From becdf5e1f17a8176b3e36db487f547b3179a6350 Mon Sep 17 00:00:00 2001 From: Anthony Wang Date: Mon, 23 May 2022 11:43:59 -0500 Subject: [PATCH] Use go-ap instead of go-fed --- go.mod | 5 +- go.sum | 16 +++--- integrations/api_activitypub_person_test.go | 4 +- modules/activitypub/client.go | 9 +-- modules/activitypub/clock.go | 27 --------- modules/activitypub/clock_test.go | 30 ---------- routers/api/v1/activitypub/person.go | 58 ++++++------------- routers/api/v1/activitypub/reqsignature.go | 62 +++------------------ 8 files changed, 38 insertions(+), 173 deletions(-) delete mode 100644 modules/activitypub/clock.go delete mode 100644 modules/activitypub/clock_test.go diff --git a/go.mod b/go.mod index ceefebceea..d2375544ce 100644 --- a/go.mod +++ b/go.mod @@ -26,10 +26,10 @@ require ( github.com/emirpasic/gods v1.12.0 github.com/ethantkoenig/rupture v1.0.1 github.com/gliderlabs/ssh v0.3.3 + github.com/go-ap/activitypub v0.0.0-20220420091113-4837641dc83b github.com/go-chi/chi/v5 v5.0.7 github.com/go-chi/cors v1.2.0 github.com/go-enry/go-enry/v2 v2.8.0 - github.com/go-fed/activity v1.0.1-0.20220119073622-b14b50eecad0 github.com/go-fed/httpsig v1.1.1-0.20201223112313-55836744818e github.com/go-git/go-billy/v5 v5.3.1 github.com/go-git/go-git/v5 v5.4.3-0.20210630082519-b4368b2a2ca4 @@ -106,6 +106,7 @@ require ( require ( cloud.google.com/go v0.99.0 // indirect + git.sr.ht/~mariusor/go-xsd-duration v0.0.0-20200411073322-f0bcc40f0bf2 // indirect github.com/Azure/go-ntlmssp v0.0.0-20211209120228-48547f28849e // indirect github.com/Microsoft/go-winio v0.5.2 // indirect github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f // indirect @@ -158,6 +159,7 @@ require ( github.com/fsnotify/fsnotify v1.5.1 // indirect github.com/fullstorydev/grpcurl v1.8.1 // indirect github.com/fxamacker/cbor/v2 v2.4.0 // indirect + github.com/go-ap/jsonld v0.0.0-20200327122108-fafac2de2660 // indirect github.com/go-asn1-ber/asn1-ber v1.5.3 // indirect github.com/go-enry/go-oniguruma v1.2.1 // indirect github.com/go-git/gcfg v1.5.0 // indirect @@ -251,6 +253,7 @@ require ( github.com/toqueteos/webbrowser v1.2.0 // indirect github.com/ulikunitz/xz v0.5.10 // indirect github.com/unknwon/com v1.0.1 // indirect + github.com/valyala/fastjson v1.6.3 // indirect github.com/x448/float16 v0.8.4 // indirect github.com/xanzy/ssh-agent v0.3.1 // indirect github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect diff --git a/go.sum b/go.sum index 40a4cbbb05..ff16c0a201 100644 --- a/go.sum +++ b/go.sum @@ -69,6 +69,8 @@ contrib.go.opencensus.io/exporter/stackdriver v0.13.5/go.mod h1:aXENhDJ1Y4lIg4EU contrib.go.opencensus.io/integrations/ocsql v0.1.4/go.mod h1:8DsSdjz3F+APR+0z0WkU1aRorQCFfRxvqjUUPMbF3fE= contrib.go.opencensus.io/resource v0.1.1/go.mod h1:F361eGI91LCmW1I/Saf+rX0+OFcigGlFvXwEGEnkRLA= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +git.sr.ht/~mariusor/go-xsd-duration v0.0.0-20200411073322-f0bcc40f0bf2 h1:2OrsyJYZp7J6nyAsKi2q1SELYRaIc0aQmcQ/EQqPfk8= +git.sr.ht/~mariusor/go-xsd-duration