npm - @rmdes/indiekit-endpoint-activitypub - Versions diffs - 0.1.10 → 1.0.0 - Mend

@rmdes/indiekit-endpoint-activitypub 0.1.10 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/index.js +155 -174
package/lib/controllers/migrate.js +23 -5
package/lib/controllers/profile.js +71 -0
package/lib/federation-bridge.js +119 -0
package/lib/federation-setup.js +321 -0
package/lib/inbox-listeners.js +215 -0
package/lib/jf2-to-as2.js +262 -63
package/lib/kv-store.js +55 -0
package/locales/en.json +18 -0
package/package.json +2 -1
package/views/activitypub-dashboard.njk +4 -0
package/views/activitypub-profile.njk +74 -0
package/lib/actor.js +0 -75
package/lib/federation.js +0 -410
package/lib/inbox.js +0 -291
package/lib/keys.js +0 -39
package/lib/webfinger.js +0 -43

package/lib/keys.js DELETED Viewed

@@ -1,39 +0,0 @@
-import { generateKeyPair } from "node:crypto";
-import { promisify } from "node:util";
-const generateKeyPairAsync = promisify(generateKeyPair);
-/**
- * Get or create an RSA 2048-bit key pair for the ActivityPub actor.
- * Keys are stored in the ap_keys MongoDB collection so they persist
- * across server restarts — a stable key pair is essential for federation
- * since remote servers cache the public key for signature verification.
- *
- * @param {Collection} collection - MongoDB ap_keys collection
- * @param {string} actorUrl - Actor URL (used as the key document identifier)
- * @returns {Promise<{publicKeyPem: string, privateKeyPem: string}>}
- */
-export async function getOrCreateKeyPair(collection, actorUrl) {
-  const existing = await collection.findOne({ actorUrl });
-  if (existing) {
-    return {
-      publicKeyPem: existing.publicKeyPem,
-      privateKeyPem: existing.privateKeyPem,
-    };
-  }
-  const { publicKey, privateKey } = await generateKeyPairAsync("rsa", {
-    modulusLength: 2048,
-    publicKeyEncoding: { type: "spki", format: "pem" },
-    privateKeyEncoding: { type: "pkcs8", format: "pem" },
-  });
-  await collection.insertOne({
-    actorUrl,
-    publicKeyPem: publicKey,
-    privateKeyPem: privateKey,
-    createdAt: new Date().toISOString(),
-  });
-  return { publicKeyPem: publicKey, privateKeyPem: privateKey };
-}

package/lib/webfinger.js DELETED Viewed

@@ -1,43 +0,0 @@
-/**
- * Handle WebFinger resource resolution.
- *
- * WebFinger is the discovery mechanism for ActivityPub — when someone
- * searches for @rick@rmendes.net, their server queries:
- *   GET /.well-known/webfinger?resource=acct:rick@rmendes.net
- *
- * We return a JRD (JSON Resource Descriptor) pointing to the actor URL
- * so the remote server can then fetch the full actor document.
- *
- * @param {string} resource - The resource query (e.g. "acct:rick@rmendes.net")
- * @param {object} options
- * @param {string} options.handle - Actor handle (e.g. "rick")
- * @param {string} options.hostname - Publication hostname (e.g. "rmendes.net")
- * @param {string} options.actorUrl - Full actor URL (e.g. "https://rmendes.net/")
- * @returns {object|null} JRD response object, or null if resource doesn't match
- */
-export function handleWebFinger(resource, options) {
-  const { handle, hostname, actorUrl } = options;
-  const expectedAcct = `acct:${handle}@${hostname}`;
-  // Match both "acct:rick@rmendes.net" and the actor URL itself
-  if (resource !== expectedAcct && resource !== actorUrl) {
-    return null;
-  }
-  return {
-    subject: expectedAcct,
-    aliases: [actorUrl],
-    links: [
-      {
-        rel: "self",
-        type: "application/activity+json",
-        href: actorUrl,
-      },
-      {
-        rel: "http://webfinger.net/rel/profile-page",
-        type: "text/html",
-        href: actorUrl,
-      },
-    ],
-  };
-}