X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FProtocol%2FActivityPub%2FReceiver.php;h=6910ee11c227d175ad3eae2324a0ac097805f22e;hb=cc5e5be931bc21e44d0cb26778e8cc15be924e41;hp=d59a5da0ea8517564347b87eb0f9dcaab8e6ac4f;hpb=aa0b485f3dca72c5448076e913fa54d948cd7731;p=friendica.git diff --git a/src/Protocol/ActivityPub/Receiver.php b/src/Protocol/ActivityPub/Receiver.php index d59a5da0ea..6910ee11c2 100644 --- a/src/Protocol/ActivityPub/Receiver.php +++ b/src/Protocol/ActivityPub/Receiver.php @@ -33,7 +33,6 @@ use Friendica\Model\Item; use Friendica\Model\User; use Friendica\Protocol\Activity; use Friendica\Protocol\ActivityPub; -use Friendica\Util\DateTimeFormat; use Friendica\Util\HTTPSignature; use Friendica\Util\JsonLD; use Friendica\Util\LDSignature; @@ -59,6 +58,15 @@ class Receiver const CONTENT_TYPES = ['as:Note', 'as:Article', 'as:Video', 'as:Image', 'as:Event', 'as:Audio']; const ACTIVITY_TYPES = ['as:Like', 'as:Dislike', 'as:Accept', 'as:Reject', 'as:TentativeAccept']; + const TARGET_UNKNOWN = 0; + const TARGET_TO = 1; + const TARGET_CC = 2; + const TARGET_BTO = 3; + const TARGET_BCC = 4; + const TARGET_FOLLOWER = 5; + const TARGET_ANSWER = 6; + const TARGET_GLOBAL = 7; + /** * Checks if the web request is done for the AP protocol * @@ -80,16 +88,7 @@ class Receiver */ public static function processInbox($body, $header, $uid) { - $http_signer = HTTPSignature::getSigner($body, $header); - if (empty($http_signer)) { - Logger::warning('Invalid HTTP signature, message will be discarded.'); - return; - } else { - Logger::info('Valid HTTP signature', ['signer' => $http_signer]); - } - $activity = json_decode($body, true); - if (empty($activity)) { Logger::warning('Invalid body.'); return; @@ -99,12 +98,30 @@ class Receiver $actor = JsonLD::fetchElement($ldactivity, 'as:actor', '@id'); + $apcontact = APContact::getByURL($actor); + if (!empty($apcontact) && ($apcontact['type'] == 'Application') && ($apcontact['nick'] == 'relay')) { + self::processRelayPost($ldactivity); + return; + } + + $http_signer = HTTPSignature::getSigner($body, $header); + if (empty($http_signer)) { + Logger::warning('Invalid HTTP signature, message will be discarded.'); + return; + } else { + Logger::info('Valid HTTP signature', ['signer' => $http_signer]); + } + + $signer = [$http_signer]; + Logger::info('Message for user ' . $uid . ' is from actor ' . $actor); if (LDSignature::isSigned($activity)) { $ld_signer = LDSignature::getSigner($activity); if (empty($ld_signer)) { Logger::log('Invalid JSON-LD signature from ' . $actor, Logger::DEBUG); + } elseif ($ld_signer != $http_signer) { + $signer[] = $ld_signer; } if (!empty($ld_signer && ($actor == $http_signer))) { Logger::log('The HTTP and the JSON-LD signature belong to ' . $ld_signer, Logger::DEBUG); @@ -127,7 +144,50 @@ class Receiver $trust_source = false; } - self::processActivity($ldactivity, $body, $uid, $trust_source, true); + self::processActivity($ldactivity, $body, $uid, $trust_source, true, $signer); + } + + /** + * Process incoming posts from relays + * + * @param array $activity + * @return void + */ + private static function processRelayPost(array $activity) + { + $type = JsonLD::fetchElement($activity, '@type'); + if (!