@rmdes/indiekit-endpoint-activitypub 3.9.4 → 3.10.0

package/README.md

@@ -1,6 +1,6 @@
 # @rmdes/indiekit-endpoint-activitypub
 
-ActivityPub federation endpoint for [Indiekit](https://getindiekit.com), built on [Fedify](https://fedify.dev) 2.0. Makes your IndieWeb site a full fediverse actor — discoverable, followable, and interactive from Mastodon, Misskey, Pixelfed, and any ActivityPub-compatible platform. Includes a Mastodon-compatible Client API so you can use Phanpy, Elk, Moshidon, Fedilab, and other Mastodon clients with your own AP instance.
+ActivityPub federation endpoint for [Indiekit](https://getindiekit.com), built on [Fedify](https://fedify.dev) 2.1. Makes your IndieWeb site a full fediverse actor — discoverable, followable, and interactive from Mastodon, Misskey, Pixelfed, and any ActivityPub-compatible platform. Includes a Mastodon-compatible Client API so you can use Phanpy, Elk, Moshidon, Fedilab, and other Mastodon clients with your own AP instance.
 
 ## Features
 
@@ -109,10 +109,18 @@ ActivityPub federation endpoint for [Indiekit](https://getindiekit.com), built o
 - Follower and following lists with source tracking
 - Federation management page with moderation overview (blocked servers, blocked accounts, muted)
 
+**Standards Compliance**
+- FEP-5feb: Search Indexing Consent — actor advertises `indexable` and `discoverable` properties
+- FEP-f1d5/0151: Enhanced NodeInfo 2.1 — rich metadata including software repository, node name, staff accounts
+- FEP-4f05: Soft Delete with Tombstone — deleted posts return 410 with Tombstone JSON-LD including `formerType` and timestamps
+- FEP-3b86: Activity Intents — WebFinger links for Follow, Create, Like, Announce intents with authorize_interaction routing
+- FEP-8fcf: Collection Synchronization — outbound follower digest headers via Fedify `syncCollection`
+- FEP-044f: Quote Posts — rendered as embedded cards (via Fedify's `quoteUrl` support)
+
 ## Requirements
 
 - [Indiekit](https://getindiekit.com) v1.0.0-beta.25+
-- [Fedify](https://fedify.dev) 2.0+ (bundled as dependency)
+- [Fedify](https://fedify.dev) 2.1+ (bundled as dependency)
 - Node.js >= 22
 - MongoDB (used by Indiekit)
 - Redis (recommended for production delivery queue; in-process queue available for development)
@@ -322,6 +330,7 @@ The plugin creates these collections automatically:
 | `ap_blocked_servers` | Blocked server domains (instance-level blocks) |
 | `ap_key_freshness` | Tracks when remote actor keys were last verified |
 | `ap_inbox_queue` | Persistent async inbox processing queue |
+| `ap_tombstones` | Tombstone records for soft-deleted posts (FEP-4f05) |
 | `ap_oauth_apps` | Mastodon API client app registrations |
 | `ap_oauth_tokens` | OAuth2 authorization codes and access tokens |
 | `ap_markers` | Read position markers for Mastodon API clients |
@@ -342,7 +351,7 @@ Categories are converted to `Hashtag` tags. Bookmarks include a bookmark emoji a
 
 ## Fedify Workarounds and Implementation Notes
 
-This plugin uses [Fedify](https://fedify.dev) 2.0 but carries several workarounds for issues in Fedify or its Express integration. These are documented here so they can be revisited when Fedify upgrades.
+This plugin uses [Fedify](https://fedify.dev) 2.1 but carries several workarounds for issues in Fedify or its Express integration. These are documented here so they can be revisited when Fedify upgrades.
 
 ### Custom Express Bridge (instead of `@fedify/express`)
 
@@ -364,14 +373,11 @@ Mastodon's `update_account_fields` checks `attachment.is_a?(Array)` and silently
 
 **Revisit when:** Fedify adds an option to preserve arrays during JSON-LD serialization, or Mastodon fixes their array check.
 