v0.0.0-20200411073322-f0bcc40f0bf2/go.mod h1:g/V2Hjas6Z1UHUp4yIx6bATpNzJ7DYtD0FG3+xARWxs= gitea.com/go-chi/binding v0.0.0-20220309004920-114340dabecb h1:Yy0Bxzc8R2wxiwXoG/rECGplJUSpXqCsog9PuJFgiHs= gitea.com/go-chi/binding v0.0.0-20220309004920-114340dabecb/go.mod h1:77TZu701zMXWJFvB8gvTbQ92zQ3DQq/H7l5wAEjQRKc= gitea.com/go-chi/cache v0.0.0-20210110083709-82c4c9ce2d5e/go.mod h1:k2V/gPDEtXGjjMGuBJiapffAXTv76H4snSmlJRLUhH0= @@ -356,7 +358,6 @@ github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ github.com/cupcake/rdb v0.0.0-20161107195141-43ba34106c76/go.mod h1:vYwsqCOLxGiisLwp9rITslkFNpZD5rz43tf41QFkTWY= github.com/daaku/go.zipexe v1.0.0/go.mod h1:z8IiR6TsVLEYKwXAoE/I+8ys/sDkgTzSL0CLnGVd57E= github.com/daaku/go.zipexe v1.0.1/go.mod h1:5xWogtqlYnfBXkSB1o9xysukNP9GTvaNkqzUZbt3Bw8= -github.com/dave/jennifer v1.3.0/go.mod h1:fIb+770HOpJ2fmN9EPPKOqm1vMGhB+TwXKMZhrIygKg= github.com/davecgh/go-spew v0.0.0-20161028175848-04cdfd42973b/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= @@ -452,6 +453,10 @@ github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0 github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= github.com/glycerine/go-unsnap-stream v0.0.0-20181221182339-f9677308dec2/go.mod h1:/20jfyN9Y5QPEAprSgKAUr+glWDY39ZiUEAYOEv5dsE= github.com/glycerine/goconvey v0.0.0-20190410193231-58a59202ab31/go.mod h1:Ogl1Tioa0aV7gstGFO7KhffUsb9M4ydbEbbxpcEDc24= +github.com/go-ap/activitypub v0.0.0-20220420091113-4837641dc83b h1:Hh6VfXJpz8yIj9X+L7I/sbMYyg/yxzq0n/5gpiptd/k= +github.com/go-ap/activitypub v0.0.0-20220420091113-4837641dc83b/go.mod h1:MB3P8x1tiEf6sOEfXnHEep23Zp+onx2HcD8G4eILAkM= +github.com/go-ap/jsonld v0.0.0-20200327122108-fafac2de2660 h1:AUG8+r0Q/zbNUAi5CWVBK5oUhOZDX3Kkr+oWURaJIfU= +github.com/go-ap/jsonld v0.0.0-20200327122108-fafac2de2660/go.mod h1:jyveZeGw5LaADntW+UEsMjl3IlIwk+DxlYNsbofQkGA= github.com/go-asn1-ber/asn1-ber v1.5.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= github.com/go-asn1-ber/asn1-ber v1.5.3 h1:u7utq56RUFiynqUzgVMFDymapcOtQ/MZkh3H4QYkxag= github.com/go-asn1-ber/asn1-ber v1.5.3/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= @@ -465,9 +470,6 @@ github.com/go-enry/go-enry/v2 v2.8.0 h1:KMW4mSG+8uUF6FaD3iPkFqyfC5tF8gRrsYImq6yh github.com/go-enry/go-enry/v2 v2.8.0/go.mod h1:GVzIiAytiS5uT/QiuakK7TF1u4xDab87Y8V5EJRpsIQ= github.com/go-enry/go-oniguruma v1.2.1 h1:k8aAMuJfMrqm/56SG2lV9Cfti6tC4x8673aHCcBk+eo= github.com/go-enry/go-oniguruma v1.2.1/go.mod h1:bWDhYP+S6xZQgiRL7wlTScFYBe023B6ilRZbCAD5Hf4= -github.com/go-fed/activity v1.0.1-0.20220119073622-b14b50eecad0 h1:rV8Mp/ChJLd0ZUrS6xMwiP6ZIFpSomffrQOjf4Xyd3M= -github.com/go-fed/activity v1.0.1-0.20220119073622-b14b50eecad0/go.mod h1:v4QoPaAzjWZ8zN2VFVGL5ep9C02mst0hQYHUpQwso4Q= -github.com/go-fed/httpsig v0.1.1-0.20190914113940-c2de3672e5b5/go.mod h1:T56HUNYZUQ1AGUzhAYPugZfp36sKApVnGBgKlIY+aIE= github.com/go-fed/httpsig v1.1.1-0.20201223112313-55836744818e h1:oRq/fiirun5HqlEWMLIcDmLpIELlG4iGbd0s8iqgPi8= github.com/go-fed/httpsig v1.1.1-0.20201223112313-55836744818e/go.mod