$type) { + Logger::info('Empty type', ['activity' => $activity]); + return; + } + + if ($type != 'as:Announce') { + Logger::info('Not an announcement', ['activity' => $activity]); + return; + } + + $object_id = JsonLD::fetchElement($activity, 'as:object', '@id'); + if (empty($object_id)) { + Logger::info('No object id found', ['activity' => $activity]); + return; + } + + Logger::info('Got relayed message id', ['id' => $object_id]); + + $item_id = Item::searchByLink($object_id); + if ($item_id) { + Logger::info('Relayed message already exists', ['id' => $object_id, 'item' => $item_id]); + return; + } + + Processor::fetchMissingActivity($object_id); + + $item_id = Item::searchByLink($object_id); + if ($item_id) { + Logger::info('Relayed message had been fetched and stored', ['id' => $object_id, 'item' => $item_id]); + } else { + Logger::notice('Relayed message had not been stored', ['id' => $object_id]); + } } /** @@ -186,29 +246,53 @@ class Receiver */ public static function prepareObjectData($activity, $uid, $push, &$trust_source) { + $id = JsonLD::fetchElement($activity, '@id'); + if (!empty($id) && !$trust_source) { + $fetched_activity = ActivityPub::fetchContent($id, $uid ?? 0); + if (!empty($fetched_activity)) { + $object = JsonLD::compact($fetched_activity); + $fetched_id = JsonLD::fetchElement($object, '@id'); + if ($fetched_id == $id) { + Logger::info('Activity had been fetched successfully', ['id' => $id]); + $trust_source = true; + $activity = $object; + } else { + Logger::info('Activity id is not equal', ['id' => $id, 'fetched' => $fetched_id]); + } + } else { + Logger::info('Activity could not been fetched', ['id' => $id]); + } + } + $actor = JsonLD::fetchElement($activity, 'as:actor', '@id'); if (empty($actor)) { - Logger::log('Empty actor', Logger::DEBUG); + Logger::info('Empty actor', ['activity' => $activity]); return []; } $type = JsonLD::fetchElement($activity, '@type'); // Fetch all receivers from to, cc, bto and bcc - $receivers = self::getReceivers($activity, $actor); + $receiverdata = self::getReceivers($activity, $actor); + $receivers = $reception_types = []; + foreach ($receiverdata as $key => $data) { + $receivers[$key] = $data['uid']; + $reception_types[$data['uid']] = $data['type'] ?? 0; + } // When it is a delivery to a personal inbox we add that user to the receivers if (!empty($uid)) { $additional = ['uid:' . $uid => $uid]; $receivers = array_merge($receivers, $additional); + if (empty($reception_types[$uid]) || in_array($reception_types[$uid], [self::TARGET_UNKNOWN, self::TARGET_FOLLOWER, self::TARGET_ANSWER, self::TARGET_GLOBAL])) { + $reception_types[$uid] = self::TARGET_BCC; + } } else { // We possibly need some user to fetch private content, // so we fetch the first out ot the list. $uid = self::getFirstUserFromReceivers($receivers); } - Logger::log('Receivers: ' . $uid . ' - ' . json_encode($receivers), Logger::DEBUG); - $object_id = JsonLD::fetchElement($activity, 'as:object', '@id'); if (empty($object_id)) { Logger::log('No object found', Logger::DEBUG); @@ -224,11 +308,8 @@ class Receiver // Fetch the content only on activities where this matters if (in_array($type, ['as:Create', 'as:Update', 'as:Announce'])) { - if ($type == 'as:Announce') { - $trust_source = false; - } - - $object_data = self::fetchObject($object_id, $activity['as:object'], $trust_source, $uid); + // Always fetch on "Announce" + $object_data = self::fetchObject($object_id, $activity['as:object'], $trust_source && ($type != 'as:Announce'), $uid); if (empty($object_data)) { Logger::log("Object data couldn't be processed", Logger::DEBUG); return []; @@ -248,9 +329,6 @@ class Receiver } else { $object_data['directmessage'] = JsonLD::fetchElement($activity, 'litepub:directMessage'); } - - // We had been able to retrieve the object data - so we can trust the source - $trust_source = true; } elseif (in_array($type, array_merge(self::ACTIVITY_TYPES, ['as:Follow'])) && in_array($object_type, self::CONTENT_TYPES)) { // Create a mostly empty array out of the activity data (instead of the object). // This way we later don't have to check for the existence of ech individual array element. @@ -290,6 +368,19 @@ class Receiver $object_data['actor'] = $actor; $object_data['item_receiver'] = $receivers; $object_data['receiver'] = array_merge($object_data['receiver'] ?? [], $receivers); + $object_data['reception_type'] = array_merge($object_data['reception_type'] ?? [], $reception_types); + + $author = $object_data['author'] ?? $actor; + if (!empty($author) && !empty($object_data['id'])) { + $author_host = parse_url($author, PHP_URL_HOST); + $id_host = parse_url($object_data['id'], PHP_URL_HOST); + if ($author_host == $id_host) { + Logger::info('Valid hosts', ['type' => $type, 'host' => $id_host]); + } else { + Logger::notice('Differing hosts on author and id', ['type' => $type, 'author' => $author_host, 'id' => $id_host]); + $trust_source = false; + } + } Logger::log('Processing ' . $object_data['type'] . ' ' . $object_data['object_type'] . ' ' . $object_data['id'], Logger::DEBUG); @@ -322,43 +413,49 @@ class Receiver * @param boolean $push Message had been pushed to our system * @throws \Exception */ - public static function processActivity($activity, $body = '', $uid = null, $trust_source = false, $push = false) + public static function processActivity($activity, string $body = '', int $uid = null, bool $trust_source = false, bool $push = false, array $signer = []) { $type = JsonLD::fetchElement($activity, '@type'); if (!$type) { - Logger::log('Empty type', Logger::DEBUG); + Logger::info('Empty type', ['activity' => $activity]); return; } if (!JsonLD::fetchElement($activity, 'as:object', '@id')) { - Logger::log('Empty object', Logger::DEBUG); + Logger::info('Empty object', ['activity' => $activity]); return; } - if (!JsonLD::fetchElement($activity, 'as:actor', '@id')) { - Logger::log('Empty actor', Logger::DEBUG); + $actor = JsonLD::fetchElement($activity, 'as:actor', '@id'); + if (empty($actor)) { + Logger::info('Empty actor', ['activity' => $activity]); return; } - // Don't trust the source if "actor" differs from "attributedTo". The content could be forged. - if ($trust_source && ($type == 'as:Create') && is_array($activity['as:object'])) { - $actor = JsonLD::fetchElement($activity, 'as:actor', '@id'); + if (is_array($activity['as:object'])) { $attributed_to = JsonLD::fetchElement($activity['as:object'], 'as:attributedTo', '@id'); - $trust_source = ($actor == $attributed_to); - if (!$trust_source) { - Logger::log('Not trusting actor: ' . $actor . '. It differs from attributedTo: ' . $attributed_to, Logger::DEBUG); + } else { + $attributed_to = ''; + } + + // Test the provided signatures against the actor and "attributedTo" + if ($trust_source) { + if (!empty($attributed_to) && !empty($actor)) { + $trust_source = (in_array($actor, $signer) && in_array($attributed_to, $signer)); + } else { + $trust_source = in_array($actor, $signer); } } // $trust_source is called by reference and is set to true if the content was retrieved successfully $object_data = self::prepareObjectData($activity, $uid, $push, $trust_source); if (empty($object_data)) { - Logger::log('No object data found', Logger::DEBUG); + Logger::info('No object data found', ['activity' => $activity]); return; } if (!$trust_source) { - Logger::log('No trust for activity type "' . $type . '", so we quit now.', Logger::DEBUG); + Logger::info('Activity trust could not be achieved.', ['id' => $object_data['object_id'], 'type' => $type, 'signer' => $signer, 'actor' => $actor, 'attributedTo' => $attributed_to]); return; } @@ -390,6 +487,11 @@ class Receiver $object_data['thread-completion'] = true; $item = ActivityPub\Processor::createItem($object_data); + if (empty($item)) { + return; + } + + $item['post-type'] = Item::PT_ANNOUNCEMENT; ActivityPub\Processor::postItem($object_data, $item); $announce_object_data = self::processObject($activity); @@ -498,18 +600,30 @@ class Receiver */ private static function getReceivers($activity, $actor, $tags = [], $fetch_unlisted = false) { - $receivers = []; + $reply = $receivers = []; // When it is an answer, we inherite the receivers from the parent $replyto = JsonLD::fetchElement($activity, 'as:inReplyTo', '@id'); if (!empty($replyto)) { + $reply = [$replyto]; + // Fix possibly wrong item URI (could be an answer to a plink uri) $fixedReplyTo = Item::getURIByLink($replyto); - $replyto = $fixedReplyTo ?: $replyto; + if (!empty($fixedReplyTo)) { + $reply[] = $fixedReplyTo; + } + } - $parents = Item::select(['uid'], ['uri' => $replyto]); + // Fetch all posts that refer to the object id + $object_id = JsonLD::fetchElement($activity, 'as:object', '@id'); + if (!empty($object_id)) { + $reply[] = $object_id; + } + + if (!empty($reply)) { + $parents = Item::select(['uid'], ['uri' => $reply]); while ($parent = Item::fetch($parents)) { - $receivers['uid:' . $parent['uid']] = $parent['uid']; + $receivers['uid:' . $parent['uid']] = ['uid' => $parent['uid'], 'type' => self::TARGET_ANSWER]; } } @@ -519,7 +633,7 @@ class Receiver Logger::log('Actor: ' . $actor . ' - Followers: ' . $followers, Logger::DEBUG); } else { - Logger::log('Empty actor', Logger::DEBUG); + Logger::info('Empty actor', ['activity' => $activity]); $followers = ''; } @@ -531,29 +645,17 @@ class Receiver foreach ($receiver_list as $receiver) { if ($receiver == self::PUBLIC_COLLECTION) { - $receivers['uid:0'] = 0; + $receivers['uid:0'] = ['uid' => 0, 'type' => self::TARGET_GLOBAL]; } // Add receiver "-1" for unlisted posts if ($fetch_unlisted && ($receiver == self::PUBLIC_COLLECTION) && ($element == 'as:cc')) { - $receivers['uid:-1'] = -1; - } - - if (($receiver == self::PUBLIC_COLLECTION) && !empty($actor)) { - // This will most likely catch all OStatus connections to Mastodon - $condition = ['alias' => [$actor, Strings::normaliseLink($actor)], 'rel' => [Contact::SHARING, Contact::FRIEND] - , 'archive' => false, 'pending' => false]; - $contacts = DBA::select('contact', ['uid'], $condition); - while ($contact = DBA::fetch($contacts)) { - if ($contact['uid'] != 0) { - $receivers['uid:' . $contact['uid']] = $contact['uid']; - } - } - DBA::close($contacts); + $receivers['uid:-1'] = ['uid' => -1, 'type' => self::TARGET_GLOBAL]; } + // Fetch the receivers for the public and the followers collection if (in_array($receiver, [$followers, self::PUBLIC_COLLECTION]) && !empty($actor)) { - $receivers = array_merge($receivers, self::getReceiverForActor($actor, $tags)); + $receivers = self::getReceiverForActor($actor, $tags, $receivers); continue; } @@ -581,7 +683,25 @@ class Receiver } } - $receivers['uid:' . $contact['uid']] = $contact['uid']; + $type = $receivers['uid:' . $contact['uid']]['type'] ?? self::TARGET_UNKNOWN; + if (in_array($type, [self::TARGET_UNKNOWN, self::TARGET_FOLLOWER, self::TARGET_ANSWER, self::TARGET_GLOBAL])) { + switch ($element) { + case 'as:to': + $type = self::TARGET_TO; + break; + case 'as:cc': + $type = self::TARGET_CC; + break; + case 'as:bto': + $type = self::TARGET_BTO; + break; + case 'as:bcc': + $type = self::TARGET_BCC; + break; + } + + $receivers['uid:' . $contact['uid']] = ['uid' => $contact['uid'], 'type' => $type]; + } } } @@ -599,16 +719,26 @@ class Receiver * @return array with receivers (user id) * @throws \Exception */ - public static function getReceiverForActor($actor, $tags) + private static function getReceiverForActor($actor, $tags, $receivers) { - $receivers = []; - $networks = Protocol::FEDERATED; - $condition = ['nurl' => Strings::normaliseLink($actor), 'rel' => [Contact::SHARING, Contact::FRIEND, Contact::FOLLOWER], - 'network' => $networks, 'archive' => false, 'pending' => false]; + $basecondition = ['rel' => [Contact::SHARING, Contact::FRIEND, Contact::FOLLOWER], + 'network' => Protocol::FEDERATED, 