activityserve/actor.go

722 lines
20 KiB
Go

package activityserve
import (
"bytes"
"encoding/json"
"errors"
"fmt"
"io/ioutil"
"net/http"
"net/url"
"os"
"strconv"
"strings"
"time"
"github.com/gologme/log"
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/sha256"
"crypto/x509"
"encoding/base64"
"encoding/pem"
"github.com/dchest/uniuri"
"github.com/go-fed/httpsig"
)
// Actor represents a local actor we can act on
// behalf of.
type Actor struct {
name, summary, actorType, iri string
followersIRI string
nuIri *url.URL
followers, following, rejected map[string]interface{}
posts map[int]map[string]interface{}
publicKey crypto.PublicKey
privateKey crypto.PrivateKey
publicKeyPem string
privateKeyPem string
publicKeyID string
OnFollow func(map[string]interface{})
}
// ActorToSave is a stripped down actor representation
// with exported properties in order for json to be
// able to marshal it.
// see https://stackoverflow.com/questions/26327391/json-marshalstruct-returns
type ActorToSave struct {
Name, Summary, ActorType, IRI, PublicKey, PrivateKey string
Followers, Following, Rejected map[string]interface{}
}
// MakeActor returns a new local actor we can act
// on behalf of
func MakeActor(name, summary, actorType string) (Actor, error) {
followers := make(map[string]interface{})
following := make(map[string]interface{})
rejected := make(map[string]interface{})
followersIRI := baseURL + name + "/followers"
publicKeyID := baseURL + name + "#main-key"
iri := baseURL + name
nuIri, err := url.Parse(iri)
if err != nil {
log.Info("Something went wrong when parsing the local actor uri into net/url")
return Actor{}, err
}
actor := Actor{
name: name,
summary: summary,
actorType: actorType,
iri: iri,
nuIri: nuIri,
followers: followers,
following: following,
rejected: rejected,
followersIRI: followersIRI,
publicKeyID: publicKeyID,
}
// set auto accept by default (this could be a configuration value)
actor.OnFollow = func(activity map[string]interface{}) { actor.Accept(activity) }
// create actor's keypair
rng := rand.Reader
privateKey, err := rsa.GenerateKey(rng, 2048)
publicKey := privateKey.PublicKey
actor.publicKey = publicKey
actor.privateKey = privateKey
// marshal the crypto to pem
privateKeyDer := x509.MarshalPKCS1PrivateKey(privateKey)
privateKeyBlock := pem.Block{
Type: "RSA PRIVATE KEY",
Headers: nil,
Bytes: privateKeyDer,
}
actor.privateKeyPem = string(pem.EncodeToMemory(&privateKeyBlock))
publicKeyDer, err := x509.MarshalPKIXPublicKey(&publicKey)
if err != nil {
log.Info("Can't marshal public key")
return Actor{}, err
}
publicKeyBlock := pem.Block{
Type: "PUBLIC KEY",
Headers: nil,
Bytes: publicKeyDer,
}
actor.publicKeyPem = string(pem.EncodeToMemory(&publicKeyBlock))
err = actor.save()
if err != nil {
return actor, err
}
return actor, nil
}
// GetOutboxIRI returns the outbox iri in net/url
func (a *Actor) GetOutboxIRI() *url.URL {
iri := a.iri + "/outbox"
nuiri, _ := url.Parse(iri)
return nuiri
}
// LoadActor searches the filesystem and creates an Actor
// from the data in name.json
func LoadActor(name string) (Actor, error) {
// make sure our users can't read our hard drive
if strings.ContainsAny(name, "./ ") {
log.Info("Illegal characters in actor name")
return Actor{}, errors.New("Illegal characters in actor name")
}
jsonFile := storage + slash + "actors" + slash + name + slash + name + ".json"
fileHandle, err := os.Open(jsonFile)
if os.IsNotExist(err) {
log.Info("We don't have this kind of actor stored")
return Actor{}, err
}
byteValue, err := ioutil.ReadAll(fileHandle)
if err != nil {
log.Info("Error reading actor file")
return Actor{}, err
}
jsonData := make(map[string]interface{})
json.Unmarshal(byteValue, &jsonData)
nuIri, err := url.Parse(jsonData["IRI"].(string))
if err != nil {
log.Info("Something went wrong when parsing the local actor uri into net/url")
return Actor{}, err
}
// publicKeyNewLines := strings.ReplaceAll(jsonData["PublicKey"].(string), "\\n", "\n")