-### Endpoints `as:Endpoints` Type Stripping
+### Endpoints `as:Endpoints` Type Stripping — REMOVED
 
-**File:** `lib/federation-bridge.js` (in `sendFedifyResponse()`)
 **Upstream issue:** [fedify#576](https://github.com/fedify-dev/fedify/issues/576) — FIXED in Fedify 2.1.0
 
-Fedify serializes the `endpoints` object with `"type": "as:Endpoints"`, which is not a valid ActivityStreams type. browser.pub rejects this. The bridge strips the `type` field from the `endpoints` object before sending.
-
-**Remove when:** Upgrading to Fedify ≥ 2.1.0.
+This workaround has been removed. Fedify 2.1.0 now omits the invalid `"type": "as:Endpoints"` from serialized actor JSON.
 
 ### PropertyValue Attachment Type (Known Issue)
 

package/index.js

@@ -435,6 +435,20 @@ export default class ActivityPubEndpoint {
         });
 
         if (!post || post.properties?.deleted) {
+          // FEP-4f05: Serve Tombstone for deleted posts
+          const { getTombstone } = await import("./lib/storage/tombstones.js");
+          const tombstone = await getTombstone(self._collections, requestUrl);
+          if (tombstone) {
+            res.status(410).set("Content-Type", "application/activity+json").json({
+              "@context": "https://www.w3.org/ns/activitystreams",
+              type: "Tombstone",
+              id: requestUrl,
+              formerType: tombstone.formerType,
+              published: tombstone.published || undefined,
+              deleted: tombstone.deleted,
+            });
+            return;
+          }
           return next();
         }
 
@@ -811,6 +825,21 @@ export default class ActivityPubEndpoint {
    * @param {string} url - Full URL of the deleted post
    */
   async delete(url) {
+    // Record tombstone for FEP-4f05
+    try {
+      const { addTombstone } = await import("./lib/storage/tombstones.js");
+      const postsCol = this._collections.posts;
+      const post = postsCol ? await postsCol.findOne({ "properties.url": url }) : null;
+      await addTombstone(this._collections, {
+        url,
+        formerType: post?.properties?.["post-type"] === "article" ? "Article" : "Note",
+        published: post?.properties?.published || null,
+        deleted: new Date().toISOString(),
+      });
+    } catch (error) {
+      console.warn(`[ActivityPub] Tombstone creation failed for ${url}: ${error.message}`);
+    }
+
     await this.broadcastDelete(url).catch((err) =>
       console.warn(`[ActivityPub] broadcastDelete failed for ${url}: ${err.message}`)
     );
@@ -927,6 +956,8 @@ export default class ActivityPubEndpoint {
     Indiekit.addCollection("ap_oauth_apps");
     Indiekit.addCollection("ap_oauth_tokens");
     Indiekit.addCollection("ap_markers");
+    // Tombstones for soft-deleted posts (FEP-4f05)
+    Indiekit.addCollection("ap_tombstones");
 
     // Store collection references (posts resolved lazily)
     const indiekitCollections = Indiekit.collections;
@@ -964,6 +995,7 @@ export default class ActivityPubEndpoint {
       ap_oauth_apps: indiekitCollections.get("ap_oauth_apps"),
       ap_oauth_tokens: indiekitCollections.get("ap_oauth_tokens"),
       ap_markers: indiekitCollections.get("ap_markers"),
+      ap_tombstones: indiekitCollections.get("ap_tombstones"),
       get posts() {
         return indiekitCollections.get("posts");
       },

