLoader = require_kv_cache.getAuthenticatedDocumentLoader;
 exports.kvCache = require_kv_cache.kvCache;

package/dist/utils/mod.js

@@ -1,4 +1,4 @@
 import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
-import { n as getAuthenticatedDocumentLoader, t as kvCache } from "../kv-cache-D84Mk0fZ.js";
+import { n as getAuthenticatedDocumentLoader, t as kvCache } from "../kv-cache-Dgsvz3PC.js";
 export { getAuthenticatedDocumentLoader, kvCache };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fedify/fedify",
-  "version": "2.2.0-pr.695.16+7a782334",
+  "version": "2.2.0-pr.697.17+8d06dbd9",
   "description": "An ActivityPub server framework",
   "keywords": [
     "ActivityPub",
@@ -144,9 +144,9 @@
     "uri-template-router": "^1.0.0",
     "url-template": "^3.1.1",
     "urlpattern-polyfill": "^10.1.0",
-    "@fedify/vocab": "2.2.0-pr.695.16+7a782334",
-    "@fedify/vocab-runtime": "2.2.0-pr.695.16+7a782334",
-    "@fedify/webfinger": "2.2.0-pr.695.16+7a782334"
+    "@fedify/vocab": "2.2.0-pr.697.17+8d06dbd9",
+    "@fedify/webfinger": "2.2.0-pr.697.17+8d06dbd9",
+    "@fedify/vocab-runtime": "2.2.0-pr.697.17+8d06dbd9"
   },
   "devDependencies": {
     "@std/assert": "npm:@jsr/std__assert@^0.226.0",
@@ -158,7 +158,7 @@
     "tsx": "^4.19.4",
     "typescript": "^5.9.2",
     "wrangler": "^4.17.0",
-    "@fedify/vocab-tools": "^2.2.0-pr.695.16+7a782334",
+    "@fedify/vocab-tools": "^2.2.0-pr.697.17+8d06dbd9",
     "@fedify/fixture": "2.0.0"
   },
   "scripts": {