// privateKeyNewLines := strings.ReplaceAll(jsonData["PrivateKey"].(string), "\\n", "\n")
publicKeyDecoded, rest := pem.Decode([]byte(jsonData["PublicKey"].(string)))
if publicKeyDecoded == nil {
log.Info(rest)
panic("failed to parse PEM block containing the public key")
}
publicKey, err := x509.ParsePKIXPublicKey(publicKeyDecoded.Bytes)
if err != nil {
log.Info("Can't parse public keys")
log.Info(err)
return Actor{}, err
}
privateKeyDecoded, rest := pem.Decode([]byte(jsonData["PrivateKey"].(string)))
if privateKeyDecoded == nil {
log.Info(rest)
panic("failed to parse PEM block containing the private key")
}
privateKey, err := x509.ParsePKCS1PrivateKey(privateKeyDecoded.Bytes)
if err != nil {
log.Info("Can't parse private keys")
log.Info(err)
return Actor{}, err
}
actor := Actor{
name: name,
summary: jsonData["Summary"].(string),
actorType: jsonData["ActorType"].(string),
iri: jsonData["IRI"].(string),
nuIri: nuIri,
followers: jsonData["Followers"].(map[string]interface{}),
following: jsonData["Following"].(map[string]interface{}),
rejected: jsonData["Rejected"].(map[string]interface{}),
publicKey: publicKey,
privateKey: privateKey,
publicKeyPem: jsonData["PublicKey"].(string),
privateKeyPem: jsonData["PrivateKey"].(string),
followersIRI: baseURL + name + "/followers",
publicKeyID: baseURL + name + "#main-key",
}
return actor, nil
}
// func LoadActorFromIRI(iri string) a Actor{
// }
// save the actor to file
func (a *Actor) save() error {
// check if we already have a directory to save actors
// and if not, create it
dir := storage + slash + "actors" + slash + a.name + slash + "items"
if _, err := os.Stat(dir); os.IsNotExist(err) {
os.MkdirAll(dir, 0755)
}
actorToSave := ActorToSave{
Name: a.name,
Summary: a.summary,
ActorType: a.actorType,
IRI: a.iri,
Followers: a.followers,
Following: a.following,
Rejected: a.rejected,
PublicKey: a.publicKeyPem,
PrivateKey: a.privateKeyPem,
}
actorJSON, err := json.MarshalIndent(actorToSave, "", "\t")
if err != nil {
log.Info("error Marshalling actor json")
return err
}
// log.Info(actorToSave)
// log.Info(string(actorJSON))
err = ioutil.WriteFile(storage+slash+"actors"+slash+a.name+slash+a.name+".json", actorJSON, 0644)
if err != nil {
log.Printf("WriteFileJson ERROR: %+v", err)
return err
}
return nil
}
func (a *Actor) whoAmI() string {
return `{"@context": "https://www.w3.org/ns/activitystreams",
"type": "` + a.actorType + `",
"id": "` + baseURL + a.name + `",
"name": "` + a.name + `",
"preferredUsername": "` + a.name + `",
"summary": "` + a.summary + `",
"inbox": "` + baseURL + a.name + `/inbox",
"outbox": "` + baseURL + a.name + `/outbox",
"followers": "` + baseURL + a.name + `/peers/followers",
"following": "` + baseURL + a.name + `/peers/following",
"publicKey": {
"id": "` + baseURL + a.name + `#main-key",
"owner": "` + baseURL + a.name + `",
"publicKeyPem": "` + strings.ReplaceAll(a.publicKeyPem, "\n", "\\n") + `"
}
}`
}
func (a *Actor) newID() (hash string, url string) {
hash = uniuri.New()
return hash, baseURL + a.name + "/item/" + hash
}
// TODO Reply(content string, inReplyTo string)
// ReplyNote sends a note to a specific actor in reply to
// a post
//TODO
// DM sends a direct message to a user
// TODO
// CreateNote posts an activityPub note to our followers
//
func (a *Actor) CreateNote(content, inReplyTo string) {
// for now I will just write this to the outbox
hash, id := a.newID()
create := make(map[string]interface{})
note := make(map[string]interface{})
create["@context"] = context()
create["actor"] = baseURL + a.name
create["cc"] = a.followersIRI
create["id"] = id
create["object"] = note
note["attributedTo"] = baseURL + a.name
note["cc"] = a.followersIRI
note["content"] = content
if inReplyTo != "" {
note["inReplyTo"] = inReplyTo
}
note["id"] = id
note["published"] = time.Now().Format(time.RFC3339)
note["url"] = create["id"]
note["type"] = "Note"
note["to"] = "https://www.w3.org/ns/activitystreams#Public"
create["published"] = note["published"]