package/lib/controllers/authorize-interaction.js

@@ -2,18 +2,21 @@
  * Authorize Interaction controller — handles the remote follow / authorize
  * interaction flow for ActivityPub federation.
  *
- * When a remote server (WordPress AP, Misskey, etc.) discovers our WebFinger
- * subscribe template, it redirects the user here with ?uri={actorOrPostUrl}.
+ * Supports:
+ * - OStatus subscribe template (legacy remote follow via ?uri=...)
+ * - FEP-3b86 Activity Intents (via ?uri=...&intent=follow|create|like|announce)
  *
  * Flow:
  * 1. Missing uri → render error page
  * 2. Unauthenticated → redirect to login, then back here
- * 3. Authenticated → redirect to the reader's remote profile page
+ * 3. Authenticated → route to appropriate page based on intent
  */
 
 export function authorizeInteractionController(plugin) {
   return async (req, res) => {
     const uri = req.query.uri || req.query.acct;
+    const intent = req.query.intent || "";
+
     if (!uri) {
       return res.status(400).render("activitypub-authorize-interaction", {
         title: "Authorize Interaction",
@@ -29,17 +32,28 @@ export function authorizeInteractionController(plugin) {
     // then back to this page after auth
     const session = req.session;
     if (!session?.access_token) {
-      const returnUrl = `${plugin.options.mountPath}/authorize_interaction?uri=${encodeURIComponent(uri)}`;
+      const params = `uri=${encodeURIComponent(uri)}${intent ? `&intent=${intent}` : ""}`;
+      const returnUrl = `${plugin.options.mountPath}/authorize_interaction?${params}`;
       return res.redirect(
         `/session/login?redirect=${encodeURIComponent(returnUrl)}`,
       );
     }
 
-    // Authenticated — redirect to the remote profile viewer in our reader
-    // which already has follow/unfollow/like/boost functionality
+    const mp = plugin.options.mountPath;
     const encodedUrl = encodeURIComponent(resource);
-    return res.redirect(
-      `${plugin.options.mountPath}/admin/reader/profile?url=${encodedUrl}`,
-    );
+
+    // Route based on intent (FEP-3b86)
+    switch (intent) {
+      case "follow":
+        return res.redirect(`${mp}/admin/reader/profile?url=${encodedUrl}`);
+      case "create":
+        return res.redirect(`${mp}/admin/reader/compose?replyTo=${encodedUrl}`);
+      case "like":
+      case "announce":
+        return res.redirect(`${mp}/admin/reader/post?url=${encodedUrl}`);
+      default:
+        // Default: resolve to remote profile page
+        return res.redirect(`${mp}/admin/reader/profile?url=${encodedUrl}`);
+    }
   };
 }

package/lib/federation-bridge.js

@@ -89,12 +89,6 @@ async function sendFedifyResponse(res, response, request) {
       if (json.attachment && !Array.isArray(json.attachment)) {
         json.attachment = [json.attachment];
       }
-      // WORKAROUND: Fedify serializes endpoints with "type": "as:Endpoints"
-      // which is not a valid AS2 type. The endpoints object should be a plain
-      // object with just sharedInbox/proxyUrl etc. Strip the invalid type.
-      if (json.endpoints && json.endpoints.type) {
-        delete json.endpoints.type;
-      }
       const patched = JSON.stringify(json);
       res.setHeader("content-length", Buffer.byteLength(patched));
       res.end(patched);