package/dist/inbox-CmYvcSMM.mjs

@@ -1,179 +0,0 @@
-import { Temporal } from "@js-temporal/polyfill";
-import "urlpattern-polyfill";
-globalThis.addEventListener = () => {};
-import { n as version, t as name } from "./deno-vxcWcxQS.mjs";
-import { Activity, getTypeId } from "@fedify/vocab";
-import { SpanKind, SpanStatusCode, context, propagation, trace } from "@opentelemetry/api";
-import { getLogger } from "@logtape/logtape";
-//#region src/federation/inbox.ts
-var InboxListenerSet = class InboxListenerSet {
-	#listeners;
-	constructor() {
-		this.#listeners = /* @__PURE__ */ new Map();
-	}
-	clone() {
-		const clone = new InboxListenerSet();
-		clone.#listeners = new Map(this.#listeners);
-		return clone;
-	}
-	add(type, listener) {
-		if (this.#listeners.has(type)) throw new TypeError("Listener already set for this type.");
-		this.#listeners.set(type, listener);
-	}
-	dispatchWithClass(activity) {
-		let cls = activity.constructor;
-		const inboxListeners = this.#listeners;
-		if (inboxListeners == null) return null;
-		while (true) {
-			if (inboxListeners.has(cls)) break;
-			if (cls === Activity) return null;
-			cls = globalThis.Object.getPrototypeOf(cls);
-		}
-		const listener = inboxListeners.get(cls);
-		return {
-			class: cls,
-			listener
-		};
-	}
-	dispatch(activity) {
-		return this.dispatchWithClass(activity)?.listener ?? null;
-	}
-};
-async function routeActivity({ context: ctx, json, activity, recipient, inboxListeners, inboxContextFactory, inboxErrorHandler, kv, kvPrefixes, queue, span, tracerProvider, idempotencyStrategy }) {
-	const logger = getLogger([
-		"fedify",
-		"federation",
-		"inbox"
-	]);
-	let cacheKey = null;
-	if (activity.id != null) {
-		const inboxContext = inboxContextFactory(recipient, json, activity.id?.href, getTypeId(activity).href);
-		const strategy = idempotencyStrategy ?? "per-inbox";
-		let keyString;
-		if (typeof strategy === "function") keyString = await strategy(inboxContext, activity);
-		else switch (strategy) {
-			case "global":
-				keyString = activity.id.href;
-				break;
-			case "per-origin":
-				keyString = `${ctx.origin}\n${activity.id.href}`;
-				break;
-			case "per-inbox":
-				keyString = `${ctx.origin}\n${activity.id.href}\n${recipient == null ? "sharedInbox" : `inbox\n${recipient}`}`;
-				break;
-			default: keyString = `${ctx.origin}\n${activity.id.href}`;
-		}
-		if (keyString != null) cacheKey = [...kvPrefixes.activityIdempotence, keyString];
-	}
-	if (cacheKey != null) {
-		if (await kv.get(cacheKey) === true) {
-			logger.debug("Activity {activityId} has already been processed.", {
-				activityId: activity.id?.href,
-				activity: json,
-				recipient
-			});
-			span.setStatus({
-				code: SpanStatusCode.UNSET,
-				message: `Activity ${activity.id?.href} has already been processed.`
-			});
-			return "alreadyProcessed";
-		}
-	}
-	if (activity.actorId == null) {
-		logger.error("Missing actor.", { activity: json });
-		span.setStatus({
-			code: SpanStatusCode.ERROR,
-			message: "Missing actor."
-		});
-		return "missingActor";
-	}
-	span.setAttribute("activitypub.actor.id", activity.actorId.href);
-	if (queue != null) {
-		const carrier = {};
-		propagation.inject(context.active(), carrier);
-		try {
-			await queue.enqueue({
-				type: "inbox",
-				id: crypto.randomUUID(),
-				baseUrl: ctx.origin,
-				activity: json,
-				identifier: recipient,
-				attempt: 0,
-				started: (/* @__PURE__ */ new Date()).toISOString(),
-				traceContext: carrier
-			});
-		} catch (error) {
-			logger.error("Failed to enqueue the incoming activity {activityId}:\n{error}", {
-				error,
-				activityId: activity.id?.href,
-				activity: json,
-				recipient
-			});
-			span.setStatus({
-				code: SpanStatusCode.ERROR,
-				message: `Failed to enqueue the incoming activity ${activity.id?.href}.`
-			});
-			throw error;
-		}
-		logger.info("Activity {activityId} is enqueued.", {
-			activityId: activity.id?.href,
-			activity: json,
-			recipient
-		});
-		return "enqueued";
-	}
-	tracerProvider = tracerProvider ?? trace.getTracerProvider();
-	return await tracerProvider.getTracer(name, version).startActiveSpan("activitypub.dispatch_inbox_listener", { kind: SpanKind.INTERNAL }, async (span) => {
-		const dispatched = inboxListeners?.dispatchWithClass(activity);
-		if (dispatched == null) {
-			logger.error("Unsupported activity type:\n{activity}", {
-				activity: json,
-				recipient
-			});
-			span.setStatus({
-				code: SpanStatusCode.UNSET,
-				message: `Unsupported activity type: ${getTypeId(activity).href}`
-			});
-			span.end();
-			return "unsupportedActivity";
-		}
-		const { class: cls, listener } = dispatched;
-		span.updateName(`activitypub.dispatch_inbox_listener ${cls.name}`);
-		try {
-			await listener(inboxContextFactory(recipient, json, activity?.id?.href, getTypeId(activity).href), activity);
-		} catch (error) {
-			try {
-				await inboxErrorHandler?.(ctx, error);
-			} catch (error) {
-				logger.error("An unexpected error occurred in inbox error handler:\n{error}", {
-					error,
-					activityId: activity.id?.href,
-					activity: json,
-					recipient
-				});
-			}
-			logger.error("Failed to process the incoming activity {activityId}:\n{error}", {
-				error,
-				activityId: activity.id?.href,
-				activity: json,
-				recipient
-			});
-			span.setStatus({
-				code: SpanStatusCode.ERROR,
-				message: String(error)
-			});
-			span.end();
-			return "error";
-		}
-		if (cacheKey != null) await kv.set(cacheKey, true, { ttl: Temporal.Duration.from({ days: 1 }) });
-		logger.info("Activity {activityId} has been processed.", {
-			activityId: activity.id?.href,
-			activity: json,
-			recipient
-		});
-		span.end();
-		return "success";
-	});
-}
-//#endregion
-export { routeActivity as n, InboxListenerSet as t };