create["type"] = "Create"
go a.sendToFollowers(create)
err := a.saveItem(hash, create)
if err != nil {
log.Info("Could not save note to disk")
}
err = a.appendToOutbox(id)
if err != nil {
log.Info("Could not append Note to outbox.txt")
}
}
// saveItem saves an activity to disk under the actor and with the id as
// filename
func (a *Actor) saveItem(hash string, content map[string]interface{}) error {
JSON, _ := json.MarshalIndent(content, "", "\t")
dir := storage + slash + "actors" + slash + a.name + slash + "items"
err := ioutil.WriteFile(dir+slash+hash+".json", JSON, 0644)
if err != nil {
log.Printf("WriteFileJson ERROR: %+v", err)
return err
}
return nil
}
func (a *Actor) loadItem(hash string) (item map[string]interface{}, err error) {
dir := storage + slash + "actors" + slash + a.name + slash + "items"
jsonFile := dir + slash + hash + ".json"
fileHandle, err := os.Open(jsonFile)
if os.IsNotExist(err) {
log.Info("We don't have this item stored")
return
}
byteValue, err := ioutil.ReadAll(fileHandle)
if err != nil {
log.Info("Error reading item file")
return
}
json.Unmarshal(byteValue, &item)
return
}
// send is here for backward compatibility and maybe extra pre-processing
// not always required
func (a *Actor) send(content map[string]interface{}, to *url.URL) (err error) {
return a.signedHTTPPost(content, to.String())
}
// getPeers gets followers or following depending on `who`
func (a *Actor) getPeers(page int, who string) (response []byte, err error) {
// if there's no page parameter mastodon displays an
// OrderedCollection with info of where to find orderedCollectionPages
// with the actual information. We are mirroring that behavior
var collection map[string]interface{}
if who == "followers" {
collection = a.followers
} else if who == "following" {
collection = a.following
} else {
return nil, errors.New("cannot find collection" + who)
}
themap := make(map[string]interface{})
themap["@context"] = "https://www.w3.org/ns/activitystreams"
if page == 0 {
themap["first"] = baseURL + a.name + "/" + who + "?page=1"
themap["id"] = baseURL + a.name + "/" + who
themap["totalItems"] = strconv.Itoa(len(collection))
themap["type"] = "OrderedCollection"
} else if page == 1 { // implement pagination
themap["id"] = baseURL + a.name + who + "?page=" + strconv.Itoa(page)
items := make([]string, 0, len(collection))
for k := range collection {
items = append(items, k)
}
themap["orderedItems"] = items
themap["partOf"] = baseURL + a.name + "/" + who
themap["totalItems"] = len(collection)
themap["type"] = "OrderedCollectionPage"
}
response, _ = json.Marshal(themap)
return
}
// GetFollowers returns a list of people that follow us
func (a *Actor) GetFollowers(page int) (response []byte, err error) {
return a.getPeers(page, "followers")
}
// GetFollowing returns a list of people that we follow
func (a *Actor) GetFollowing(page int) (response []byte, err error) {
return a.getPeers(page, "following")
}
func (a *Actor) signedHTTPPost(content map[string]interface{}, to string) (err error) {
b, err := json.Marshal(content)
if err != nil {
log.Info("Can't marshal JSON")
log.Info(err)
return
}
postSigner, _, _ := httpsig.NewSigner([]httpsig.Algorithm{httpsig.RSA_SHA256}, []string{"(request-target)", "date", "host", "digest"}, httpsig.Signature)
byteCopy := make([]byte, len(b))
copy(byteCopy, b)
buf := bytes.NewBuffer(byteCopy)
req, err := http.NewRequest("POST", to, buf)
if err != nil {
log.Info(err)
return
}
// I prefer to deal with strings and just parse to net/url if and when
// needed, even if here we do one extra round trip
iri, err := url.Parse(to)
if err != nil {
log.Error("cannot parse url for POST, check your syntax")
return err
}
req.Header.Add("Accept-Charset", "utf-8")
req.Header.Add("Date", time.Now().UTC().Format("Mon, 02 Jan 2006 15:04:05")+" GMT")
req.Header.Add("User-Agent", userAgent+" "+version)
req.Header.Add("Host", iri.Host)
req.Header.Add("Accept", "application/activity+json")