package/lib/federation-setup.js

@@ -286,10 +286,48 @@ export function setupFederation(options) {
   // Add OStatus subscribe template so remote servers (WordPress AP, Misskey, etc.)
   // can redirect users to our authorize_interaction page for remote follow.
   federation.setWebFingerLinksDispatcher((_ctx, _resource) => {
+    const interactionBase = `${publicationUrl}${mountPath.replace(/^\//, "")}/authorize_interaction`;
     return [
+      // OStatus subscribe template (legacy remote follow)
       {
         rel: "http://ostatus.org/schema/1.0/subscribe",
-        template: `${publicationUrl}${mountPath.replace(/^\//, "")}/authorize_interaction?uri={uri}`,
+        template: `${interactionBase}?uri={uri}`,
+      },
+      // FEP-3b86 Activity Intents — Follow
+      {
+        rel: "https://w3id.org/fep/3b86",
+        template: `${interactionBase}?uri={uri}&intent=follow`,
+        properties: {
+          "https://w3id.org/fep/3b86#intent":
+            "https://www.w3.org/ns/activitystreams#Follow",
+        },
+      },
+      // FEP-3b86 Activity Intents — Create (reply)
+      {
+        rel: "https://w3id.org/fep/3b86",
+        template: `${interactionBase}?uri={uri}&intent=create`,
+        properties: {
+          "https://w3id.org/fep/3b86#intent":
+            "https://www.w3.org/ns/activitystreams#Create",
+        },
+      },
+      // FEP-3b86 Activity Intents — Like
+      {
+        rel: "https://w3id.org/fep/3b86",
+        template: `${interactionBase}?uri={uri}&intent=like`,
+        properties: {
+          "https://w3id.org/fep/3b86#intent":
+            "https://www.w3.org/ns/activitystreams#Like",
+        },
+      },
+      // FEP-3b86 Activity Intents — Announce (boost)
+      {
+        rel: "https://w3id.org/fep/3b86",
+        template: `${interactionBase}?uri={uri}&intent=announce`,
+        properties: {
+          "https://w3id.org/fep/3b86#intent":
+            "https://www.w3.org/ns/activitystreams#Announce",
+        },
       },
     ];
   });
@@ -305,6 +343,43 @@ export function setupFederation(options) {
     storeRawActivities,
   });
 
+  // Handle Delete activities from actors whose signing keys are gone.
+  // When an account is deleted, the remote server sends Delete but the
+  // actor's key endpoint returns 404/410, so signature verification fails.
+  // Fedify 2.1.0 lets us inspect these instead of auto-rejecting.
+  inboxChain
+    .onUnverifiedActivity(async (_ctx, activity, reason) => {
+      // Handle Delete activities from actors whose signing keys are gone.
+      // When an account is deleted, the remote server sends Delete but the
+      // actor's key endpoint returns 404/410, so signature verification fails.
+      // Fedify 2.1.0 lets us inspect these instead of auto-rejecting.
+      if (reason.type === "keyFetchError") {
+        const status = reason.result?.status;
+        if (status === 404 || status === 410) {
+          const actorId = activity.actorId?.href;
+          if (actorId) {
+            const activityType = activity.constructor?.name || "";
+            if (activityType === "Delete") {
+              console.info(
+                `[ActivityPub] Processing unverified Delete from ${actorId} (key ${status})`,
+              );
+              try {
+                await collections.ap_followers.deleteOne({ actorUrl: actorId });
+                await collections.ap_timeline.deleteMany({ "author.url": actorId });
+                await collections.ap_notifications.deleteMany({ actorUrl: actorId });
+                console.info(`[ActivityPub] Cleaned up data for deleted actor ${actorId}`);
+              } catch (error) {
+                console.warn(`[ActivityPub] Cleanup for ${actorId} failed: ${error.message}`);
+              }
+              return new Response(null, { status: 202 });
+            }
+          }
+        }
+      }
+      // All other unverified activities: return null for default 401
+      return null;
+    });
+
   // Enable authenticated fetches for the shared inbox.
   // Without this, Fedify can't verify incoming HTTP Signatures from servers
   // that require authorized fetch (e.g. hachyderm.io returns 401 on unsigned GETs).
@@ -337,17 +412,33 @@ export function setupFederation(options) {
       ? await collections.posts.countDocuments()
       : 0;
 
