3 * @copyright Copyright (C) 2010-2023, the Friendica project
5 * @license GNU AGPL version 3 or any later version
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU Affero General Public License as
9 * published by the Free Software Foundation, either version 3 of the
10 * License, or (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Affero General Public License for more details.
17 * You should have received a copy of the GNU Affero General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
22 namespace Friendica\Protocol;
24 use Friendica\Core\Logger;
25 use Friendica\Core\Protocol;
26 use Friendica\Core\System;
27 use Friendica\Model\APContact;
28 use Friendica\Model\Contact;
29 use Friendica\Model\User;
30 use Friendica\Util\HTTPSignature;
31 use Friendica\Util\JsonLD;
32 use Friendica\Util\Network;
35 * ActivityPub Protocol class
37 * The ActivityPub Protocol is a message exchange protocol defined by the W3C.
38 * https://www.w3.org/TR/activitypub/
39 * https://www.w3.org/TR/activitystreams-core/
40 * https://www.w3.org/TR/activitystreams-vocabulary/
42 * https://blog.joinmastodon.org/2018/06/how-to-implement-a-basic-activitypub-server/
43 * https://blog.joinmastodon.org/2018/07/how-to-make-friends-and-verify-requests/
45 * Digest: https://tools.ietf.org/html/rfc5843
46 * https://tools.ietf.org/html/draft-cavage-http-signatures-10#ref-15
48 * Mastodon implementation of supported activities:
49 * https://github.com/tootsuite/mastodon/blob/master/app/lib/activitypub/activity.rb#L26
52 * http://docs-funkwhale-funkwhale-549-music-federation-documentation.preview.funkwhale.audio/federation/index.html
55 * - Polling the outboxes for missing content?
57 * Missing parts from DFRN:
64 const PUBLIC_COLLECTION = 'https://www.w3.org/ns/activitystreams#Public';
65 const CONTEXT = ['https://www.w3.org/ns/activitystreams', 'https://w3id.org/security/v1',
66 ['vcard' => 'http://www.w3.org/2006/vcard/ns#',
67 'dfrn' => 'http://purl.org/macgirvin/dfrn/1.0/',
68 'diaspora' => 'https://diasporafoundation.org/ns/',
69 'litepub' => 'http://litepub.social/ns#',
70 'toot' => 'http://joinmastodon.org/ns#',
72 "@id" => "toot:featured",
75 'schema' => 'http://schema.org#',
76 'manuallyApprovesFollowers' => 'as:manuallyApprovesFollowers',
77 'sensitive' => 'as:sensitive', 'Hashtag' => 'as:Hashtag',
78 'quoteUrl' => 'as:quoteUrl',
79 'conversation' => 'ostatus:conversation',
80 'directMessage' => 'litepub:directMessage',
81 'discoverable' => 'toot:discoverable',
82 'PropertyValue' => 'schema:PropertyValue',
83 'value' => 'schema:value',
85 const ACCOUNT_TYPES = ['Person', 'Organization', 'Service', 'Group', 'Application', 'Tombstone'];
87 * Checks if the web request is done for the AP protocol
89 * @return bool is it AP?
91 public static function isRequest(): bool
93 header('Vary: Accept', false);
95 $isrequest = stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/activity+json') ||
96 stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/json') ||
97 stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/ld+json');
100 Logger::debug('Is AP request', ['accept' => $_SERVER['HTTP_ACCEPT'], 'agent' => $_SERVER['HTTP_USER_AGENT'] ?? '']);
107 * Fetches ActivityPub content from the given url
109 * @param string $url content url
110 * @param integer $uid User ID for the signature
112 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
114 public static function fetchContent(string $url, int $uid = 0): array
116 return HTTPSignature::fetch($url, $uid);
119 private static function getAccountType(array $apcontact): int
123 switch($apcontact['type']) {
125 $accounttype = User::ACCOUNT_TYPE_PERSON;
128 $accounttype = User::ACCOUNT_TYPE_ORGANISATION;
131 $accounttype = User::ACCOUNT_TYPE_NEWS;
134 $accounttype = User::ACCOUNT_TYPE_COMMUNITY;
137 $accounttype = User::ACCOUNT_TYPE_RELAY;
140 $accounttype = User::ACCOUNT_TYPE_DELETED;
148 * Fetches a profile from the given url into an array that is compatible to Probe::uri
150 * @param string $url profile url
151 * @param boolean $update Update the profile
153 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
154 * @throws \ImagickException
156 public static function probeProfile(string $url, bool $update = true): array
158 $apcontact = APContact::getByURL($url, $update);
159 if (empty($apcontact)) {
163 $profile = ['network' => Protocol::ACTIVITYPUB];
164 $profile['nick'] = $apcontact['nick'];
165 $profile['name'] = $apcontact['name'];
166 $profile['guid'] = $apcontact['uuid'];
167 $profile['url'] = $apcontact['url'];
168 $profile['addr'] = $apcontact['addr'];
169 $profile['alias'] = $apcontact['alias'];