sum := sha256.Sum256(b)
req.Header.Add("Digest",
fmt.Sprintf("SHA-256=%s",
base64.StdEncoding.EncodeToString(sum[:])))
err = postSigner.SignRequest(a.privateKey, a.publicKeyID, req)
if err != nil {
log.Info(err)
return
}
resp, err := client.Do(req)
if err != nil {
log.Info(err)
return
}
defer resp.Body.Close()
if !isSuccess(resp.StatusCode) {
responseData, _ := ioutil.ReadAll(resp.Body)
err = fmt.Errorf("POST request to %s failed (%d): %s\nResponse: %s \nRequest: %s \nHeaders: %s", to, resp.StatusCode, resp.Status, FormatJSON(responseData), FormatJSON(byteCopy), FormatHeaders(req.Header))
log.Info(err)
return
}
responseData, _ := ioutil.ReadAll(resp.Body)
fmt.Printf("POST request to %s succeeded (%d): %s \nResponse: %s \nRequest: %s \nHeaders: %s", to, resp.StatusCode, resp.Status, FormatJSON(responseData), FormatJSON(byteCopy), FormatHeaders(req.Header))
return
}
func (a *Actor) signedHTTPGet(address string) (string, error) {
req, err := http.NewRequest("GET", address, nil)
if err != nil {
log.Error("cannot create new http.request")
return "", err
}
iri, err := url.Parse(address)
if err != nil {
log.Error("cannot parse url for GET, check your syntax")
return "", err
}
req.Header.Add("Accept-Charset", "utf-8")
req.Header.Add("Date", time.Now().UTC().Format("Mon, 02 Jan 2006 15:04:05")+" GMT")
req.Header.Add("User-Agent", fmt.Sprintf("%s %s %s", userAgent, libName, version))
req.Header.Add("host", iri.Host)
req.Header.Add("digest", "")
req.Header.Add("Accept", "application/activity+json; profile=\"https://www.w3.org/ns/activitystreams\"")
// set up the http signer
signer, _, _ := httpsig.NewSigner([]httpsig.Algorithm{httpsig.RSA_SHA256}, []string{"(request-target)", "date", "host", "digest"}, httpsig.Signature)
err = signer.SignRequest(a.privateKey, a.publicKeyID, req)
if err != nil {
log.Error("Can't sign the request")
return "", err
}
resp, err := client.Do(req)
if err != nil {
log.Error("Cannot perform the GET request")
log.Error(err)
return "", err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
responseData, _ := ioutil.ReadAll(resp.Body)
return "", fmt.Errorf("GET request to %s failed (%d): %s \n%s", iri.String(), resp.StatusCode, resp.Status, FormatJSON(responseData))
}
responseData, _ := ioutil.ReadAll(resp.Body)
fmt.Println("GET request succeeded:", iri.String(), req.Header, resp.StatusCode, resp.Status, "\n", FormatJSON(responseData))
responseText := string(responseData)
return responseText, nil
}
// NewFollower records a new follower to the actor file
func (a *Actor) NewFollower(iri string, inbox string) error {
a.followers[iri] = inbox
return a.save()
}
func (a *Actor) appendToOutbox(iri string) (err error) {
// create outbox file if it doesn't exist
var outbox *os.File
outboxFilePath := storage + slash + "actors" + slash + a.name + slash + "outbox.txt"
outbox, err = os.OpenFile(outboxFilePath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
if err != nil {
log.Info("Cannot create or open outbox file")
log.Info(err)
return err
}
defer outbox.Close()
outbox.Write([]byte(iri + "\n"))
return nil
}
func (a *Actor) batchSend(activity map[string]interface{}, recipients []string) (err error) {
for _, v := range recipients {
err := a.signedHTTPPost(activity, v)
if err != nil {
log.Info("Failed to deliver message to " + v)
}
}
return
}
func (a *Actor) sendToFollowers(activity map[string]interface{}) (err error) {
recipients := make([]string, len(a.followers))
i := 0
for _, inbox := range a.followers {
recipients[i] = inbox.(string)
i++
}
a.batchSend(activity, recipients)
return
}
// Follow a remote user by their iri
func (a *Actor) Follow(user string) (err error) {
remote, err := NewRemoteActor(user)
if err != nil {
log.Info("Can't contact " + user + " to get their inbox")
return
}
follow := make(map[string]interface{})
_, id := a.newID()
follow["@context"] = context()
follow["actor"] = a.iri
follow["id"] = id
follow["object"] = user
follow["type"] = "Follow"