+    const profile = await getProfile(collections);
+
     return {
       software: {
         name: "indiekit",
         version: softwareVersion,
+        repository: new URL("https://github.com/getindiekit/indiekit"),
+        homepage: new URL("https://getindiekit.com"),
       },
       protocols: ["activitypub"],
+      services: {
+        inbound: [],
+        outbound: [],
+      },
+      openRegistrations: false,
       usage: {
         users: { total: 1, activeMonth: 1, activeHalfyear: 1 },
         localPosts: postsCount,
         localComments: 0,
       },
+      metadata: {
+        nodeName: profile.name || handle,
+        nodeDescription: profile.summary || "",
+        staffAccounts: [
+          `${publicationUrl}${mountPath.replace(/^\//, "")}/users/${handle}`,
+        ],
+      },
     };
   });
 
@@ -740,6 +831,8 @@ export async function buildPersonActor(
     featuredTags: ctx.getFeaturedTagsUri(identifier),
     endpoints: new Endpoints({ sharedInbox: ctx.getInboxUri() }),
     manuallyApprovesFollowers: profile.manuallyApprovesFollowers || false,
+    indexable: true,
+    discoverable: true,
   };
 
   if (profile.summary) {

package/lib/init-indexes.js

@@ -244,6 +244,12 @@ export function createIndexes(collections, options) {
       { userId: 1, timeline: 1 },
       { unique: true, background: true },
     );
+
+    // Tombstone indexes (FEP-4f05)
+    collections.ap_tombstones?.createIndex(
+      { url: 1 },
+      { unique: true, background: true },
+    );
   } catch {
     // Index creation failed — collections not yet available.
     // Indexes already exist from previous startups; non-fatal.

package/lib/storage/tombstones.js

@@ -0,0 +1,52 @@
+/**
+ * Tombstone storage for soft-deleted posts (FEP-4f05).
+ * When a post is deleted, a tombstone record is created so remote servers
+ * fetching the URL get a proper Tombstone response instead of 404.
+ * @module storage/tombstones
+ */
+
+/**
+ * Record a tombstone for a deleted post.
+ * @param {object} collections - MongoDB collections
+ * @param {object} data - { url, formerType, published, deleted }
+ */
+export async function addTombstone(collections, { url, formerType, published, deleted }) {
+  const { ap_tombstones } = collections;
+  if (!ap_tombstones) return;
+
+  await ap_tombstones.updateOne(
+    { url },
+    {
+      $set: {
+        url,
+        formerType: formerType || "Note",
+        published: published || null,
+        deleted: deleted || new Date().toISOString(),
+      },
+    },
+    { upsert: true },
+  );
+}
+
+/**
+ * Remove a tombstone (post re-published).
+ * @param {object} collections - MongoDB collections
+ * @param {string} url - Post URL
+ */
+export async function removeTombstone(collections, url) {
+  const { ap_tombstones } = collections;
+  if (!ap_tombstones) return;
+  await ap_tombstones.deleteOne({ url });
+}
+
+/**
+ * Look up a tombstone by URL.
+ * @param {object} collections - MongoDB collections
+ * @param {string} url - Post URL
+ * @returns {Promise<object|null>} Tombstone record or null
+ */
+export async function getTombstone(collections, url) {
+  const { ap_tombstones } = collections;
+  if (!ap_tombstones) return null;
+  return ap_tombstones.findOne({ url });
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rmdes/indiekit-endpoint-activitypub",
-  "version": "3.9.4",
+  "version": "3.10.0",
   "description": "ActivityPub federation endpoint for Indiekit via Fedify. Adds full fediverse support: actor, inbox, outbox, followers, following, syndication, and Mastodon migration.",
   "keywords": [
     "indiekit",
@@ -37,9 +37,9 @@
     "url": "https://github.com/rmdes/indiekit-endpoint-activitypub/issues"
   },
   "dependencies": {
-    "@fedify/debugger": "^2.0.0",
-    "@fedify/fedify": "^2.0.0",
-    "@fedify/redis": "^2.0.0",
+    "@fedify/debugger": "^2.1.0",
+    "@fedify/fedify": "^2.1.0",
+    "@fedify/redis": "^2.1.0",
     "@js-temporal/polyfill": "^0.5.0",
     "express": "^5.0.0",
     "express-rate-limit": "^7.5.1",