'archive' => false, 'pending' => false]; + + $condition = DBA::mergeConditions($basecondition, ['nurl' => Strings::normaliseLink($actor)]); + $contacts = DBA::select('contact', ['uid', 'rel'], $condition); + while ($contact = DBA::fetch($contacts)) { + if (empty($receivers['uid:' . $contact['uid']]) && self::isValidReceiverForActor($contact, $actor, $tags)) { + $receivers['uid:' . $contact['uid']] = ['uid' => $contact['uid'], 'type' => self::TARGET_FOLLOWER]; + } + } + DBA::close($contacts); + + // The queries are split because of performance issues + $condition = DBA::mergeConditions($basecondition, ["`alias` IN (?, ?)", Strings::normaliseLink($actor), $actor]); $contacts = DBA::select('contact', ['uid', 'rel'], $condition); while ($contact = DBA::fetch($contacts)) { - if (self::isValidReceiverForActor($contact, $actor, $tags)) { - $receivers['uid:' . $contact['uid']] = $contact['uid']; + if (empty($receivers['uid:' . $contact['uid']]) && self::isValidReceiverForActor($contact, $actor, $tags)) { + $receivers['uid:' . $contact['uid']] = ['uid' => $contact['uid'], 'type' => self::TARGET_FOLLOWER]; } } DBA::close($contacts); @@ -699,14 +829,14 @@ class Receiver } foreach ($receivers as $receiver) { - $contact = DBA::selectFirst('contact', ['id'], ['uid' => $receiver, 'network' => Protocol::OSTATUS, 'nurl' => Strings::normaliseLink($actor)]); + $contact = DBA::selectFirst('contact', ['id'], ['uid' => $receiver['uid'], 'network' => Protocol::OSTATUS, 'nurl' => Strings::normaliseLink($actor)]); if (DBA::isResult($contact)) { - self::switchContact($contact['id'], $receiver, $actor); + self::switchContact($contact['id'], $receiver['uid'], $actor); } - $contact = DBA::selectFirst('contact', ['id'], ['uid' => $receiver, 'network' => Protocol::OSTATUS, 'alias' => [Strings::normaliseLink($actor), $actor]]); + $contact = DBA::selectFirst('contact', ['id'], ['uid' => $receiver['uid'], 'network' => Protocol::OSTATUS, 'alias' => [Strings::normaliseLink($actor), $actor]]); if (DBA::isResult($contact)) { - self::switchContact($contact['id'], $receiver, $actor); + self::switchContact($contact['id'], $receiver['uid'], $actor); } } } @@ -778,18 +908,29 @@ class Receiver $data = ActivityPub\Transmitter::createNote($item); $object = JsonLD::compact($data); } + + $id = JsonLD::fetchElement($object, '@id'); + if (empty($id)) { + Logger::info('Empty id'); + return false; + } + + if ($id != $object_id) { + Logger::info('Fetched id differs from provided id', ['provided' => $object_id, 'fetched' => $id]); + return false; + } } else { Logger::log('Using original object for url ' . $object_id, Logger::DEBUG); } $type = JsonLD::fetchElement($object, '@type'); - if (empty($type)) { - Logger::log('Empty type', Logger::DEBUG); + Logger::info('Empty type'); return false; } - if (in_array($type, self::CONTENT_TYPES)) { + // We currently don't handle 'pt:CacheFile', but with this step we avoid logging + if (in_array($type, self::CONTENT_TYPES) || ($type == 'pt:CacheFile')) { $object_data = self::processObject($object); if (!empty($data)) { @@ -1189,7 +1330,16 @@ class Receiver $object_data = self::processAttachmentUrls($object, $object_data); } - $object_data['receiver'] = self::getReceivers($object, $object_data['actor'], $object_data['tags'], true); + $receiverdata = self::getReceivers($object, $object_data['actor'], $object_data['tags'], true); + $receivers = $reception_types = []; + foreach ($receiverdata as $key => $data) { + $receivers[$key] = $data['uid']; + $reception_types[$data['uid']] = $data['type'] ?? 0; + } + + $object_data['receiver'] = $receivers; + $object_data['reception_type'] = $reception_types; + $object_data['unlisted'] = in_array(-1, $object_data['receiver']); unset($object_data['receiver']['uid:-1']);