// if we are not already following them
if _, ok := a.following[user]; !ok {
// if we have not been rejected previously
if _, ok := a.rejected[user]; !ok {
go func() {
err := a.signedHTTPPost(follow, remote.inbox)
if err != nil {
log.Info("Couldn't follow " + user)
log.Info(err)
return
}
// save the activity
a.saveItem(id, follow)
// we are going to save only on accept so look at
// the http handler for the accept code
}()
}
}
return nil
}
// Unfollow the user declared by the iri in `user`
// this recreates the original follow activity
// , wraps it in an Undo activity, sets it's
// id to the id of the original Follow activity that
// was accepted when initially following that user
// (this is read from the `actor.following` map
func (a *Actor) Unfollow(user string){
log.Info("Unfollowing " + user)
// create an undo activiy
undo := make(map[string]interface{})
undo["@context"] = context()
undo["actor"] = a.iri
// find the id of the original follow
hash := a.following[user].(string)
follow := make(map[string]interface{})
follow["@context"] = context()
follow["actor"] = a.iri
follow["id"] = baseURL + "/item/" + hash
follow["object"] = user
follow["type"] = "Follow"
// add the properties to the undo activity
undo["object"] = follow
// get the remote user's inbox
remoteUser, err := NewRemoteActor(user)
if err != nil {
log.Info("Failed to contact remote actor")
return
}
// only if we're already following them
if _, ok := a.following[user]; ok {
PrettyPrint(undo)
go func() {
err := a.signedHTTPPost(undo, remoteUser.inbox)
if err != nil {
log.Info("Couldn't unfollow " + user)
log.Info(err)
return
}
// if there was no error then delete the follow
// from the list
delete(a.following, user)
a.save()
}()
}
}
// Announce this activity to our followers
func (a *Actor) Announce(url string) {
// our announcements are public. Public stuff have a "To" to the url below
toURL := "https://www.w3.org/ns/activitystreams#Public"
id, hash := a.newID()
announce := make(map[string]interface{})
announce["@context"] = context()
announce["id"] = id
announce["object"] = url
announce["actor"] = a.name
announce["to"] = toURL
// cc this to all our followers one by one
// I've seen activities to just include the url of the
// collection but for now this works.
// It seems that sharedInbox will be deprecated
// so this is probably a better idea anyway (#APConf)
announce["cc"] = a.followersSlice()
// add a timestamp
announce["published"] = time.Now().Format(time.RFC3339)
a.appendToOutbox(announce["id"].(string))
a.saveItem(hash, announce)
a.sendToFollowers(announce)
}
func (a *Actor) followersSlice() []string {
followersSlice := make([]string, len(a.followers))
for k := range a.followers {
followersSlice = append(followersSlice, k)
}
return followersSlice
}
// Accept a follow request
func (a *Actor) Accept(follow map[string]interface{}) {
// it's a follow, write it down
newFollower := follow["actor"].(string)
// check we aren't following ourselves
if newFollower == follow["object"] {
log.Info("You can't follow yourself")
return
}
follower, err := NewRemoteActor(follow["actor"].(string))
// check if this user is already following us
if _, ok := a.followers[newFollower]; ok {
log.Info("You're already following us, yay!")
// do nothing, they're already following us
} else {
a.NewFollower(newFollower, follower.inbox)
}
// send accept anyway even if they are following us already
// this is very verbose. I would prefer creating a map by hand
// remove @context from the inner activity
delete(follow, "@context")
accept := make(map[string]interface{})
accept["@context"] = "https://www.w3.org/ns/activitystreams"
accept["to"] = follow["actor"]
accept["id"], _ = a.newID()
accept["actor"] = a.iri
accept["object"] = follow
accept["type"] = "Accept"
if err != nil {
log.Info("Couldn't retrieve remote actor info, maybe server is down?")
log.Info(err)
}
// Maybe we need to save this accept?
go a.signedHTTPPost(accept, follower.inbox)
}