h1:RCMrTZvN1bJYtofsG4rd5NaO5obxQ5xBkdiS7xsT7bM= github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= @@ -614,8 +616,6 @@ github.com/go-swagger/go-swagger v0.29.0/go.mod h1:Z4GJzI+bHKKkGB2Ji1rawpi3/ldXX github.com/go-swagger/scan-repo-boundary v0.0.0-20180623220736-973b3573c013 h1:l9rI6sNaZgNC0LnF3MiE+qTmyBA/tZAg1rtyrGbUMK0= github.com/go-swagger/scan-repo-boundary v0.0.0-20180623220736-973b3573c013/go.mod h1:b65mBPzqzZWxOZGxSWrqs4GInLIn+u99Q9q7p+GKni0= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/go-test/deep v1.0.1 h1:UQhStjbkDClarlmv0am7OXXO4/GaPdCGiUiMTvi28sg= -github.com/go-test/deep v1.0.1/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/go-testfixtures/testfixtures/v3 v3.6.1 h1:n4Fv95Exp0D05G6l6CAZv22Ck1EJK0pa0TfPqE4ncSs= github.com/go-testfixtures/testfixtures/v3 v3.6.1/go.mod h1:Bsb2MoHAfHnNsPpSwAjtOs102mqDuM+1u3nE2OCi0N0= github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0= @@ -1519,6 +1519,8 @@ github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtX github.com/urfave/cli v1.22.5 h1:lNq9sAHXK2qfdI8W+GRItjCEkI+2oR4d+MEHy1CKXoU= github.com/urfave/cli v1.22.5/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= +github.com/valyala/fastjson v1.6.3 h1:tAKFnnwmeMGPbwJ7IwxcTPCNr3uIzoIj3/Fh90ra4xc= +github.com/valyala/fastjson v1.6.3/go.mod h1:CLCAqky6SMuOcxStkYQvblddUtoRxhYMGLrsQns1aXY= github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8= github.com/vektah/gqlparser v1.1.2/go.mod h1:1ycwN7Ij5njmMkPPAOaRFY4rET2Enx7IkVv3vaXspKw= github.com/weppos/publicsuffix-go v0.13.1-0.20210123135404-5fd73613514e/go.mod h1:HYux0V0Zi04bHNwOHy4cXJVz/TQjYonnF6aoYhj+3QE= @@ -1651,7 +1653,6 @@ go.uber.org/zap v1.21.0 h1:WefMeulhovoZ2sYXz7st6K0sLj7bBhpiFaud4r4zST8= go.uber.org/zap v1.21.0/go.mod h1:wjWOCqI0f2ZZrJF/UufIOkiC8ii6tm1iqIsLo76RfJw= gocloud.dev v0.19.0/go.mod h1:SmKwiR8YwIMMJvQBKLsC3fHNyMwXLw3PMDO+VVteJMI= golang.org/x/crypto v0.0.0-20180501155221-613d6eafa307/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20180527072434-ab813273cd59/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= @@ -1848,7 +1849,6 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180525142821-c11f84a56e43/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= diff --git a/integrations/api_activitypub_person_test.go b/integrations/api_activitypub_person_test.go index 14eec69250..f3479e65c8 100644 --- a/integrations/api_activitypub_person_test.go +++ b/integrations/api_activitypub_person_test.go @@ -16,9 +16,7 @@ import ( "code.gitea.io/gitea/modules/activitypub" "code.gitea.io/gitea/modules/setting" - "github.com/go-fed/activity/pub" - "github.com/go-fed/activity/streams" - "github.com/go-fed/activity/streams/vocab" + "github.com/go-ap/activitypub" "github.com/stretchr/testify/assert" ) diff --git a/modules/activitypub/client.go b/modules/activitypub/client.go index 0e4998234a..bbc0d3de21 100644 --- a/modules/activitypub/client.go +++ b/modules/activitypub/client.go @@ -17,7 +17,6 @@ import ( "code.gitea.io/gitea/modules/proxy" "code.gitea.io/gitea/modules/setting" - "github.com/go-fed/activity/pub" "github.com/go-fed/httpsig" ) @@ -46,7 +45,6 @@ func containsRequiredHTTPHeaders(method string, headers []string) error { // Client struct type Client struct { - clock pub.Clock client *http.Client algs []httpsig.Algorithm digestAlg httpsig.DigestAlgorithm @@ -67,10 +65,6 @@ func NewClient(user *user_model.User, pubID string) (c *Client, err error) { for i, algo := range setting.Federation.Algorithms { algos[i] = httpsig.Algorithm(algo) } - clock, err := NewClock() - if err != nil { - return - } priv, err := GetPrivateKey(user) if err != nil { @@ -83,7 +77,6 @@ func NewClient(user *user_model.User, pubID string) (c *Client, err error) { } c = &Client{ - clock: clock, client: &http.Client{ Transport: &http.Transport{ Proxy: proxy.Proxy(), @@ -108,7 +101,7 @@ func (c *Client) NewRequest(b []byte, to string) (req *http.Request, err error) } req.Header.Add("Content-Type", ActivityStreamsContentType) req.Header.Add("Accept-Charset", "utf-8") - req.Header.Add("Date", fmt.Sprintf("%s GMT", c.clock.Now().UTC().Format(time.RFC1123))) + req.Header.Add("Date", fmt.Sprintf("%s GMT", time.Now().UTC().Format(time.RFC1123))) signer, _, err := httpsig.NewSigner(c.algs, c.digestAlg, c.postHeaders, httpsig.Signature, httpsigExpirationTime) if err != nil { diff --git a/modules/activitypub/clock.go b/modules/activitypub/clock.go deleted file mode 100644 index f8970102e7..0000000000 --- a/modules/activitypub/clock.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2022 The Gitea Authors. All rights reserved. -// Use of this source code is governed by a MIT-style -// license that can be found in the LICENSE file. - -package activitypub - -import ( - "time" - - "github.com/go-fed/activity/pub" -) - -var _ pub.Clock = &Clock{} - -// Clock struct -type Clock struct{} - -// NewClock function -func NewClock() (c *Clock, err error) { - c = &Clock{} - return -} - -// Now function -func (c *Clock) Now() time.Time { - return time.Now().Local() -} diff --git a/modules/activitypub/clock_test.go b/modules/activitypub/clock_test.go deleted file mode 100644 index e5b0c1de81..0000000000 --- a/modules/activitypub/clock_test.go +++ /dev/null @@ -1,30 +0,0 @@ -// Copyright 2022 The Gitea Authors. All rights reserved. -// Use of this source code is governed by a MIT-style -// license that can be found in the LICENSE file. - -package activitypub - -import ( - "regexp" - "testing" - "time" - - "code.gitea.io/gitea/modules/setting" - - "github.com/stretchr/testify/assert" -) - -func TestClock(t *testing.T) { - DefaultUILocation := setting.DefaultUILocation - defer func() { - setting.DefaultUILocation = DefaultUILocation - }() - c, err := NewClock() - assert.NoError(t, err) - setting.DefaultUILocation, err = time.LoadLocation("UTC") - assert.NoError(t, err) - assert.Regexp(t, regexp.MustCompile(`\+0000$`), c.Now().Format(time.Layout)) - setting.DefaultUILocation, err = time.LoadLocation("Europe/Paris") - assert.NoError(t, err) - assert.Regexp(t, regexp.MustCompile(`\+0[21]00$`), c.Now().Format(time.Layout)) -} diff --git a/routers/api/v1/activitypub/person.go b/routers/api/v1/activitypub/person.go index 7b9b238177..d829888cc2 100644 --- a/routers/api/v1/activitypub/person.go +++ b/routers/api/v1/activitypub/person.go @@ -6,7 +6,6 @@ package activitypub import ( "net/http" - "net/url" "strings" "code.gitea.io/gitea/modules/activitypub" @@ -14,7 +13,7 @@ import ( "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/routers/api/v1/user" - "github.com/go-fed/activity/streams" + ap "github.com/go-ap/activitypub" ) // Person function @@ -39,59 +38,34 @@ func Person(ctx *context.APIContext) { return } username := ctx.Params("username") - - person := streams.NewActivityStreamsPerson() - - id := streams.NewJSONLDIdProperty() + link := strings.TrimSuffix(setting.AppURL, "/") + strings.TrimSuffix(ctx.Req.URL.EscapedPath(), "/") - idIRI, _ := url.Parse(link) - id.SetIRI(idIRI) - person.SetJSONLDId(id) + person := ap.PersonNew(ap.IRI(link)) - name := streams.NewActivityStreamsNameProperty() - name.AppendXMLSchemaString(username) - person.SetActivityStreamsName(name) + name := ap.NaturalLanguageValuesNew() + name.Set("en", ap.Content(username)) + person.Name = name - ibox := streams.NewActivityStreamsInboxProperty() - urlObject, _ := url.Parse(link + "/inbox") - ibox.SetIRI(urlObject) - person.SetActivityStreamsInbox(ibox) + person.Inbox = ap.Item(ap.IRI(link + "/inbox")) + person.Outbox = ap.Item(ap.IRI(link + "/outbox")) - obox := streams.NewActivityStreamsOutboxProperty() - urlObject, _ = url.Parse(link + "/outbox") - obox.SetIRI(urlObject) - person.SetActivityStreamsOutbox(obox) - - publicKeyProp := streams.NewW3IDSecurityV1PublicKeyProperty() - - publicKeyType := streams.NewW3IDSecurityV1PublicKey() - - pubKeyIDProp := streams.NewJSONLDIdProperty() - pubKeyIRI, _ := url.Parse(link + "#main-key") - pubKeyIDProp.SetIRI(pubKeyIRI) - publicKeyType.SetJSONLDId(pubKeyIDProp) - - ownerProp := streams.NewW3IDSecurityV1OwnerProperty() - ownerProp.SetIRI(idIRI) - publicKeyType.SetW3IDSecurityV1Owner(ownerProp) - - publicKeyPemProp := streams.NewW3IDSecurityV1PublicKeyPemProperty() + person.PublicKey.ID = ap.IRI(link + "#main-key") + person.PublicKey.Owner = ap.IRI(link) + publicKeyPem, err := activitypub.GetPublicKey(user) if err != nil { ctx.Error(http.StatusInternalServerError, "GetPublicKey", err) return } - publicKeyPemProp.Set(publicKeyPem) - publicKeyType.SetW3IDSecurityV1PublicKeyPem(publicKeyPemProp) + person.PublicKey.PublicKeyPem = publicKeyPem - publicKeyProp.AppendW3IDSecurityV1PublicKey(publicKeyType) - person.SetW3IDSecurityV1PublicKey(publicKeyProp) - - jsonmap, err := streams.Serialize(person) + binary, err := person.MarshalJSON() if err != nil { ctx.Error(http.StatusInternalServerError, "Serialize", err) } - ctx.JSON(http.StatusOK, jsonmap) + ctx.Resp.Header().Set("Content-Type", "application/json;charset=utf-8") + ctx.Write(binary) + ctx.Status(http.StatusOK) } // PersonInbox function diff --git