170 $profile['following'] = $apcontact['following'];
171 $profile['followers'] = $apcontact['followers'];
172 $profile['inbox'] = $apcontact['inbox'];
173 $profile['outbox'] = $apcontact['outbox'];
174 $profile['sharedinbox'] = $apcontact['sharedinbox'];
175 $profile['photo'] = $apcontact['photo'];
176 $profile['header'] = $apcontact['header'];
177 $profile['account-type'] = self::getAccountType($apcontact);
178 $profile['community'] = ($profile['account-type'] == User::ACCOUNT_TYPE_COMMUNITY);
179 // $profile['keywords']
180 // $profile['location']
181 $profile['about'] = $apcontact['about'];
182 $profile['xmpp'] = $apcontact['xmpp'];
183 $profile['matrix'] = $apcontact['matrix'];
184 $profile['batch'] = $apcontact['sharedinbox'];
185 $profile['notify'] = $apcontact['inbox'];
186 $profile['poll'] = $apcontact['outbox'];
187 $profile['pubkey'] = $apcontact['pubkey'];
188 $profile['subscribe'] = $apcontact['subscribe'];
189 $profile['manually-approve'] = $apcontact['manually-approve'];
190 $profile['baseurl'] = $apcontact['baseurl'];
191 $profile['gsid'] = $apcontact['gsid'];
193 if (!is_null($apcontact['discoverable'])) {
194 $profile['hide'] = !$apcontact['discoverable'];
197 // Remove all "null" fields
198 foreach ($profile as $field => $content) {
199 if (is_null($content)) {
200 unset($profile[$field]);
208 * Fetches activities from the outbox of a given profile and processes it
211 * @param integer $uid User ID
213 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
215 public static function fetchOutbox(string $url, int $uid)
217 $data = self::fetchContent($url, $uid);
222 if (!empty($data['orderedItems'])) {
223 $items = $data['orderedItems'];
224 } elseif (!empty($data['first']['orderedItems'])) {
225 $items = $data['first']['orderedItems'];
226 } elseif (!empty($data['first'])) {
227 self::fetchOutbox($data['first'], $uid);
233 foreach ($items as $activity) {
234 $ldactivity = JsonLD::compact($activity);
235 ActivityPub\Receiver::processActivity($ldactivity, '', $uid, true);
240 * Fetch items from AP endpoints
242 * @param string $url Address of the endpoint
243 * @param integer $uid Optional user id
244 * @return array Endpoint items
246 public static function fetchItems(string $url, int $uid = 0): array
248 $data = self::fetchContent($url, $uid);
253 if (!empty($data['orderedItems'])) {
254 $items = $data['orderedItems'];
255 } elseif (!empty($data['first']['orderedItems'])) {
256 $items = $data['first']['orderedItems'];
257 } elseif (!empty($data['first']) && is_string($data['first']) && ($data['first'] != $url)) {
258 return self::fetchItems($data['first'], $uid);
263 if (!empty($data['next']) && is_string($data['next'])) {
264 $items = array_merge($items, self::fetchItems($data['next'], $uid));
271 * Checks if the given contact url does support ActivityPub
273 * @param string $url profile url
274 * @param boolean $update true = always update, false = never update, null = update when not found or outdated
276 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
277 * @throws \ImagickException
279 public static function isSupportedByContactUrl(string $url, $update = null): bool
281 return !empty(APContact::getByURL($url, $update));
284 public static function isAcceptedRequester(int $uid = 0): bool
286 $called_by = System::callstack(1);
288 $signer = HTTPSignature::getSigner('', $_SERVER);
290 Logger::debug('No signer', ['uid' => $uid, 'agent' => $_SERVER['HTTP_USER_AGENT'] ?? '', 'called_by' => $called_by]);
294 $apcontact = APContact::getByURL($signer);
295 if (empty($apcontact)) {
296 Logger::debug('APContact not found', ['uid' => $uid, 'handle' => $signer, 'called_by' => $called_by]);
300 if (empty($apcontact['gsid'] || empty($apcontact['baseurl']))) {
301 Logger::debug('No server found', ['uid' => $uid, 'signer' => $signer, 'called_by' => $called_by]);
305 // Check added as a precaution. It should not occur.
306 if (Network::isUrlBlocked($apcontact['baseurl'])) {
307 Logger::info('Requesting domain is blocked', ['uid' => $uid, 'id' => $apcontact['gsid'], 'url' => $apcontact['baseurl'], 'signer' => $signer, 'called_by' => $called_by]);
311 $contact = Contact::getByURL($signer, false, ['id', 'baseurl', 'gsid']);
312 if (!empty($contact) && Contact\User::isBlocked($contact['id'], $uid)) {
313 Logger::info('Requesting contact is blocked', ['uid' => $uid, 'id' => $contact['id'], 'signer' => $signer, 'baseurl' => $contact['baseurl'], 'called_by' => $called_by]);
317 // @todo Look for user blocked domains
319 Logger::debug('Server is an accepted requester', ['uid' => $uid, 'id' => $contact['gsid'], 'url' => $contact['baseurl'], 'signer' => $signer, 'called_by' => $called_by]);