a/routers/api/v1/activitypub/reqsignature.go b/routers/api/v1/activitypub/reqsignature.go index b9f665da10..6c4d289c48 100644 --- a/routers/api/v1/activitypub/reqsignature.go +++ b/routers/api/v1/activitypub/reqsignature.go @@ -18,67 +18,25 @@ import ( "code.gitea.io/gitea/modules/activitypub" gitea_context "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/httplib" - "code.gitea.io/gitea/modules/json" "code.gitea.io/gitea/modules/setting" - "github.com/go-fed/activity/pub" - "github.com/go-fed/activity/streams" - "github.com/go-fed/activity/streams/vocab" + ap "github.com/go-ap/activitypub" "github.com/go-fed/httpsig" ) -type publicKeyer interface { - GetW3IDSecurityV1PublicKey() vocab.W3IDSecurityV1PublicKeyProperty -} - func getPublicKeyFromResponse(ctx context.Context, b []byte, keyID *url.URL) (p crypto.PublicKey, err error) { - m := make(map[string]interface{}) - err = json.Unmarshal(b, &m) + person := ap.PersonNew(ap.IRI(keyID.String())) + err = person.UnmarshalJSON(b) if err != nil { + err = fmt.Errorf("ActivityStreams type cannot be converted to one known to have publicKey property: %T", b) return } - var t vocab.Type - t, err = streams.ToType(ctx, m) - if err != nil { - return - } - pker, ok := t.(publicKeyer) - if !ok { - err = fmt.Errorf("ActivityStreams type cannot be converted to one known to have publicKey property: %T", t) - return - } - pkp := pker.GetW3IDSecurityV1PublicKey() - if pkp == nil { - err = fmt.Errorf("publicKey property is not provided") - return - } - var pkpFound vocab.W3IDSecurityV1PublicKey - for pkpIter := pkp.Begin(); pkpIter != pkp.End(); pkpIter = pkpIter.Next() { - if !pkpIter.IsW3IDSecurityV1PublicKey() { - continue - } - pkValue := pkpIter.Get() - var pkID *url.URL - pkID, err = pub.GetId(pkValue) - if err != nil { - return - } - if pkID.String() != keyID.String() { - continue - } - pkpFound = pkValue - break - } - if pkpFound == nil { + pkey := person.PublicKey + if pkey.ID.String() != keyID.String() { err = fmt.Errorf("cannot find publicKey with id: %s in %s", keyID, b) return } - pkPemProp := pkpFound.GetW3IDSecurityV1PublicKeyPem() - if pkPemProp == nil || !pkPemProp.IsXMLSchemaString() { - err = fmt.Errorf("publicKeyPem property is not provided or it is not embedded as a value") - return - } - pubKeyPem := pkPemProp.Get() + pubKeyPem := pkey.PublicKeyPem block, _ := pem.Decode([]byte(pubKeyPem)) if block == nil || block.Type != "PUBLIC KEY" { err = fmt.Errorf("could not decode publicKeyPem to PUBLIC KEY pem block type") @@ -92,11 +50,7 @@ func fetch(iri *url.URL) (b []byte, err error) { req := httplib.NewRequest(iri.String(), http.MethodGet) req.Header("Accept", activitypub.ActivityStreamsContentType) req.Header("Accept-Charset", "utf-8") - clock, err := activitypub.NewClock() - if err != nil { - return - } - req.Header("Date", fmt.Sprintf("%s GMT", clock.Now().UTC().Format(time.RFC1123))) + req.Header("Date", fmt.Sprintf("%s GMT", time.Now().UTC().Format(time.RFC1123))) resp, err := req.Response() if err != nil { return